The healthcare sector has had quite a run the last few years: 

    • Non-stop privacy regulations have been thrown at the industry from nations and states 
    • Resourcing and operational issues related to the pandemic 
    • Accelerated digital transformation as patient care moved further outside the traditional hospital, doctor’s office, and clinic walls 

And now, there’s TEFCA: The Trusted Exchange Framework (1) and Common Agreement. (2) 

TEFCA Has Finally Arrived 

The vision behind TEFCA has been in the works for years, pretty much since the formation of The Office of the National Coordinator for Health Information Technology (ONC) back in 2004. The reality of TEFCA indeed came to light though with its inclusion as a mandate in the 21st Century Cures Act that was passed in 2016. (3) With TEFCA comes the objective to bring together a combination of legal and technical requirements aimed to enable the secure exchange of personal health information across disparate health entities operating on their health information networks (HINs) throughout the country at the state and regional levels. 

Once they meet the requirements, the national information exchange network will give providers, payers, and public health agencies – referred to as qualified health information networks (QHINs) a way to connect and share information. The initial data-sharing connection aims to enable patients and healthcare organizations to work together using the most up-to-date health information from all parties to provide the best care and treatments. Over time, the exchange will be broadened to include other information to help with benefits, payments, public health issues, and other operationally oriented activities that presumably help the patients and the healthcare ecosystem.

TEFCA To Bring Many Healthcare Scenarios to Reality 

The official goals for TEFCA are: (6) 

  • Goal 1: Establish a universal policy and technical floor for nationwide interoperability. 
  • Goal 2: Simplify connectivity for organizations to securely exchange information to improve patient care, enhance the welfare of populations, and generate health care value. 
  • Goal 3: Enable individuals to gather their health care information. 

Here are a few of the many benefits that health interoperability could bring, as identified by’s Health Interoperability Outcomes 2030: (4) 

  • The health system will enable evidence-based, precision care that accounts for each patient’s social and health conditions, including links between health and human services. 
  • The health system will more quickly identify high-risk conditions, chronic diseases, and disparities in health equity. 
  • The data used for clinical and administrative processes will be electronically integrated to support decisions about payment, eligibility, and benefits. 
  • Public health response and preparedness will be driven by real-time data that allow public health agencies to quickly identify when and where infectious disease outbreaks occur and maintain insights about health system capacity. 
  • Researchers will use inclusive, representative datasets to compare the real-world performance of treatments, procedures, devices, and drugs. 
  • Health professionals will spend less time on administrative tasks and more time caring for their patients. 

To meet these goals and deliver these scenarios, TEFCA has been comprised of 2 core elements: (5) 

  1. The Trusted Exchange Framework is a set of non-binding but foundational principles for health information exchange.
  2. The Common Agreement establishes the technical infrastructure model and governing approach for different health information networks and their users to share clinical information securely – all under commonly agreed-to rules of the road. 

As organizations begin to unpack the details within both the framework and the agreement, they will likely realize that TEFCA is so much more than just being able to “share data.” TEFCA will introduce numerous high-scale data collection, storage, transport, and processing requirements for organizations to meet. It will also bear the stark cyber risk that will require mitigation as the networks, systems, and data sets are exposed to other networks and systems. Organizations also get a tremendous amount of technical challenges and operational headaches. 

Organizations Must Prepare for the Future of Connected Healthcare 

Healthcare organizations large and small from across the U.S. will not only have to prepare to share the data they’ve been entrusted with, but to also ensure that their health information network is secure, scalable, and resilient as they open it up, connect it, and expose it to outside entities. The entities are many, including the national exchange, regional exchanges, and even competing providers, payers, and other health agencies operating directly within or adjacently to the same space. 

The answer to these challenges and headaches will sit inside additional digital transformation projects hitting the IT desks, each introducing functional requirements for new operating environments being developed and for more migrations from legacy on-premises systems to high-performing public and hybrid cloud infrastructures running modern applications. 

The healthcare renaissance continues, and it will be fed by data and driven by the cloud. Scaling to meet demand was not easy to begin with, and, while the common agreement and framework may outline a decent plan of attack, TEFCA makes it even more challenging in the near term for many organizations struggling to keep up with the current transformations underway: 

    • National connectivity exposes the information exchanges to cyber risk, creating data privacy and safety concerns
    • Continued proliferation of disparate systems behind the walls of connectivity makes system and data protection measures and the goal of seamless data sharing more complex 
    • Multi-network workflows running on top of regional health information networks are not well suited for the massive data sharing requirements that could arise 

All digital transformation projects, including those introduced because of TEFCA’s passing, require thoughtful strategies and results-driven plans. Taos helps healthcare organizations around the US and globally get ahead of these types of challenges by capitalizing on scalability, enhanced security, and cloud economics. Taos offers Advisory Services, Professional Services, Managed IT and Security Services to help with your digital transformation projects. 


1 – “The Trusted Exchange Framework (TEF): Principles for Trusted Exchange,”, January 2022 

2 – “Common Agreement for Nationwide Health Information Interoperability,”, January 2022  

3 – “H.R.34 – 21st Century Cures Act,” Congress, Accessed on February 1, 2022 

4 – “Health Interoperability Outcomes 2030,”, January 2022 

5 – “ONC Completes Critical 21st Century Cures Act Requirement, Publishes the Trusted Exchange Framework and the Common Agreement for Health Information Networks,” HHS, January 2022 

6 – “3…2…1…TEFCA is Go for Launch,”, January 2022