NASL IT Committee

NASL IT Committee
NASL IT Committee Meeting
Tuesday, February 6, 2018 1:15-3:15pm
Dolley Madison Ballroom
Agenda
I. Welcome & Call to Order
Donna Doneski, NASL Director of Policy & Membership
Introduce guests from federal agencies to include:
• Zoe Barber, MPH
Special Assistant, Principal Deputy National Coordinator
Office of the National Coordinator for Health IT (ONC)
U.S. Department of Health & Human Services (HHS)
• Liz Palena Hall, RN, MIS, MBA
LTPAC Coordinator, Office of Policy, ONC
• Beth Connor, MS, RN
Nurse Consultant, Center for Clinical Standards & Quality (CCSQ)
Quality Measurement & Value-Based Incentives Group (QMVIG)
Division of Chronic & Post-Acute Care (DCPAC)
Centers for Medicare & Medicaid Services (CMS)
II.
Health IT Legislative & Regulatory Update
Donna Doneski
Review of current health IT legislation on Net Neutrality & Telehealth, plus implementation of the
IMPACT Act and 21 st Century Cures Act’s health IT provisions.
• See chart – Tab A in resource section.
III.
Committee Discussion of ONC’s Proposed Trusted Exchange Framework & Common Agreement
(TEFCA), plus Draft US Core Data for Interoperability (USCDI)
Ted Prettyman, Director, Sims Strategies
• Committee discussion of proposed TEFCA and USCDI. Refer to Tabs B & C in resource section.

NASL IT Committee
Tuesday, February 6, 2018 1:15-3:15pm
Dolley Madison Ballroom
Agenda – continued
IV.
Status of the Data Element Library
Beth Connor, MS, RN
CMS Nurse Consultant
V. New Business
• NASL TEFCA Webinar with ONC Principal Deputy National Coordinator Genevieve Morris
Tuesday, February 13 at 2PM EST
• NASL IT Committee Schedule for 2018
Calls are currently scheduled for the third Thursday of the month at 2PM Eastern
• NASL & LTPAC at HIMSS18 – March 5 – 9, 2018 in Las Vegas, Nevada
NASL is a collaborator of HIMSS18. NASL members may attend HIMSS18 in Las Vegas,
March 5– 9 at discounted rate by using NASL’s collaborator code.
• 14 th Annual LTPAC Health IT Summit
June 25 – 27, 2018 at the Washington Hilton in Washington, DC
NASL is helping to plan the Summit with our colleagues from the LTPAC Health IT Collaborative.
Please let us know if you are interested in participating as a sponsor, presenter or attendee.
Additional Resources:
• Tab A – Health IT Legislative & Regulatory Chart – An overview of health IT legislation and
regulation NASL is tracking for 2018
• Tab B – NASL Summary of TEFCA
• Tab C – Outline of Key Areas of Focus for NASL TEFCA & USCDI Discussion

NASL IT Committee Agenda
Tab A
NASL Health IT Legislative & Regulatory Chart – February 1, 2018
An overview of health IT legislation and regulation NASL is tracking for 2018
Centers for Medicare & Medicaid Services (CMS)
Policy/ Initiative Description Timeline
IMPACT Act Quality
Measures
Transfer of Health Data & Care
Preferences
October 1, 2018
Medicare Part D
Proposed Rule,
including an update
to the electronic
transaction standard
used by Part D Plans
NASL commented on CMS’ Medicare
Part D Proposed Rule, which
includes a provision proposing the
adoption of the NDPDP SCRIPT
Standard Version 2017071, and
retirement of the current NCPDP
SCRIPT Version 10.6, as the official
electronic prescribing standard for
transmitting prescriptions and
prescription-related information using
electronic media for covered Part D
drugs for Part D eligible individuals.
2018
New Medicare
Beneficiary Identifier
(MBI)
The Medicare Access & CHIP
Reauthorization Act (MACRA) of
2015 requires CMS to remove Social
Security Numbers (SSNs) from all
Medicare cards by April 2019. The
new Medicare Beneficiary Identifier
(MBI) will replace the SSN-based
Health Insurance Claim Number
(HICN) used for Medicare
transactions such as billing, eligibility
status, and claim status.
April 2018
CMS will begin sending new
Medicare cards to all
beneficiaries
October 2018
Transition period begins
April 2019
New MBI replaces HICN
Resource: CMS’ New
Medicare Card webpage
Data Element Library
(DEL)
See NASL Winter Conference
presentation
May 2018
Expected release of DEL
IQIES & QTSO
See NASL Winter Conference
presentation
May 2018
QTSO deadline
IQIES is a 3-year project
NASL Health IT Legislative & Regulatory Chart
As of February 1, 2018
Page 1 of 3

NASL IT Committee Agenda
Tab A
Office of the National Coordinator for Health Information Technology (ONC)
Policy/ Initiative Description Timeline
TEFCA & USCDI
On January 5, 2018, the ONC
released its proposed Trusted
Exchange Framework & Common
Agreement (TEFCA) and Draft US
Core Data for Interoperability
(USCDI) as required under the 21 st
Century Cures Act.
February 20, 2018
Comments are due
May-June 2018
ONC is expected to issue a
Funding Opportunity
Announcement (FOA) for the
Recognized Coordinating
Entity (RCE)
Late 2018
Final TEFCA to be published
Draft USCDI Version 1 Data Classes
Patient name
Sex (birth sex)
Patient Date of Birth
Preferred Language
Race
Ethnicity
Smoking Status
Laboratory tests
Laboratory values/results
Vital signs
Problems
Medications
Medication Allergies
Health concerns
Care Team members
Assessment and plan of treatment
Immunizations
Procedures
Unique device identifier(s)
Goals
for a patient’s implantable device(s)
Provenance
Clinical Notes
2018 Reference
Edition
Interoperability
Standards Advisory
(ISA)
ONC has posted the latest,
interactive Interoperability Standards
Advisory.
NASL Health IT Legislative & Regulatory Chart
As of February 1, 2018
Page 2 of 3

NASL IT Committee Agenda
Tab A
Other Federal Agencies
Policy/
Description
Initiative
CDC’s Infectious CDC is engaged in a collaborative
Diseases C-CDA effort to supplement three Health
Project
Level Seven (HL7) Consolidated-
Clinical Document Architecture (C-
CDA) documents:
(1) Discharge Summary
(2) Continuity of Care
(3) Transitions of Care
*As cited in materials for NASL’s IT
Committee briefing on November 16,
2017 by Surveillance Branch Chief,
Division of Healthcare Quality
Promotion, Centers for Disease
Control & Prevention (CDC) Daniel
Pollock
Timeline
HL7 Implementation Guide (IG)
Timeline:
• May 28 – Scope Definition
• June 11 – Scope Material
• July 15 – Notice of Intent to
Ballot Deadline, Fall 2018
• July 23 – Design Freeze
• August 19 – Fall 2018 Ballot
Submission Deadline
• September 29 – October 5
Fall 2018 HL7 Working Group
Meeting (WGM)
• December 2018 – Estimated
IG Publication
FCC Repeal of Net
Neutrality Rules
carries implications
for Telehealth
Open Internet
Preservation Act
(H.R.4682)
On December 14, 2017, the Federal
Communications Commission (FCC)
voted to repeal Net Neutrality rules.
FCC’s repeal of the rules means
Internet Service Providers (ISPs)
could speed up or slow down, or
potentially charge more for certain
Internet content. The concern is that
allowing ISPs to control internet
speed based on users, services, sites
visited or content, may negatively
affect seniors or LTPAC providers.
On December 19, 2017,
Congressman Marsha Blackburn (R-
TN) introduced legislation that could
reinstitute some, but not all of the Net
Neutrality rules. The Open Internet
Preservation Act (H.R.4682) has25
cosponsors as of as of January 31,
2018).
On January 16, 2018, New York
Attorney General Eric Schneiderman,
and a coalition of 22 Attorneys
General, filed a multistate lawsuit to
block FCC’s illegal rollback of net
neutrality.
Open Internet Preservation Act
• Amends the Communications
Act of 1934 by prohibiting
broadband internet access
service providers from: (1)
blocking lawful content,
applications, services or nonharmful
devices; and (2)
impairing or degrading lawful
internet traffic on the basis of
internet content, application
or service, or use of a nonharmful
device.
• Such prohibitions do not
prevent providers from
offering specialized services
that are offered over the
same network and may share
network capacity with the
broadband internet access
service.
• Allows broadband internet
access services to be eligible
for federal universal service
support funding.
NASL Health IT Legislative & Regulatory Chart
As of February 1, 2018
Page 3 of 3

NASL IT Committee Agenda
Tab B
NASL
Summary & Analysis
DRAFT Trusted Exchange Framework & Common Agreement (TEFCA)
January 20, 2018
Overview
On January 5, 2018, the Office of the National Coordination for Health Information Technology
(ONC) released the Draft Trusted Exchange Framework, which focuses on policies, procedures
and technical standards intended to simplify the exchange of health information and limit costs
associated with the creation of multiple point-to-point interfaces between organizations.
ONC is required under the 21 st Century Cures Act to develop a final Trusted Exchange
Framework & Common Agreement (TEFCA), which will establish a technical and governance
infrastructure to connect disparate health information networks – and by extension to individuals
and providers who use these networks to exchange health information. TEFCA is divided into
two parts. The first part is the Trusted Exchange Framework, which outlines a set of six principles or
“guard rails” for promoting trust across health information networks. These six principles –
standardization, transparency, cooperation & non-discrimination, security & patient safety, access and
data-driven accountability – are described in greater detail below. The second part is the Common
Agreement, which is comprised of a set of minimum terms and conditions that will to help to ensure
that common practices are in place and required of all participating in exchanging electronic health
information. ONC expects to publish the final TEFCA in the Federal Register in late 2018.
TEFCA’s technical infrastructure will support a series of primary networks called Qualified
Health Information Networks (QHINs) that will serve as the main connections for transferring
data across a variety of Health Information Networks (HINs), which facilitate “access, exchange
or the use of electronic health information between or among two or more unaffiliated individuals
or entities.” In addition to the QHINs and HINs, ONC delineates the stakeholders who can use
the Trusted Exchange Framework as federal agencies; public health organizations and
agencies; health information networks; individuals (e.g., patients, caregivers, authorized
representatives and family members); payers; providers (i.e., to include ambulatory, inpatient,
long-term and post-acute care (LTPAC), emergency medical services (EMS), behavioral health
and home and community based services providers); and technology developers (e.g., EHR,
HIE, analytics, laboratory information systems, PHRs, Qualified Clinical Data Registries
(QCDRs), registries, pharmacy systems, mobile technology and other technology).
As part of finalizing the Draft Trusted Exchange Framework, ONC will use an open, competitive
process to select a Recognized Coordinating Entity (RCE). The RCE will work with ONC
through a Cooperative Agreement using the Draft Framework to develop a Common Agreement.
Given ONC’s solicitation for specific feedback regarding the RCE, we believe that ONC may
have an existing entity (or entities) in mind that could be considered for such a Cooperative
Agreement and serve in this oversight role.
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 1 of 10

NASL IT Committee Agenda
Tab B
Stakeholder feedback from the Draft Framework will inform the RCE and ONC’s development of
a Common Agreement, which will serve as the fleshed out “terms and conditions” that entities
must agree to in order to become QHINs. Entities can then agree to a single terms and
conditions of the TEFCA to exchange information through the QHINs. A blogpost from ONC
points out that much of the Trusted Exchange Framework is based on existing capabilities in the
health IT landscape; however, “some modifications to existing HINs and Qualified HINs may be
needed to meet the objectives identified by Congress in the Cures Act.”
Functionally, the RCE will provide oversight and governance of the Common Agreement and for
Qualified HINs (QHINs), which is defined as a network of organizations working together to
share data and serving a wide range of participants. A Qualified HIN must meet all of the
requirements of a HIN, as well as:
Be able to locate and transmit ePHI between multiple persons and/or entities
electronically;
Have mechanisms in place to impose Minimum Core Obligations and to audit
Participants’ compliance;
Have controls and utilize a Connectivity Broker service;
Be participant neutral; and
Have Participants that are actively exchanging the data included in the USCDI in a live
clinical environment.
The QHINs will connect directly to each other, forming the core for nationwide interoperability.
HINs can connect to the QHINs via a “connectivity broker,” which is a service provided by the
QHIN and that delivers all functions for the “permitted purposes” (such as treatment or public
health) to include: master patient index; Record Locator Service; Broadcast and Directed
Queries, and EHI return to an authorized requesting Qualified HIN.
In addition to the Draft Trusted Exchange Framework and TEFCA process and supporting
materials, ONC released the Draft U.S. Core Data for Interoperability (Draft USCDI). The Draft
USCDI is a set of standardized data elements that represent the minimum level of information to
be shared through the TEFCA, with an annual process for proposing, reviewing and adding to
these data elements. The Draft USCDI includes all of the elements of the Common Clinical Data
Set (CCDS) with the addition of clinical notes and provenance.
Comments on the Draft Trusted Exchange Framework and Draft USCDI are due to ONC
by February 20, 2018.
A more in-depth look at various aspects of the Draft Trusted Exchange Framework
follows, along with additional resources and NASL’s schedule for review and comment of
this proposed regulation.
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 2 of 10

NASL IT Committee Agenda
Tab B
Background & Implementation Timeline
Section 4003 of the 21 st Century Cures Act (Public Law 114-255), which was signed into law on
December 13, 2016, requires ONC to take steps to promote interoperability. Section 4003(b)
directs ONC to, “for the purpose of ensuring full network-to-network exchange of health
information, convene public-private and public-public partnerships to build consensus and
develop or support a trusted exchange framework, including a common agreement among
health information networks nationally. Such convention may occur at a frequency determined
appropriate by the Secretary.” This section also lays out that a Common Agreement may
include:
(I)
(II)
(III)
(IV)
a common method for authenticating trusted health information network participants;
a common set of rules for trusted exchange;
organizational and operational policies to enable the exchange of health information
among networks, including minimum conditions for such exchange to occur; and,
a process for filing and adjudicating noncompliance with the terms of the common
agreement.
Section 4003 also lays out a timeline for implementation. The law directs ONC to
convene stakeholders within six months of enactment;
publish TEFCA one year after convening stakeholders;
develop a directory of participating QHINs within two years of convening stakeholders.
ONC is well on its way to achieving this implementation timeline. On July 24, 2017, ONC held its
first Listening Session with Comment Period. NASL submitted comments in response to ONC's
request for comment on August 25, 2017. A second and third listening sessions were held on
September 29 and November 30, 2017, respectively. Moving forward, ONC’s implementation
guideline is as follows:
January 5, 2018 – Draft Trusted Exchange Framework Released for Public Comment
January 5 – February 20, 2018 – 45-Day Public Comment Period
March 19, 2018 – ONC’s HITAC Trusted Exchange Framework Task Force Presentation
April 18, 2018 – ONC’s HITAC USCDI Task Force Presentation
Mid-2018 – Selection of a Recognized Coordinating Entity (RCE)
December 2018 – HITAC Final Report
Late 2018 – Release of Final TEFCA
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 3 of 10

Review & Analysis of ONC’s Draft Trusted Exchange Framework
NASL IT Committee Agenda
Tab B
The ONC’s Draft Trusted Exchange Framework lays out the framework for creating a network
for nationwide interoperability of electronic health information. ONC is focused on ensuring “data
liquidity,” meaning that data can flow freely between entities. Additionally, the openness of the
network is intended to give new technologies (and app developers) access to the data in order
to unlock the potential of health information technology. ONC envisions the products of the Draft
Trusted Exchange Framework will support a “single on-ramp” through which an entity can agree
to work with a single entity of their choice and have access to all electronic health information.
This is done by end users connecting to participants (including Health Information Networks
(HINs), EHR vendors and other organizations) that connect to Qualified Health Information
Networks (QHINs), which in turn handle data requests through Connectivity Brokers,
responsible for responding to queries and returning the requested electronic health information.
Data requests must be for one of six “Permitted Purposes,” including: 1) Public Health; 2)
Individual Access; 3) Benefits Determination; 4) Treatment; 5) Payment and 6) Healthcare
Operations.
NOTE – Participation is voluntary; however, we anticipate that it is possible future
Medicare payment policies could require participating in interoperable exchange.
Also, it is interesting to note that ONC’s supplemental materials for providers
suggest that one way providers can be involved in the Trusted Exchange
Framework is to “require the technology vendors or HINs they contract with be
connected to the network created by the Trusted Exchange Framework.”
TEFCA Goals
ONC lays out five goals for the TEFCA in A User’s Guide to Understanding the Draft Trusted
Exchange Framework. These goals are:
1. Build on and extend existing work done by the industry;
2. Provide a single “on-ramp” to interoperability for all;
3. Be scalable to support the entire nation;
4. Build a competitive market allowing all to compete on data services;
5. Achieve long-term sustainability.
Principles, Process & Operation
The Draft Trusted Exchange Framework itself is divided into two parts. The first part is “Part A –
Principles for Trusted Exchange,” providing an overview of the six key principles guiding the
TEFCA process. The second part is “Part B – Minimum Required Terms and Conditions for
Trusted Exchange,” which provides a framework “terms and conditions” based on these six
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 4 of 10

NASL IT Committee Agenda
Tab B
principles that will be used as the basis for developing a more comprehensive Common
Agreement. The agreement will provide for:
a common authentication processes of trusted health information network participants;
a common set of rules for trusted exchange; and
a minimum core set of organizational and operational policies to enable the exchange of
electronic health information among networks.
Through the terms and conditions of the Common Agreement entities accepting those terms
can become Qualified Health Information Networks (QHINs), which will serve as the backbone
of the exchange network.
NOTE – TEFCA is designed to align with requirements under the Health Insurance
Portability & Accountability Act of 1996 (HIPAA). Still, ONC recognizes that not all
users of the TEFCA will be “Covered Entities” or “Business Associates” under
HIPAA, which is the reason TEFCA includes specific terms and conditions to
enable the broader exchange of health information.
Principles
The six principles outlined in the proposed Trusted Exchange Framework are:
1. Standardization – Adhere to industry and federally recognized standards, policies, best
practices and procedures.
2. Transparency – Conduct all exchange openly and transparently.
3. Cooperation & Non-Discrimination – Collaborate with stakeholders across the continuum
of care to exchange electronic health information (EHI), even when a stakeholder may
be a business competitor.
4. Privacy, Security & Patient Safety – Exchange electronic health information (EHI)
securely and in a manner that promotes patient safety and ensures data integrity.
5. Access – Ensure that individuals and their authorized caregivers have easy access to
their electronic health information (EHI).
6. Data-driven Accountability – Exchange multiple records for a cohort of patients at one
time in accordance with applicable law to enable identification and trending of data to
lower the cost of care and improve the health of the population.
Additional information on how these should be implemented appears in the second part of the
TEFCA. The section begins with a lengthy outline of definitions used, followed by sections on
each of the principles, plus sections on Requirements of Qualified HINs, Participant Obligations,
End-User Obligations.
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 5 of 10

NASL IT Committee Agenda
Tab B
Process
ONC intends to partner with a private sector entity for implementing the Draft Trusted Exchange
Framework. ONC will select this entity – called a Recognized Coordinating Entity (RCE) – that
will develop the final Common Agreement used in creating the full Trusted Exchange
Framework & Common Agreement (TEFCA). ONC will begin the RCE selection process with a
Funding Opportunity Announcement (FOA), which will award a single, multi-year Cooperative
Agreement to a single RCE sometime in the Spring of 2018. The RCE will serve as the umbrella
organization for governing the TEFCA, including developing the final Common Agreement and
TEFCA products, onboarding QHINs and then governing implementation and ongoing
enactment of the TEFCA. This also includes producing a directory of QHINs.
With the RCE serving as a governance organization, the backbone of the interoperable
exchange network is the QHINs, which are entities that have accepted the Common Agreement
and meet other criteria.
Operation
Once the TEFCA and QHINs are established, QHINs will connect to each other and respond to
inquiries for electronic health information (EHI). Using a Connectivity Broker service, QHINs
respond to supported use cases for the permitted purposes of treatment, payment, healthcare
operations, individual access, benefits determination and public health. The use cases currently
include Broadcast Query (requesting all entities in the QHIN to search for and return
information), Directed Query (seeking information from a single entity where you know
information resides) and Population Level Data (for quality measurement, risk analysis or other
analytics).
In the event of a data breach, for example, the Draft Trusted Exchange Framework proposes
requiring QHINs to notify the RCE within 15 days. Additionally, for security and identity proofing,
the Draft Trusted Exchange Framework requires a minimum of IAL2 and AAL2 Authentication,
with support for FAL2 or FAL3. For patients, providers and other entities can act as a “Trusted
Referee” to confirm a patient’s identity if documents from an Authoritative Source are not
available.
Draft USCDI
Finally, as part of the Draft Trusted Exchange Framework, ONC released the Draft U.S. Core
Data for Interoperability (USCDI), which is designed to establish a minimum set of data classes
that are required to be interoperable nationwide with the ability to expand in an iterative and
predictable way. QHINs will be required to support the latest version of the USCDI, and a new
version will be produced annually (with the first being USCDI v1). The initial USCDI data set
includes the Common Clinical Data Set (CCDS) with the addition of clinical notes and
provenance.
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 6 of 10

NASL IT Committee Agenda
Tab B
Draft USCDI Version 1 Data Classes
Patient name
Sex (birth sex)
Patient Date of Birth
Preferred Language
Race
Ethnicity
Smoking Status
Laboratory tests
Laboratory values/results
Vital signs
Problems
Medications
Medication Allergies
Health concerns
Care Team members
Assessment and plan of treatment
Immunizations
Procedures
Unique device identifier(s)
Goals
for a patient’s implantable device(s)
Provenance
Clinical Notes
Beyond USCDI v1, two other categories of data classes will be Candidate Data Classes, which
are being considered for inclusion in future USCDI versions, and Emerging Data Classes, where
stakeholders are working toward developing standardized data classes and setting technical
specifications. Data elements can remain in these classes over multiple years before being
accepted into the USCDI.
ONC – Key Areas of Focus
Here are a few of the specific areas of focus for which ONC is soliciting comment:
Confidential Unclassified Information
Entities interacting with federal agencies will have a responsibility for protecting
Confidential Unclassified Information, but the agencies cannot enter into contracts with
private entities requiring this protection. ONC is soliciting feedback on how protecting
this information can be required.
RCE Criteria
ONC is seeking feedback on the criteria for selecting the RCE. ONC is seeking HITAC
feedback on whether particular eligibility requirements should be considered in
developing the Cooperative Agreement for the RCE. Other criteria to consider include
things such as whether the entity should be a non-profit, have experience convening
stakeholders, be a health IT vendor or exchange and what level of neutrality the RCE’s
subsidiaries or business partners should have to the RCE’s work.
Authentication
Trust is key to this framework, and ONC is seeking feedback on how to authenticate
users across the system to ensure data is protected for providers and patients.
Prescription Drug Monitoring Programs
ONC is seeking comment on how the exchange of health information data in the Draft
Trusted Exchange Framework could support Prescription Drug Monitoring Programs
(PDMPs).
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 7 of 10

NASL IT Committee Agenda
Tab B
NASL – Key Areas of Focus
In addition to ONC’s areas of focus, NASL flags the following topics for your consideration:
Fees – The description of Principle 3 – Cooperation & Non-Discrimination – underscores
ONC’s interest in ensuring the free flow of health information, “even when a stakeholder
may be a business competitor.” In webinars and ONC’s presentation to the HIT Advisory
Committee (HITAC) on January 19, ONC leadership repeatedly point to Congress’ focus
to prevent information blocking. In that same discussion, ONC acknowledged there may
be some new market opportunities around the TEFCA, which is why ONC is seeking
specific feedback on this topic. The Draft Trusted Exchange Framework would allow, but
not require, QHINs to charge fees for “Reasonable Attributable Costs” related to its
services, including developing APIs and the Connectivity Broker, and employing legal
services for agreements. The Draft Trusted Exchange Framework does not specify what
the fees could be, or set a maximum, so long as the fees are uniformly charged to
entities accessing the QHIN. Are there existing norms with respect to fees for accessing
existing health information networks? Are fees absorbed as part of the software
development process or passed onto clients? Are there fee limits that should pertain
specifically to LTPAC, behavioral health or other non-incentivized providers?
RCE (Oversight Entity) Criteria – Also see ONC’s request for comment listed above.
How should the RCE be selected? Should the RCE be a non-profit, a health IT vendor or
some other type of organization? Are there concerns regarding existing business
partnerships for an entity seeking to be the RCE?
Data Set – How does the proposed USCDI process for adding new categories of data
interact with industry? Will this process work like the NQF Measures Under
Consideration (MUC) list? How will information be solicited?
How Existing Entities Will Interact – How will the TEFCA relate to, replace or
supplement existing exchange networks (HIEs, CommonWell, Carequality, etc.)? How
will state-specific requirements be addressed?
Business Considerations – During ONC’s presentations to date, several questions
have been raised regarding what services an HIN or QHIN may be able to offer such as
data aggregation. Others have questioned whether implementation of TEFCA will mean
existing business/software contracts will have to be reviewed and/or renegotiated.
Clearly, implementation of a new federal floor for health information exchange will create
both new opportunities and costs. Are there any particular provisions or definitions that
NASL should consider in our review and comment on the Draft Trusted Exchange
Framework & Common Agreement?
Certification – ONC has noted that TEFCA is voluntary at this point. How will TEFCA
relate to ONC’s Certification Program moving forward?
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 8 of 10

NASL IT Committee Agenda
Tab B
NASL TEFCA Review Schedule
As you consider what questions or concerns you have in response to the Draft Trusted
Exchange Framework, including both ONC’s and NASL’s areas for focus, consider the following
recommendations to best support NASL’s commenting process:
• Please be specific with the section of the Draft Trusted Exchange Framework with which
you have concerns, citing the specific page number, paragraph or section;
• Please share any broad questions or themes where you have concerns, or any places
where clarification is needed;
• Specific recommendations for how concerns could be addressed, or text of the Draft
Trusted Exchange Framework changed, are very helpful.
Here is the schedule for NASL IT Committee review/comment:
• Thursday, January 25 at 2PM EST – Initial discussion of key points by IT Committee
• Tuesday afternoon, February 6 – Presentation on TEFCA and review of NASL’s
DRAFT comments during the face-to-face meeting of the NASL IT Committee during
NASL’s Winter Conference in Washington, DC
• February 12 or 13 – Possible webinar with ONC staff
• Thursday, February 15 at 2PM EST – NASL will send out revised comments after the
Winter Conference for review during our regular IT Committee meeting time slot on
Thursday, February 15.
• Tuesday, February 20 – Final comments are due to ONC.
Resources
• Draft Trusted Exchange Framework
• Draft U.S. Core Data for Interoperability (USCDI) & Proposed Expansion Process
• A User’s Guide to Understanding the Draft Trusted Exchange Framework
• HHS Press Release on Draft Trusted Exchange Framework
• Health IT Buzz Blog Post
• Draft Trusted Exchange Framework Highlights for:
Consumers
Providers
Payers
• HITAC TEFCA Task Forces
ONC’s new Health Information Technology Advisory Committee (HITAC) has set up two
task forces, which will make recommendations relevant to TEFCA.
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 9 of 10

NASL IT Committee Agenda
Tab B
HITAC’s Trusted Exchange Framework Task Force will develop and advance
recommendations regarding the Minimum Required Terms and Conditions, selection of the
RCE, clarifying eligibility requirements for the Qualified HINs (QHINs), clarifications around
the six permitted purposes and privacy and security standards regarding identity proofing
and authentication.
HITAC’s S. Core Data for Interoperability Task Force will review and provide feedback on
U.S. Core Data for Interoperability (USCDI) structure and process, including data class
priorities, how USCDI would be expanded and any factors regarding the frequency with
which USCDI would be published.
View ONC’s presentation for HITAC on TEFCA from January 19, 2018.
###
NASL Summary & Analysis
ONC’s Draft TEFCA
Page 10 of 10

Key Areas of Focus for NASL Discussion
NASL IT Committee Agenda
Tab C
ONC’s Proposed Trusted Exchange Framework & Common Agreement (TEFCA)
and Draft US Core Data for Interoperability (USCDI)
ONC – Key Areas of Focus for which ONC is soliciting comment
• Confidential Unclassified Information
Entities interacting with federal agencies will have a responsibility for protecting
Confidential Unclassified Information, but the agencies cannot enter into contracts
with private entities requiring this protection. ONC is soliciting feedback on how
protecting this information can be required.
• RCE Criteria
ONC is seeking feedback on the criteria for selecting the RCE. ONC is seeking
HITAC feedback on whether particular eligibility requirements should be considered
in developing the Cooperative Agreement for the RCE. Other criteria to consider
include things such as whether the entity should be a non-profit, have experience
convening stakeholders, be a health IT vendor or exchange and what level of
neutrality the RCE’s subsidiaries or business partners should have to the RCE’s
work.
• Authentication
Trust is key to this framework, and ONC is seeking feedback on how to authenticate
users across the system to ensure data is protected for providers and patients.
• Prescription Drug Monitoring Programs
ONC is seeking comment on how the exchange of health information data in the
Draft Trusted Exchange Framework could support Prescription Drug Monitoring
Programs (PDMPs).
Additional Areas of Focus Identified by NASL
• Fees – The description of Principle 3 – Cooperation & Non-Discrimination –
underscores ONC’s interest in ensuring the free flow of health information, “even
when a stakeholder may be a business competitor.” In webinars and ONC’s
presentation to the HIT Advisory Committee (HITAC) on January 19, ONC
leadership repeatedly point to Congress’ focus to prevent information blocking. In
that same discussion, ONC acknowledged there may be some new market
opportunities around the TEFCA, which is why ONC is seeking specific feedback on
this topic. The Draft Trusted Exchange Framework would allow, but not require,
QHINs to charge fees for “Reasonable Attributable Costs” related to its services,
including developing APIs and the Connectivity Broker, and employing legal services
for agreements. The Draft Trusted Exchange Framework does not specify what the

NASL IT Committee Agenda
Tab C
fees could be, or set a maximum, so long as the fees are uniformly charged to
entities accessing the QHIN. Are there existing norms with respect to fees for
accessing existing health information networks? Are fees absorbed as part of the
software development process or passed onto clients? Are there fee limits that
should pertain specifically to LTPAC, behavioral health or other non-incentivized
providers?
• RCE (Oversight Entity) Criteria – Also see ONC’s request for comment listed
above. How should the RCE be selected? Should the RCE be a non-profit, a health
IT vendor or some other type of organization? Are there concerns regarding existing
business partnerships for an entity seeking to be the RCE?
• Data Set – How does the proposed USCDI process for adding new categories of
data interact with industry? Will this process work like the NQF Measures Under
Consideration (MUC) list? How will information be solicited?
• How Existing Entities Will Interact – How will the TEFCA relate to, replace or
supplement existing exchange networks (HIEs, CommonWell, Carequality, etc.)?
How will state-specific requirements be addressed?
• Business Considerations – During ONC’s presentations to date, several questions
have been raised regarding what services an HIN or QHIN may be able to offer such
as data aggregation. Others have questioned whether implementation of TEFCA will
mean existing business/software contracts will have to be reviewed and/or
renegotiated. Clearly, implementation of a new federal floor for health information
exchange will create both new opportunities and costs. Are there any particular
provisions or definitions that NASL should consider in our review and comment on
the Draft Trusted Exchange Framework & Common Agreement?
• Certification – ONC has noted that TEFCA is voluntary at this point. How will
TEFCA relate to ONC’s Certification Program moving forward?
Draft USCDI Version 1 Data Classes
Patient name
Sex (birth sex)
Patient Date of Birth
Preferred Language
Race
Ethnicity
Smoking Status
Laboratory tests
Laboratory values/results Vital signs
Problems
Medications
Medication Allergies
Health concerns
Care Team members
Assessment and plan of
treatment
Immunizations
Procedures
Unique device identifier(s) Goals
for a patient’s implantable
device(s)
Provenance
Clinical Notes