EHNAC CEO Addresses Where Healthcare Industry Stands on the Interoperability Front as a Final TEFCA Rule Approaches

Industry Commentary

WEST HARTFORD, Conn. – December 14, 2021 – Bringing true interoperability to the electronic patient record will be a game-changer for patients, providers, payers, other stakeholders and for the industry. As the healthcare industry moves closer to making this vision a reality with a final TEFCA expected in 2022, Lee Barrett, CEO and executive director of the Electronic Healthcare Network Accreditation Commission (EHNAC) who also serves as co-chair of the Sequoia Interoperability Matters Leadership Council and a member of the Executive Steering Committee for ONC’s Payer + Provider FAST FHIR Task Force, tackled several questions regarding where the industry is today and where it is heading when it comes to achieving an interoperable ecosystem.

Q: Why has the healthcare industry struggled with solving its longstanding interoperability problem?

Barrett:  Interoperability is an important foundational healthcare data exchange for patients and other stakeholders and, at times has been frustrating, as a topic in healthcare for over a decade. One of the biggest challenges remains is the issue of addressing disparate information systems and the electronic health records (EHR) that all speak different languages that resist easy translation from one platform to another. The issue of dealing with proprietary vendor software and therefore the lack of interoperability is one of the challenges that the industry continues to attempt to address.

Patient data needs to be free and aggregated in a single location, when needed, but that is nearly impossible in today’s siloed healthcare environment where information blocking is a major challenge. Often EHR system A doesn’t speak with radiology software B. Many transitions of care are still transmitted by fax. Mounds of paper documents are piling up. And legacy software systems don’t interact with current technology, leaving large gaps in a patient’s health record.

The healthcare ecosystem needs to continue to collaborate and work together to address these challenges and “move forward” with implementation of the interoperability architecture outlined by the Office of the National Coordinator (ONC). This includes focusing on providing the highest level of stakeholder trust for all healthcare entities – patients, providers, health plans and many others – to foster adoption and realize the benefits which will occur.

Q: The current state of interoperability isn’t as bad as many think. Great strides on the interoperability front have been made by key industry organizations. Can you expand on their progress?

Barrett: Although we might not be at the interoperability finish line, we are closer than we were even twelve months ago. And we might finally get there sooner than we think. Progress is being made by industry organizations who are working with organizations that want to be qualified health information networks (QHINs) and the Trust Exchange Framework with Common Agreement (TEFCA), which is driving infrastructure development to allow data exchange with QHINs and other stakeholders who are called Participants. This is critical for QHINs and other entities who are under competitive pressures to continually ensure compliance with regulatory requirements, business metrics and best practices. The Sequoia Project as the designated Recognized Coordinating Entity (RCE) by ONC is developing a Common Agreement (CA) that will significantly reduce the number of legal agreements between QHINs, Participants and other stakeholders to enable this level of data exchange to occur as well as to help promote interoperability between the stakeholders. As the industry awaits a final TEFCA Rule, the Sequoia Project and ONC are working together to create a patient EHR digital highway that will facilitate data and information exchange. This patient-centric initiative will serve as the foundation to empower patients, providers and many other healthcare stakeholders to access data in order to facilitate and make critical healthcare decisions.

Q: What are some of the regulations put forth by the industry’s governing bodies that are helping pave the path to interoperability?

Barrett: Giving patients unfettered access to their healthcare information is the impetus behind two federal efforts, the 21st Century Cures Act and the Interoperability and Patient Access final rule (CMS-9115-F). Together, they are designed to enable the healthcare data ecosystem through application programming interfaces (APIs) that will allow patients convenient access to their records through smartphone apps, portals, medical devices and other electronic methods. The U.S. Department of Health and Human Services (HHS) believes this approach will increase the move toward value-based care, improving the quality of care while bringing transparency into costs and outcomes.

To facilitate common information access, the Centers for Medicare & Medicaid Services (CMS), in partnership with ONC, has selected Health Level 7 (HL7) Fast Healthcare Interoperability Resources (FHIR) Release 4.0.1 as the foundational standard to support data exchange via secure APIs.

Most important for eligible providers and hospitals, CMS will publicly report entities that may be information blocking based on attestation to certain Promoting Interoperability Program Requirements. The idea is that patients will gravitate toward those more likely to support electronic access to their data. CMS also is expected to report on providers who have not listed nor updated their digital contact information in the National Plan and Provider Enumeration System (NPPES), including secure digital endpoints like a Direct Address and/or a FHIR API endpoint.

Q: You mentioned how the Cures Act Final Rule calls for open APIs to encourage secure access to data for applications. Why is this critical to interoperability?

Barrett: As vendors develop APIs for their products and services to promote and facilitate interoperability, hospitals, health systems and providers need to develop their own infrastructures that address how they’re going to implement and handle these APIs, including server and infrastructure capability. They also need to develop the necessary architectures to map how data will flow among various systems and interfaces, both internally and externally. FHIR has a dramatic impact on the way APIs provide interconnectivity and launch various healthcare programs/applications and is critical to enabling interoperability between disparate electronic healthcare systems and platforms.

As a result, I believe in the year ahead of 2022 that we will see the adoption and implementation of APIs that are FHIR-enabled by the HL7 standard to provide the connectivity between EHRs, healthcare applications, portals while providing the “fuel” for the digital information highway. The Unified Data Access Protocol (UDAP) provides the capability for FHIR APIs to have the foundational security rigor and scale to assure the broadest adoption, scale and implementation of this standard occurs in the healthcare ecosystem.

There are several critical industry initiatives underway that are foundational to the implementation of TEFCA. Last year, EHNAC and UDAP established the Trusted Dynamic Registration & Authentication Accreditation Program (TDRAAP) that aligns with the 21st Century Cures Act as well as TEFCA draft provisions released by the ONC. The big challenge in achieving the industry’s interoperability objective is all the technical endpoints across the health care information ecosystem (client apps, servers and users of these systems) must be able to register and authenticate in order to share/exchange sensitive information in a secure and scalable manner. Today’s OAuth and OpenID cannot scale to the volume and speed which will be needed. The scalability must also be met with enhanced privacy and security controls. That is why TDRAAP is designed to help healthcare organizations demonstrate their ability to use trusted digital certificates for endpoint identity, registration, authentication, and attribute discovery for electronic healthcare transactions in real-time. Certification programs like TDRAAP can help more healthcare data to be truly free — and adequately protected and demonstrate the level of stakeholder trust that the healthcare ecosystem needs.

Q: As we approach a final TEFCA Rule, what efforts have been made to help EHRs, labs, payer systems, app developers and other information platforms that hold patient data more interoperable?

Barrett: There are several critical industry initiatives underway that are foundational to the implementation of TEFCA. The Sequoia Project (RCE) has worked closely with the healthcare ecosystem to foster collaboration and to provide an open and very transparent process as they development the Common Agreement (CA) to enable TEFCA implementation. Additionally, The Sequoia Project has focused on providing a collaborative interoperability-focused industry forum with the Interoperability Matters Leadership Council where there are three major workgroups that are addressing specific implementation issues including: information blocking, data useability and emergency preparedness. These initiatives and the leadership of The Sequoia Project, along with Commonwell, CareQuality and many others are assisting the industry achieve a successful interoperable healthcare ecosystem that we are very excited to see occur.

The industry is also anticipating the FHIR Roadmap in early 2022 which will provide more specificity on the implementation and rollout of this API standard. We are hopeful that TEFCA in the future will also incorporate the use of FHIR in its framework. One challenge in achieving the industry’s interoperability objective is all the technical endpoints across the health care information ecosystem (client apps, servers and users of these systems) must be able to register and authenticate in order to share/exchange sensitive information in a secure and scalable manner. We are therefore hopeful that with the significant developments that have occurred in 2022 with the FHIR at Scale Taskforce (FAST), HL7, DaVinci and other industry initiatives on evolving this standard that we are seeing all of the key foundational components aligning to provide a successful interoperability implementation for healthcare and achieve the objectives and benefits envisioned.

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors, third-party administrators and trusted networks. The Commission is an authorized HITRUST CSF Assessor, making it the only organization with the ability to provide both EHNAC accreditation and HITRUST CSF certification.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit, contact, or follow us on Twitter, LinkedIn and YouTube.