Frequently Asked Questions

The 21st Century Cures Act, signed by President Obama in 2016, calls on the Office of the National Coordinator for Health Information Technology (ONC) to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally.” The Sequoia Project serves as the ONC TEFCA Recognized Coordinating Entity® (RCESM) under a contract with ONC.

The overall goal for the Trusted Exchange Framework and Common AgreementSM (TEFCA SM) is to establish a universal floor for interoperability across the country. The Common Agreement will establish the infrastructure model and governing approach for users in different networks to securely share information with each other—all under commonly agreed-to expectations and rules and regardless of which network they happen to be in.

These Frequently Asked Questions address common stakeholder questions and will be updated regularly. You may submit a question to be considered for addition to this list by emailing rce@sequoiaproject.org.

The Common Agreement and related resources, including a User’s Guide, are posted to the RCE website. All capitalized terms below are specifically defined in the Common Agreement.

Section 1: Overall Process and Timeline

What is the purpose of the Trusted Exchange Framework and Common Agreement (TEFCA)?

TEFCA will support exchange of health information across stakeholders, consistent with Applicable Law. Voluntary participation in TEFCA will:

  • Enable providers to get the data they need to provide the best care possible for patients.
  • Provide individuals with easier access to their complete health history in one place.
  • Reduce burden for health plans and providers when sharing information to support care coordination, case management, and health plan operations.
  • Provide public health departments with more seamless access to the information they need and simplify connectivity for providers that currently expend tremendous resources connecting to numerous single-purpose public health reporting channels or report through non-digital means.

What is the role of the ONC TEFCA Recognized Coordinating Entity® (RCE)?

Under a contract with ONC, the RCE™:

  • Works with ONC to update, implement, and maintain the Common Agreement and Qualified Health Information Network (QHIN) Technical Framework;
  • Engages with stakeholders to obtain feedback;
  • Will Designate QHINs and monitor QHINs for compliance with the Common Agreement; and
  • Implements the governing approach and change management process in the Common Agreement.

What is a Qualified Health Information Network (QHIN)?

QHINs are networks that agree to the common terms and conditions for exchange with each other as specified in the Common Agreement and to the functional and technical requirements for exchange as specified in the QHIN Technical Framework or QTF. QHINs will be the central connection points for TEFCA exchange. They will route queries, responses, and messages among entities and individuals sharing information.

What is the Common Agreement?

The Common Agreement is a legal agreement signed by the RCE and each QHIN. It establishes the infrastructure model and governing approach for users in different Qualified Health Information Networks (QHINs) to securely share information with each other. Some provisions of the Common Agreement flow down to a QHIN’s Participants and Subparticipants via contracts. Those contracts are referred to as Framework Agreements.

What is the QHIN Technical Framework?

The QTF describes the technical specifications and functional requirements necessary for electronic health information exchange between QHINs. Like the Common Agreement, some requirements flow down to the QHINs’ Participants and Subparticipants The QTF is referenced in the Common Agreement.

When will the Common Agreement and QHIN Technical Framework be published?

The RCE has created a plan to facilitate stakeholder input to inform the Common Agreement and QHIN Technical Framework (QTF). Throughout Summer and Fall 2021, the RCE will lead several stakeholder opportunities where interested parties can share their input on the policies to be included in the final version of the Common Agreement Version 1, including, for example, policies regarding required and optional exchange purposes, privacy and security policies, required and optional exchange patterns, and incorporation of HL7® FHIR® in the QTF roadmap. The RCE will also publish an updated QTF for stakeholder input. This is a technical document that details the functional and technical requirements that QHINs must support. Our goal is to open up participation in the Common Agreement by Q1 of calendar year 2022.

What are the requirements to be a Qualified Health Information Network (QHIN)?

QHINs are expected to have key exchange infrastructure to be the backbone of nationwide TEFCA exchange. QHINs are highly reliable, secure central nodes that support a network of networks. Designated QHINs undergo a rigorous review by the RCE before being designated. Some examples of requirements to be a QHIN include:

  • Creation of a Designated Network Governance Body
  • Demonstration of compliance with the technical requirements in the QTF, including 12 months of prior experience supporting query functionality, as outlined in the QTF
  • Demonstration of the requisite financial and personnel resources to support QHIN obligations
  • Evidence of formalized privacy and security controls, including certification under a nationally recognized security framework

How will Qualified Health Information Networks (QHINs) be designated?

The RCE evaluates applicant QHINs via a rigorous process consistent with the Common Agreement and accompanying QHIN Application and QHIN Onboarding and Designation SOP. The process includes multiple phases that include extensive review of the policy, security, technical, and organizational factors necessary to meet the requirements to be designated as a QHIN. Applicants also undergo extensive testing in both pre-production and production settings before final designation.

Are there any Qualified Health Information Networks (QHINs) in existence today?

Only the RCE can designate a QHIN under TEFCA. The RCE opened the application in 2022 and has begun review of initial applicants.

Does TEFCA change the technical approach a Qualified Health Information Network (QHIN) uses to share information with its Participants?

The QHIN Technical Framework (QTF) establishes technical and functional requirements for electronic exchange of information among QHINs. Certain elements are so fundamental that they are specified within the QTF and may require a QHIN to alter its approach for sharing information within its network. For example, the QTF required that all communications use transport layer security (TLS) with mutual authentication. Beyond these types of elements identified in the QTF, each QHIN will be free to choose how it shares information with its Participants.

How does TEFCA support consumers’ access to their information?

TEFCA will make it easier for individuals to request and obtain their health information on their smartphones or via their patient portals. TEFCA exchange will provide the infrastructure to more readily enable individuals to access their information, from every connected provider and health plan, in one place.

TEFCA starts with document-based query and message delivery; what about the Health Level Seven (HL7®) International Fast Healthcare Interoperability Resources (FHIR®) standard?

FHIR® is not part of the first production version of the QHIN Technical Framework (QTF), as the FHIR® RESTful application programming interface (API) currently supports point-to-point exchange in most cases. The RCE is prioritizing the TEFCA FHIR Roadmap to deploy the standard in a network-to-network environment. The RCE is learning from activities to deploy FHIR® at scale (such as the FAST Initiative), which will inform future versions of the QTF. The RCE and ONC are planning a second update to the Common Agreement and QTF in Spring 2024 to restructure the Common Agreement and QTF to enable FHIR-based exchange.

What are Standard Operating Procedures (SOPs)?

SOPs provide additional details to support the Common Agreement and QTF and describe how certain policy requirements should be operationalized by QHINs, Participants, and Subparticipants. For example, the Exchange Purposes SOP provides additional detail concerning requirements in the Common Agreement related to sharing information for authorized exchange purposes.

How will the Common Agreement, QHIN Technical Framework (QTF), and Standard Operating Procedures (SOPs) be updated?

The Common Agreement, QTF, and SOPs will be updated over time to accommodate new technologies, requirements, or other changes necessary to support nationwide TEFCA exchange.

  • The Common Agreement v1 and QTF v1 were published on the RCE website in January 2023.
  • Common Agreement v1.1 were published on the Federal Register on November 7, 2023. The list of changes from v1 to v1.1 is available here.
  • QTF v1.1 is scheduled to be released in 2023.
  • The RCE and ONC are working on updates for Common Agreement v2, which is expected to be released in Spring 2024.
  • The RCE is developing a process for receiving ongoing feedback from the public.

The Common Agreement and SOPs set forth a change management process for all subsequent updates to the Common Agreement, QTF, and SOPs that leverages a formal governance structure managed by the RCE once TEFCA exchange is operational. The TEFCA Governing Council will be comprised of representatives from QHINs, Participants, and Subparticipants. More details on the composition and responsibilities of the Governing Council can be found here.

 

Who can participate in TEFCA and for what purposes?

Participation in TEFCA exchange is limited to the types of entities that are eligible to exchange information for one of the Exchange Purposes, using the definitions set out in the Common Agreement. Section 9 of the Common Agreement addresses Exchange Purposes, which include: Treatment, Payment, Health Care Operations, Public Health, Government Benefits Determination, and Individual Access Services.

How will TEFCA protect health information?

The Common Agreement and QTF include strong privacy and security protections that build on existing requirements, such as those in the HIPAA Privacy and Security Rules. TEFCA Privacy and Security requirements generally apply to all TEFCA exchange participants, whether or not they are Covered Entities or Business Associates under HIPAA.

Stay Connected

Complete the form below and join our mailing list.