ONC Releases Interoperability Frameworks | Privacy Law Blog


The 21st Century Cures Act directed the National Coordinator to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally.” Fulfilling that mandate, the Office of the National Coordinator (“ONC”) for Health Information Technology released the “Trusted Exchange Framework and the Common Agreement” for health record interoperability. The two documents, titled “Trusted Exchange Framework, Common Agreement – Version 1” (“TEFCA”), and “Trusted Exchange Framework: Principles for Trusted Exchange” (“Principles”) were published on January 18, 2022. The purpose of the Principles is to create a non-binding set of common principles for the exchange of health information and the TEFCA memorializes the technical infrastructure and governance for the different networks and their users to securely share information with each other – all under a common framework. By signing the TEFCA and adhering to the Principles, entities can be designated as Qualified Health Information Networks (“QHIN”). A QHIN is a network of organizations certified by the ONC to work together to share data. QHINs will connect directly to each other to ensure interoperability between the networks they represent. With the release of these two documents, entities can now begin reviewing the requirements and considering whether to apply.

In addition, the TEFCA Health Level Seven (“HL7”) Fast Healthcare Interoperability Resource (“FHIR”) Roadmap (“TEFCA FHIR Roadmap”) has been released, which sets forth how TEFCA will accelerate the adoption of FHIR-based exchange across the industry.

Principles

Following are the seven principles that will help facilitate the exchange of information among health networks:

  1. Standardization. Health information networks should prioritize federally recognized and industry recognized technical standards, policies, best practices, and procedures.
  2. Openness and transparency. Health information networks should conduct activities openly and transparently, wherever possible.
  3. Cooperation and Non-discrimination. Health information networks should collaborate with stakeholders across the continuum of care to electronically exchange digital health information, even when a stakeholder may be a business competitor.
  4. Privacy, Security, and Safety. Health information networks should exchange digital health information in a manner that supports privacy; ensures data confidentiality, integrity, and availability; and promotes patient safety.
  5. Access. Health information networks should ensure that Individuals and their authorized caregivers have easy access to their digital health information and understand how it has been used or disclosed and HINs should comply with civil rights obligations on accessibility.
  6. Equity. Health information networks should consider the impacts of interoperability on different populations and throughout the lifecycle of the activity.
  7. Public Health. Health information networks should support public health authorities and population-level use cases to enable the development of a learning health system that improves the health of the population and lowers the cost of care.

 Common Agreement

The TEFCA operationalizes the principles above by binding its signatories to a detailed infrastructure which allows different networks to securely share basic clinical information with each other. The major obligations of the agreement are demonstrating the ability to send and receive information with various upstream and downstream entities. Affirmative covenants in the agreement include security, privacy, and respecting data rights of individual patients. There are also negative covenants such as non-exclusivity and non-discrimination with respect to the sharing of data. By signing the 63-page agreement and following its obligations a health information network becomes designated as a Qualified Health Information Network.

Proskauer attorneys are following the developments related to the sharing of health information amongst the various healthcare stakeholders and are here to assist organizations navigate this complicated and important landscape.



Source link

Author: Proskauer Privacy Law

Leave a Reply

Your email address will not be published. Required fields are marked *