2 min read

TEFCA: Should you be worried? And why we’re not.

A year has passed since the final version of the Trusted Exchange Framework and Common Agreement (TEFCA) was published by the Office of the National Coordinator (ONC) for Health Information Technology. 


Sidenote: Who else in healthcare is SFAF (suffering from acronym fatigue)? But I digress. 


Back to the topic at hand: When TEFCA was published in January 2022, we reached out to many of our customers to gauge what they were thinking, what their concerns were, and to determine how we could help. 


What we found out was that we are in the same boat as many of our customers: We are actively monitoring TEFCA developments, but our day-to-day operations aren’t impacted, at least not yet. 


As someone who is heavily invested in making secure, privacy-centric healthcare data exchange work as seamlessly as possible for our customers, I applaud what TEFCA aims to do. 


I am somewhat skeptical, however, about how TEFCA will actually make the whole of the healthcare data exchange easier, more secure, more effective, and more affordable. Anyone monitoring can see how treatment-based use cases could greatly benefit, but that’s only part of the story, and something for another blog. 


ONC describes the Trusted Exchange Framework (TEF) as follows, “The TEF describes a common set of non-binding, foundational principles for trust policies and practices that can help facilitate exchange among health information networks (HINs). Broad industry alignment with these principles should help facilitate entities’ entering into effective contractual relationships for the secure electronic flow of digital health information where and when it is needed.”


The fact that ONC describes TEF as “non-binding … principles that can help facilitate exchange … and should help facilitate entities’ entering into effective contractual relationships” (emphasis mine) speaks directly to my cautious optimism about TEFCA. The best-intentioned principles and policies won’t actually protect patient data or make data exchange better and easier. What will? Actual technology. 


Why we’re not worried

TEFCA is not providing tools to help players within the healthcare ecosystem abide by the rules that it’s laying out.


Understandably, that has many people on edge. They’re thinking: How are we supposed to keep compliant with yet another set of rules and regulations, when we’re not being given any additional tools to meet the demands of those rules and regulations? 


That’s where we come in. Our technology is designed with the future in mind. How do we know what the future will hold? Well, apart from death and taxes, we don’t. We do know, however, that the future will always mean change: changing rules, regulations, and best practices. So, we’ve designed our technology to be flexible. We’re ready to pivot and flex as the rules and regulations—including those set forth by TEFCA—require. 


As the demand for data continues to increase, and rules and regulations around the release of data become more and more complex, technology is going to be increasingly critical in managing the release of information.


Our solutions are designed to help customers address challenges that may come out of TEFCA or any other framework that dictates (or suggests) rules around healthcare data exchange. 


So, to answer the question that I posed in this blog’s title: I don’t think you need to be worried about any negative impacts from TEFCA. I do think you need to be actively monitoring it and asking your team how you’re future-proofing your systems. How will you be able to pivot and adapt to meet ever-evolving data exchange demands? 

If you’re interested in learning more about how we’re helping our customers future-proof themselves, we’d love to chat!