The Office of the National Coordinator for Health Information Technology (ONC) released the anticipated Common Agreement Version 2.0 on April 22, 2024. Since 2016, the ONC has been working to implement the requirements of the 21st Century Cures Act (Cures Act), and this release marks another milestone on the journey to complete those directives. All providers should be aware of the Common Agreement terms and conditions as certain portions will be as ubiquitous as business associate agreement language.
Background:
The Cures Act, among other things, directed the U.S. Department of Health and Human Services (HHS) to develop a strategy for reducing the regulatory and administrative burdens on providers related to the use of Electronic Health Records (EHRs) and facilitate patient access to health information in a reasonable and convenient form for patients, without burdening health care providers. The ONC has actively been working on initiatives to meet the Cures Act's directives and increase interoperability. One key initiative involves the development of a trusted exchange framework and a common agreement, (collectively, TEFCA) which establishes a universal governance, policy, and technical floor for nationwide interoperability, simplifies connectivity for organizations to securely exchange information to improve patient care, enhances the welfare of populations, generates health care value, and enables individuals to gather their health care information.
In January 2022, ONC finalized Version 1.0 of the Common Agreement, which was later updated in November 2023 with Version 1.1. The Common Agreement contains terms that all qualified health information networks (QHINs) must execute to participate in TEFCA and terms that QHINs must flow down to all its participants. QHINs are approved by ONC and are a key partner for providers to ensure their compliance with the regulations. In December 2023, TEFCA became operational and currently has seven entities designated as QHINs, including EHRs.
Key Changes:
While Version 1.1 of the Common Agreement looked and felt very similar to Version 1.0, Version 2.0 contains numerous updates, including definitional changes. Key changes in Version 2.0 include the following:
- The TEFCA data exchange now supports Health Level Seven (HL7) Fast Healthcare Interoperability Resources (FHIR), which will allow for easier data exchange among participants and access by individuals.
- The Common Agreement now includes an exhibit with terms of participation (ToPs), that QHINs must use to flow down required terms to all its TEFCA participants. The ToPs, now structured as a standalone document, will make it much easier for QHINs and participants to flow down terms consistently to its participants and subparticipants, as applicable, which will reduce costs, time, and burdens for organizations to participate in TEFCA.
- Participants may now participate in TEFCA with multiple QHINs, which will allow participants more options and flexibility in their exchange of data.
Key Takeaways:
Version 2.0 will be effective 60 days after publication in the Federal Register without further notice or commentary. Upon such effective date, current QHINs and participants are expected to have a transitional period to switch to the ToPs and new requirements. During the transition period, participation in TEFCA by current QHINs and participants will still be permitted. Upon such effective date, all potential participants will be required to utilize the ToPs to participate in the TEFCA exchange, but QHINs may elect to adopt and begin using Version 2.0 now.
The latest updates to the Common Agreement continue to make data sharing more efficient, safe, and move the industry toward greater interoperability on a national level. While TEFCA participation is not currently required, the benefits, such as improved patient care, easier access, and compliance with other laws and regulations such as information blocking, are good reasons for non-participants to consider TEFCA participation soon. Just like business associate agreement terms, additional terms beyond the required ToPs should be negotiated, and we recommend making sure such negotiation is informed with an understanding of TEFCA and its relationship to other state and federal laws, including HIPAA.
If you have any questions about TEFCA, interoperability, information blocking, or need additional information regarding this alert, please do not hesitate to contact Julie A. Kilgore, or any member of the Baker Donelson Data Protection, Privacy, and Cybersecurity team.