September 26, 2022

Information technology officials at the Department of Health and Human Services have a new system in the works that aims to merge individuals’ health information across multiple networks.

HHS’ Trusted Exchange Framework and Common Agreement, or TEFCA, is a system that will allow health networks, including federally operated ones, to securely exchange medical data.

The end goal is to create a single point of access to all of an individuals’ health records.

The creation of TEFCA presents an opportunity for agencies to make their health information networks easier to use on the customer end, according to Micky Tripathi, the national coordinator for health IT at HHS.

Agencies such as the Department of Veterans Affairs and the Department of Defense, along with the Social Security Administration, already use some online networks in an effort to consolidate information across multiple platforms. But, Tripathi said, TEFCA can help to more effectively combine that information.

“Every federal agency, certainly within the Department of Health and Human Services, as well as the VA and the DOD, is exchanging information,” Tripathi said during a webinar by FCW on Wednesday. “We think TEFCA can help them do that better, faster and cheaper than they’re able to today.”

The first piece of TEFCA – the trusted exchange framework – will let health information networks share data. Then, the common agreement piece of TEFCA combines that data by creating easier and more secure connections among individuals and health organizations, HHS wrote in a blog post.

Similar to the Blue Button system for veterans under the VA’s My HealtheVet platform, one of TEFCA’s main goals is to create a centralized location where users can gather all of their healthcare information.

TEFCA launched in January. Now, the next milestone is a testing phase for a few initial networks on the system. HHS plans to complete that phase by the end of this calendar year.

Those initial networks can include ones for public health agencies, but technical, policy and security requirements could complicate early adoption for those groups, Tripathi said.

Health IT officials in that HHS office, though, hope that federal agency participation in TEFCA will ramp up as the framework develops.

TEFCA stems in part from the 21st Century Cares Act, passed by Congress in 2016. That legislation directed HHS to develop a way to securely transfer health information among separate networks. Part of TEFCA’s goal is to increase federal presence to ultimately reach full interoperability among distinct networks, Tripathi said.

Of the lessons learned from COVID-19, the pandemic highlighted the limitations of an often problematic and segmented health IT network. The fragmented system limits access to complete and thorough health records at agencies, Tripathi said.

“One of the things that we saw in the pandemic is our healthcare delivery system is really siloed for our public health system,” Tripathi said. “Our public health agencies struggle to get basic medical record information. You have networks transacting tens of millions of records per day, but a public health system sitting on the outside of it, not able to access that information, even in a time of crisis, even at a time of huge pandemic.”

Although the directive to create TEFCA came before the start of the pandemic, COVID-19 made HHS more acutely aware of the problems the current system can cause, Tripathi said.

“We have a number of networks that have been growing and that have made tremendous progress, but there’s still some friction in getting them connected up,” Tripathi said. “Progress has been made, but it’s still not perfect. It still doesn’t give the user the experience of it being a single network, even though it really is a ton of subnetworks that are connected up in various ways.”

Among the challenges of launching TEFCA is maintaining security of the combined network system. According to Keith Bocian, a senior data scientist at HHS’ Office of the Inspector General, protecting individuals’ data within a combined network, like TEFCA, is part of the OIG’s mission.

“At the OIG, we want to set the example for other HHS operatives and staff as it relates to the security of our network – safeguarding the data that we’ve been charged to protect,” Bocian said.