Frequently Asked Questions

The 21^st Century Cures Act, signed by President Obama in 2016, calls on the Office of the National Coordinator for Health Information Technology (ONC) to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally.” The Sequoia Project serves as the ONC TEFCA Recognized Coordinating Entity^® (RCE^SM) under a contract with ONC.

The overall goal for the Trusted Exchange Framework and Common Agreement^SM (TEFCA^SM) is to establish a universal floor for interoperability across the country. The Common Agreement will establish the infrastructure model and governing approach for users in different networks to securely share information with each other—all under commonly agreed-to expectations and rules and regardless of which network they happen to be in.

These Frequently Asked Questions address common stakeholder questions and will be updated regularly. You may submit a question to be considered for addition to this list by emailing rce@sequoiaproject.org.

The Common Agreement and related resources, including a User’s Guide, are posted to the RCE website. All capitalized terms below are specifically defined in the Common Agreement.

TEFCA is Live

What does it mean for TEFCA^℠ to be “live”?

TEFCA went live in December 2023. This means that:

QHINs^™ are now live. This means that QHINs have completed all of the steps, including technical testing, that are needed to be designated by the RCE^™ and to engage in exchange under a single set of rules that are laid out in the Common Agreement. The rules create trust by addressing things like:

- The purposes for which information can be shared
- Expectations for response to queries
- How information will be kept private and secure
- Oversight of TEFCA exchange

The RCE is now hosting a directory that allows QHINs to identify other QHINs, as well as Participants and Subparticipants, to send messages to and query for data.
Additional QHINs will be designated by the RCE as they are ready.

Can Participants/Subparticipants participate in TEFCA^℠ through more than one QHIN^™?

To limit the risk of duplicative information being shared via TEFCA exchange, Common Agreement Version 1.1 does not allow duplicative entries in the RCE^™ Directory Service at the entity level for Participants and Subparticipants. Therefore, only one QHIN may list an entity as its Participant or Subparticipant. However, as part of Common Agreement Version 2 currently under development, the RCE and ONC are considering how to accommodate entities that may want to connect multiple, unique data systems to TEFCA exchange through multiple, unique entries in the RCE Directory Service either through a single QHIN or multiple QHINs.

What is the RCE^™ Directory Service?

The RCE maintains a secure server where QHINs^™ publish electronic endpoints and other necessary information about all entities that participate in TEFCA^℠ exchange. All QHINs have access to this information to enable their Participants and Subparticipants to locate where information can be shared or requested via TEFCA exchange. The information in the RCE Directory is considered confidential information and is not shared publicly.

How will TEFCA^℠ be governed and what is the timeline to establish the governance process?

Common Agreement v1.1 and the TEFCA Governing Council Standard Operating Procedure (SOP) lay out the governance mechanisms for TEFCA exchange.

A Transitional Council will be established in early 2024 and operate for twelve months. During that time, a permanent Governing Council will be established. The work of the Governing Council will be supported by a QHIN^™ Caucus, Participant/Subparticipant Caucus, and, as appropriate, Advisory Groups on specific topics.

Both the Transitional and Governing Councils will, among other duties:

Serve as a resource to the RCE^™ and as a forum for orderly and civil discussion of any issues affecting TEFCA exchange;
Support the RCE in its work to monitor TEFCA exchange on behalf of ONC;

Provide advice to the RCE regarding issues before they become Disputes and are escalated to the formal Dispute Resolution Process; and
Review proposed amendments to the Common Agreement, QHIN Technical Framework and SOPs and provide feedback to the RCE on proposed changes.

Will TEFCA^℠ exchange include all data elements in the USCDI? What will happen as additional versions of USCDI are adopted through regulations?

The QHIN^™ Technical Framework (QTF) states that all C-CDA 2.1 format documents adhering to the Continuity of Care Document template must include all appropriate data classes and elements from the United States Core Data for Interoperability (USCDI) v1, when data are available. The RCE^™ will determine requirements for referencing newer versions of the USCDI as they are released and adopted by ONC through regulation. For FHIR-based exchange in TEFCA, the QTF will reference the appropriate US Core FHIR Implementation Guide, in accordance with ONC regulation. It is important to note that exchange within TEFCA is not limited to the USCDI and may go beyond the data classes and elements listed in any particular version of the USCDI.

How will TEFCA^℠ handle data provenance?

The QHIN^™ Technical Framework (QTF) requires the use of specific data fields and standards that will be included in TEFCA transactions to identify Query, Responding, and Message Sources. This will allow entities participating in TEFCA exchange to determine from where queries and responses originate and incorporate this information into their own systems as appropriate. Information shared via TEFCA exchange, such as C-CDA 2.1 format documents, may include additional information about provenance. The QTF also includes audit requirements for QHINs.

Does a QHIN^™ need to support all of the TEFCA^℠ Exchange Purposes?

Each QHIN must support TEFCA exchange for all authorized Exchange Purposes under Common Agreement Version 1.1 (Treatment, Individual Access Services, Payment, Health Care Operations, Public Health, and Government Benefits Determination). This means that they must have the technical capability to enable themselves and their Participants/Subparticipants to receive and respond to queries for all of the authorized Exchange Purposes even if the QHIN and its Participants/Subparticipants do not initiate or respond to transactions for all of the Exchange Purposes in production. QHINs, Participants, and Subparticipants must respond to any requests transmitted for Exchange Purposes that are identified as having a “required” response in the Exchange Purposes SOP (currently responses are required for Treatment and Individual Access Services).

What is the maturation path for FHIR-based exchange in TEFCA^℠?

The FHIR Roadmap Version 2.0 includes four stages of FHIR availability in TEFCA exchange:

Stage 1: FHIR Content Support: QHIN^™-brokered exchange of FHIR payloads between QHINs is available (Common Agreement Version 1.1, 2023 and QHIN Technical Framework Version 1.1, 2023).
Stage 2: QHIN-Facilitated FHIR Exchange: QHIN support for facilitated FHIR API exchange is required. Participant and Subparticipant exchange via FHIR APIs is available (Anticipated in Common Agreement Version 2.0, 2024 and the QTF Version 2.0, 2024).
Stage 3: QHIN-to-QHIN FHIR Exchange: Support for exchange between QHINs via FHIR APIs is required.
Stage 4: End-to-End FHIR Exchange: Support for QHIN-brokered FHIR Exchange between Participants and Subparticipants is required.

What must TEFCA^℠ Participants and Subparticipants do to participate in TEFCA exchange?

To participate in TEFCA exchange, entities other than QHINs^™ must:

- Be connected into TEFCA exchange through a QHIN. This can be through a direct connection to a QHIN or through a health information network or technology provider that is already connected to a QHIN.
- Sign a Framework Agreement that binds all parties to the agreement to required flow-down provisions of the Common Agreement.
- Be listed in the RCE^™ Directory Services by their QHIN.

Overall Process and Timeline

How will TEFCA^℠ protect health information?

The Common Agreement and QTF include strong privacy and security protections that build on existing requirements, such as those in the HIPAA Privacy and Security Rules. TEFCA^℠ Privacy and Security requirements generally apply to all TEFCA^℠ exchange participants, whether or not they are Covered Entities or Business Associates under HIPAA.

Who can participate in TEFCA^℠ and for what purposes?

Participation in TEFCA exchange is limited to the types of entities that are eligible to exchange information for one of the Exchange Purposes, using the definitions set out in the Common Agreement. Section 9 of the Common Agreement addresses Exchange Purposes, which include: Treatment, Payment, Health Care Operations, Public Health, Government Benefits Determination, and Individual Access Services.

How will the Common Agreement, QHIN Technical Framework (QTF), and Standard Operating Procedures (SOPs) be updated?

The Common Agreement, QTF, and SOPs will be updated over time to accommodate new technologies, requirements, or other changes necessary to support nationwide TEFCA exchange.

The Common Agreement v1 and QTF v1 were published on the RCE^™ website in January 2023.
Common Agreement v1.1 were published on the Federal Register on November 7, 2023. The list of changes from v1 to v1.1 is available here.
QTF v1.1 is scheduled to be released in 2023.
The RCE^™ and ONC are working on updates for Common Agreement v2, which is expected to be released in Spring 2024.
The RCE^™ is developing a process for receiving ongoing feedback from the public.

The Common Agreement and SOPs set forth a change management process for all subsequent updates to the Common Agreement, QTF, and SOPs that leverages a formal governance structure managed by the RCE^™ once TEFCA^℠ exchange is operational. The TEFCA^℠ Governing Council will be comprised of representatives from QHINs, Participants, and Subparticipants. More details on the composition and responsibilities of the Governing Council can be found here.

What are Standard Operating Procedures (SOPs)?

SOPs provide additional details to support the Common Agreement and QTF and describe how certain policy requirements should be operationalized by QHINs, Participants, and Subparticipants. For example, the Exchange Purposes SOP provides additional detail concerning requirements in the Common Agreement related to sharing information for authorized exchange purposes.

TEFCA^℠ starts with document-based query and message delivery; what about the Health Level Seven (HL7®) International Fast Healthcare Interoperability Resources (FHIR®) standard?

FHIR® is not part of the first production version of the QHIN^™ Technical Framework (QTF), as the FHIR® RESTful application programming interface (API) currently supports point-to-point exchange in most cases. The RCE^™ is prioritizing the TEFCA FHIR Roadmap to deploy the standard in a network-to-network environment. The RCE is learning from activities to deploy FHIR® at scale (such as the FAST Initiative), which will inform future versions of the QTF. The RCE and ONC are planning a second update to the Common Agreement and QTF in Spring 2024 to restructure the Common Agreement and QTF to enable FHIR-based exchange.

How does TEFCA^℠ support consumers’ access to their information?

TEFCA will make it easier for individuals to request and obtain their health information on their smartphones or via their patient portals. TEFCA exchange will provide the infrastructure to more readily enable individuals to access their information, from every connected provider and health plan, in one place.

Does TEFCA^℠ change the technical approach a Qualified Health Information Network^™ (QHIN^™) uses to share information with its Participants?

The QHIN Technical Framework (QTF) establishes technical and functional requirements for electronic exchange of information among QHINs. Certain elements are so fundamental that they are specified within the QTF and may require a QHIN to alter its approach for sharing information within its network. For example, the QTF required that all communications use transport layer security (TLS) with mutual authentication. Beyond these types of elements identified in the QTF, each QHIN will be free to choose how it shares information with its Participants.

Are there any Qualified Health Information Networks^™ (QHINs^™) in existence today?

Only the RCE^™ can designate a QHIN^™ under TEFCA^℠. The RCE^™ opened the application in 2022 and has begun review of initial applicants.

How will Qualified Health Information Networks^™ (QHINs^™) be designated?

The RCE^™ evaluates applicant QHINs via a rigorous process consistent with the Common Agreement and accompanying QHIN Application and QHIN Onboarding and Designation SOP. The process includes multiple phases that include extensive review of the policy, security, technical, and organizational factors necessary to meet the requirements to be designated as a QHIN. Applicants also undergo extensive testing in both pre-production and production settings before final designation.

What are the requirements to be a Qualified Health Information Network^™ (QHIN^™)?

QHINs are expected to have key exchange infrastructure to be the backbone of nationwide TEFCA^℠ exchange. QHINs are highly reliable, secure central nodes that support a network of networks. Designated QHINs undergo a rigorous review by the RCE^™ before being designated. Some examples of requirements to be a QHIN include:

Creation of a Designated Network Governance Body
Demonstration of compliance with the technical requirements in the QTF, including 12 months of prior experience supporting query functionality, as outlined in the QTF
Demonstration of the requisite financial and personnel resources to support QHIN obligations
Evidence of formalized privacy and security controls, including certification under a nationally recognized security framework

When will the Common Agreement and QHIN^™ Technical Framework be published?

The RCE^™ has created a plan to facilitate stakeholder input to inform the Common Agreement and QHIN^™ Technical Framework (QTF). Throughout Summer and Fall 2021, the RCE will lead several stakeholder opportunities where interested parties can share their input on the policies to be included in the final version of the Common Agreement Version 1, including, for example, policies regarding required and optional exchange purposes, privacy and security policies, required and optional exchange patterns, and incorporation of HL7® FHIR® in the QTF roadmap.

The RCE will also publish an updated QTF for stakeholder input. This is a technical document that details the functional and technical requirements that QHINs must support.

Our goal is to open up participation in the Common Agreement by Q1 of calendar year 2022.

What is the QHIN^™ Technical Framework?

The QTF describes the technical specifications and functional requirements necessary for electronic health information exchange between QHINs^™. Like the Common Agreement, some requirements flow down to the QHINs^™’ Participants and Subparticipants The QTF is referenced in the Common Agreement.

What is the Common Agreement?

The Common Agreement is a legal agreement signed by the RCE^™ and each QHIN^™. It establishes the infrastructure model and governing approach for users in different Qualified Health Information Networks^™ (QHINs^™) to securely share information with each other. Some provisions of the Common Agreement flow down to a QHIN^™’s Participants and Subparticipants via contracts. Those contracts are referred to as Framework Agreements.

What is a Qualified Health Information Network^™ (QHIN^™)?

QHINs^™ are networks that agree to the common terms and conditions for exchange with each other as specified in the Common Agreement and to the functional and technical requirements for exchange as specified in the QHIN^™ Technical Framework or QTF. QHINs^™ will be the central connection points for TEFCA^℠ exchange. They will route queries, responses, and messages among entities and individuals sharing information.

What is the role of the ONC TEFCA^℠ Recognized Coordinating Entity^® (RCE^™)?

Under a contract with ONC, the RCE^™:

Works with ONC to update, implement, and maintain the Common Agreement and Qualified Health Information Network^™ (QHIN^™) Technical Framework;
Engages with stakeholders to obtain feedback;
Will Designate QHINs^™ and monitor QHINs^™ for compliance with the Common Agreement; and
Implements the governing approach and change management process in the Common Agreement.

What is the purpose of the Trusted Exchange Framework and Common Agreement^℠ (TEFCA^℠)?

TEFCA^℠ will support exchange of health information across stakeholders, consistent with Applicable Law. Voluntary participation in TEFCA^℠ will:

Enable providers to get the data they need to provide the best care possible for patients.
Provide individuals with easier access to their complete health history in one place.
Reduce burden for health plans and providers when sharing information to support care coordination, case management, and health plan operations.
Provide public health departments with more seamless access to the information they need and simplify connectivity for providers that currently expend tremendous resources connecting to numerous single-purpose public health reporting channels or report through non-digital means.

Frequently Asked Questions

TEFCA is Live

Overall Process and Timeline

Section 3: Title Goes Here

Stay Connected