Abigael Grippe

TEFCA: Everything Healthcare Organizations Need to Know

September 29, 2021

Skip to: 

A patient walks into a Northern California practice. She’s visiting from Connecticut, in town for a few weeks to see her daughter. Of course, all of her medical records are with her primary care provider back home on the other side of the country… but right now, she’s in the clinic and she needs medical care. 

Imagine that with just a few keystrokes, that office can securely and instantly access the patient’s health information in real-time, providing her with quick, efficient care. That interoperability is the goal of the Trusted Exchange Framework and Common Agreement. Known as TEFCA, this initiative will enable the exchange of electronic health information across networks on a national scale. 

TEFCA is expected to go live in early 2022. To prepare, healthcare providers must adopt TEFCA health IT solutions that support secure, universal access to electronic health records, and patient data. The following overview will help your organization assess how to prepare. 

Here’s what you need to know about the Trusted Exchange Framework and Common Agreement. 

What is TEFCA? 

The Trusted Exchange Framework and Common Agreement was developed, in part, to create a nationwide system that safely and easily shares healthcare information. For years, many healthcare providers, health plans and patients alike have wished for a system that allows for secure, universal access to electronic health information (EHI) when it’s most needed, no matter where the provider or patient are. 

Many providers — almost 95 percent of hospitals and 90 percent of office-based physicians — already use electronic health records (EHR). And some already belong to health information networks (HINs) that allow for the exchange of records between providers and other stakeholders. In fact, over 100 regional health information exchanges and numerous national-level organizations currently offer data sharing. 

Unfortunately, connectivity between HINs isn’t universal, or even consistent. Varying participation rates and different data usage agreements lead to gaps. 

This fragmentation is costly and time-consuming, and forces healthcare providers, patients, and HINs to use multiple types of data exchange. Surveys indicate that most hospitals use at least three methods to exchange data, while 30 percent have to use five or more methods. The status quo isn’t particularly efficient, cost-effective, or convenient. 

A national health information exchange (HIE) would solve this problem. Such a system would serve as a framework to connect healthcare providers — and facilitate the secure exchange of data between them — on a national level. That’s where TEFCA comes in. 

Achieving that desirable interoperability is a goal of the 21st Century Cures Act. Passed by Congress in 2016, the so-called “Cures Act” aims to define a common set of data standards, using technology in order to quickly and efficiently provide new healthcare innovations to patients. An integral piece of the Cures Act lies in the Trusted Exchange Framework and Common Agreement. 

The TEFCA initiative is designed to allow for the exchange of electronic health information on a national scale. Essentially, TEFCA will establish a single “on-ramp” for data exchange through the adoption of a single, universal framework. 

TEFCA was developed by the Office of the Coordinator for Health Information Technology (ONC), part of the U.S. Department of Health and Human Services (HHS), under Title IV of the Cures Act. The Act calls for the development of a “trusted exchange framework” that includes a national, common agreement among HINs. Main goals include: 

  • Creating an “on-ramp” that offers national connectivity to health care records 
  • Allowing electronic health information to follow patients wherever they are 
  • Implementing a nationally scalable system 

TEFCA drafts were released in 2018 and 2019. In July 2021, ONC announced that TEFCA will go live in early 2022. 

Which entities will benefit from TEFCA? Health care providers, payers, state agencies, public health professionals, patients and other stakeholders will all be able to take advantage of the policies, technical specifications and network connectivity requirements laid out by TEFCA. Participants will have the ability to send and receive electronic health information seamlessly. 

This is in stark contrast to the current situation, in which most stakeholders have to participate in multiple networks to get the information they need. In contrast, joining a HIN that participates in the network created by TEFCA will facilitate access to and exchange of information from multiple sources, all from a single access point. 

How Will TEFCA Work? 

TEFCA is structured around three main goals:  

  • national connectivity 
  • portable electronic health information 
  • national scalability 

To meet these goals, TEFCA will offer a single “on-ramp” where networks can connect to provide patients with secure access to their information when they need it, all in one place. TEFCA will scale interoperability nationwide by standardizing legal and technical requirements, allowing the system to work across disparate networks. 

TEFCA Structure 

TEFCA is set up to function as a “network of networks.” This allows for multiple points of entry for many types of participants and stakeholders. TEFCA participants may include: 

TEFCA implementation is governed by ONC and a chosen Recognized Coordinating Entity (RCE). In 2019, the ONC contracted the Sequoia Project to serve as RCE to administer and implement TEFCA. 

The RCE will choose HINs to become Qualified Health Information Networks (QHINs). A QHIN is a network of organizations that cooperate with each other in order to share data. To qualify, QHINs must have the technical capacity to connect participants nationwide and meet certain standards and requirements. 

Under the RCE’s administrative umbrella, the QHINs will connect to each other through connectivity brokers. These brokers offer a number of functions to participants, which may include record locator services, broadcast and directed queries, a master patient index, and more. 

Participants in the QHIN may be HINs, electronic health record vendors, and other organizations or entities. The participants and QHINs serve end users, or individuals or entities who need to access patient health information. Together, these connections form the core of a national, interoperable system. 

TEFCA Components 

TEFCA has two components: a Trust Exchange Framework and a Common Agreement. The Trusted Exchange Framework details standards that networks must adhere to when sharing data. The Common Agreement is a legal agreement that governs data sharing between networks. 

The Trust Exchange Framework provides a set of principles to serve as “guard rails” for organizations that exchange health information. These common principles are based on: 

  • access 
  • cooperation and non-discrimination 
  • data-driven accountability 
  • privacy, security and patient safety 
  • standardization 
  • transparency 

QHINs must abide by the principles in order to participate in data exchange. While non-binding, these principles are designed to increase trust. 

The Common Agreement details the specific terms and conditions that will govern the activities of QHINs. These entities will act as neutral coordinators or brokers, connecting to each other to provide the on-ramp that allows healthcare stakeholders to participate in the nationwide information exchange. 

As the contracted RCE, The Sequoia Group works with the ONC to develop, update and implement the Common Agreement. In its current iteration, QHINs can voluntarily agree to the terms of the Common Agreement, which include: 

  • Minimum mandatory terms and conditions to which QHINs agree to comply 
  • Additional terms and conditions to facilitate a data-sharing agreement, such as fee schedules, audit procedures, non-compliance arbitration and more 
  • Technical framework that covers technology policies and expectations for participating QHINs 

What Is the Timeline for TEFCA? 

In July 2021, the ONC announced that TEFCA would go live in 2022. The final versions of the Trusted Exchange Framework, Common Agreement and QHIN technical framework are slated for completion in the first quarter of 2022. After this, HINs can start applying for QHIN status and, once selected, begin sharing data. 

Other milestones on the ONC’s projected timeline include public engagement webinars and Common Agreement workgroup sessions. These are offered through the fall and winter of 2021. 

At the same time, RCE and ONC will continue to solicit public comment as the Common Agreement is finalized. The agencies encourage stakeholders to participate in upcoming information and RCE Stakeholder sessions and join the RCE’s contact list to be alerted of updates. 

In the meantime, several states have already begun taking actions related to TEFCA. Specifically, some state legislatures have passed bills requiring health care providers and/or health plans to connect to HIEs. New Jersey, Connecticut, Nebraska, and California are just a few examples, and more states are expected to follow suit in the future. 

How Can Healthcare Organizations Prepare for TEFCA? 

With the new standards just around the corner, healthcare organizations can take steps now to prepare for 2022. Getting interoperability resources up and running is key. 

Seeking out inconsistencies in how data is captured, identified and stored is an important step toward interoperability. Start by reviewing current health information exchange capabilities, with a focus on data identification. Which tools, applications and systems are in place to gather and hold necessary data points? Are there any gaps and, if so, how can they be filled? 

Quality is also important when considering how to integrate data. If your organization hasn’t already, consider creating baseline data quality metrics. This can help uncover any problem areas that need attention before TEFCA goes into effect. 

In order to align with the new standards, healthcare providers must establish a secure application programming interface, a.k.a. software that safely allows access to electronic health records. Adopting an interoperability platform that offers seamless connectivity will help smooth the transition. 

How Will TEFCA be Enforced? 

Participation in TEFCA is voluntary, so HINs aren’t mandated to become QHINs. However, the more widely adopted the system is, the more effective it will be. 

That means ONC is likely to push for legislation that includes mandatory TEFCA connectivity in the future. Some states have already moved in this direction by mandating participation in state-level HIEs.  

The Health Information Technology Advisory Committee has further discussed the possibility of implementing incentives to increase participation, such as including requiring participation as a prerequisite for participating in federal programs (such as Medicare, Medicaid or Veteran Community Care). An organization’s participation (or non-participation) in TEFCA may be considered in government review of information blocking, as well. 

However, the benefits of participating are clear. Easier, more comprehensive access to EHR means better, more efficient patient care, since healthcare providers will have longitudinal records on their patients. 

TEFCA Glossary 

Department of Health and Human Services (HHS): Federal agency overseeing development, roll-out and implementation of TEFCA. 

Electronic Health Information (EHI): Patient data that’s collected, stored and shared in electronic form for healthcare delivery and/or public health 

Electronic Health Record (EHR): An electronic (digital) version of a patient’s medical history. An EHR contains the same information as a traditional paper chart. 

Health Information Exchange (HIE): Builds connections between healthcare providers and facilitates the transfer of data between them. 

Health Information Network (HIN): A group of organizations that connect and work together to share data. 

Interoperability: The ability of different information systems, devices and applications to access and share data across the complete spectrum of care. 

Office of the Coordinator for Health Information Technology (ONC): The principal federal entity responsible for coordinating efforts to implement the nationwide electronic exchange of health information. ONC works with the Recognized Coordinating Entity (RCE) to oversee TEFCA implementation. 

Recognized Coordinating Entity (RCE): A single national entity responsible for operationalizing the Trusted Exchange Framework. 

Qualified Health Information Network (QHIN): Regional entities that meet HIN requirements and act as neutral coordinators/brokers. QHINs will connect to each other to provide a single “on-ramp” that enables any healthcare stakeholder to participate in nationwide information exchange. To apply for QHIN designation, a HIN must already operate a network that can electronically locate and transmit EHI between multiple individuals or entities, and exchange EHI in a clinical environment. 

Sequoia Project: An independent 501(c)3 organization chartered by HHS to advance the implementation of a secure, interoperable, nationwide health information exchange. 

Trusted Exchange Framework and Common Agreement (TEFCA): Established with the goal of creating a single on-ramp for data exchange and establish universal interoperability so health information networks (HINs), health care providers, health plans, individuals and other stakeholders can access interoperable health information in real time. 

21st Century Cures Act (Cures Act):  Passed in 2016 and finalized in 2020, the Cures Act (which includes TEFCA) was designed to accelerate medical product development and promote innovation and efficiency.

Related Blogs

Lyniate_Rapid_illustration_api_gateway_manager (1)

Lyniate Team

Lyniate introduces Rapid, a healthcare API gateway

Rapid is a healthcare API gateway and manager designed to help health teams create and safeguard APIs, including Fast Healthcare Interoperability Resources (FHIR)-based APIs like those required by the CMS Interoperability and Patient Access Rule.

Read more

Austin Dobson

CMS and ONC Rules: What They Mean for You

Read more

Lyniate Team

Government affairs

Being at the forefront of interoperability requires a careful understanding of healthcare regulations such as the CMS and ONC rules, as well as health data standards and security protocols.

Read more