The U.S. Department of Health and Human Services announced that ONC published the Trusted Exchange Framework, Common Agreement - Version 1, and Qualified Health Information NetworkTM (QHINTM) Technical Framework - Version 1 on January 19, 2022. Entities considering seeking QHIN status can now review the requirements and determine whether they would like to apply. Check out ONC's Health IT Buzz Blog and press release for more on the announcement.
The Trusted Exchange Framework and Common AgreementSM (TEFCASM) network has 3 goals: (1) to establish a universal governance, policy, and technical floor for nationwide interoperability; (2) to simplify connectivity for organizations to securely exchange information to improve patient care, enhance the welfare of populations, and generate health care value; and (3) to enable individuals to gather their health care information.
TEFCATM Components
Common Agreement
The Common Agreement is the legal contract that the Recognized Coordinating Entity® (RCESM) organization will sign with each QHIN organization. It defines the baseline legal and technical requirements for secure information sharing on a nationwide scale. The Common Agreement also establishes the infrastructure model and governing approach to enable users in different health information networks (HINs) to securely share information with each other—all under commonly agreed-to expectations and regardless of which network they happen to be in.
Trusted Exchange Framework
The Trusted Exchange Framework is a common set of principles designed to facilitate trust between HINs and by which HINs voluntarily elect to abide to enable widespread information exchange. These principles are standardization; openness and transparency; cooperation and non-discrimination; privacy, security, and safety; access; equity; and public health.
QHIN Technical Framework (QTF)
The QTF [PDF - 1034KB] focuses on the technical components for exchange among QHINs, including, but not limited to, patient identity resolution, authentication, and performance measurement. The QTF requirements are incorporated by reference into the Common Agreement.
TEFCATM Organizations
Recognized Coordinating Entity® (RCETM) Organization
The RCE organization developed, updates, implements, and maintains the Common Agreement. It is also responsible for soliciting and reviewing applications from HINs seeking QHIN status and administering the QHIN designation and monitoring processes. The Sequoia Project currently serves as the RCE organization under a contract with ONC.
Qualified Health Information NetworkTM (QHINTM) Organizations
A QHIN organization is a HIN that is a U.S. Entity that has been designated and is a party to the Common Agreement countersigned by the RCE organization. A QHIN organization has the technical capabilities and organizational attributes to connect HINs on a nationwide scale. Participants and Subparticipants will be able to choose their QHIN organization based on the services provided and fees charged. Participants and Subparticipants will be able to share information with all other connected entities regardless of which QHIN organization they choose.
TEFCASM Exchange
TEFCASM Exchange Purposes
Currently, the TEFCA network will support exchange for six Exchange Purposes: Treatment; Payment; Health Care Operations; Public Health; Government Benefits Determination; and Individual Access Services (IAS). This means TEFCA entities are optionally allowed to request for or respond to any of these purposes. As a starting point, the TEFCA network will only require responses for Treatment and IAS. Over time, responses will be required for the remaining Exchange Purposes. Other Exchange Purposes may be added.
Privacy and Security
The Common Agreement requires strong privacy and security protections for all entities who elect to participate in the TEFCA network, including entities not covered by HIPAA. Most connected entities will be HIPAA Covered Entities or Business Associates of Covered Entities, and thus will already be required to comply with HIPAA privacy and security requirements. The Common Agreement requires each non-HIPAA entity that participates in the TEFCA network to protect individually identifiable information that it reasonably believes is TEFCA Information in substantially the same manner that HIPAA Covered Entities protect Protected Health Information (PHI), including having to comply with the HIPAA Security Rule and most provisions of the HIPAA Privacy Rule as if they were covered by the HIPAA Rules.
To view all TEFCA documents, register for educational sessions, and review requirements for QHIN designation, please visit the RCE website at RCE.SequoiaProject.org.
TEFCATM Implementation
On February 13, 2023, HHS recognized the first set of applicant organizations approved for QHINTM onboarding under the TEFCA network. Following this approval, the organizations officially began the onboarding process and committed to meeting a 12-month go-live timeline and, if successful, will be designated as QHIN organizations. At this event, HHS Secretary Becerra recognized these organizations for their willingness to voluntarily step up and meet the demanding TEFCA eligibility requirements for TEFCA participation.
National Coordinator Micky Tripathi and Office of Policy Executive Director Elise Anthony both blogged about the event. Watch the full event
There are currently seven organizations that have begun the QHIN entity onboarding process:
- CommonWell Health Alliance
- eHealth Exchange
- Epic Nexus
- Health Gorilla
- Kno2
- KONZA National Network
- MedAllies
Publication of the Trusted Exchange Framework and the Common Agreement
Section 4003(b) of the 21st Century Cures Act requires the National Coordinator to publish the Trusted Exchange Framework and the Common Agreement on its public Internet website and in the Federal Register. In accordance with Section 4003(b), links to the Trusted Exchange Framework and the Common Agreement are below:
- Common Agreement for Nationwide Health Information Interoperability - Version 1 [PDF - 814 KB]
- Trusted Exchange Framework - Final [PDF - 292 KB]
In addition, the Trusted Exchange Framework and the Common Agreement were published in the Federal Register on January 18, 2022.