New TEFCA Rule Finalizes Updates Amid Ongoing AI Certification Questions
The U.S. Department of Health and Human Services (HHS) has announced the first installment of the Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) rule. This update, effective January 15, 2025, formalizes enhancements to the Trusted Exchange Framework and Common Agreement (TEFCA) while simultaneously addressing some administrative corrections. However, lingering uncertainties about the certification of artificial intelligence (AI) enhancements remain unaddressed, prompting industry stakeholders to voice their concerns.
Understanding the Significance
In a recent publication, HHS revealed that it received 270 comments on various proposals outlined in the proposed HTI-2 draft. Despite this extensive feedback, HHS has chosen to focus on a narrower set of proposals for this update, which underscores the complexity and challenges of implementing such sweeping changes in the health IT landscape.
Key Updates and Responses
The Assistant Secretary for Technology Policy and the Office of the National Coordinator for Health Information Technology (ONC) summarized responses to key comments, particularly those surrounding information blocking exceptions related to TEFCA. Significant administrative updates were made to the Health IT Certification Program during this process.
Among these updates are clarifications to security tagging provisions for Consolidated-Clinical Document Architecture (C-CDA) documents, which had previously been allowed but became expired. These amendments aim to fortify the TEFCA’s infrastructure, ensuring better data sharing and interoperability across healthcare platforms.
Pillars of TEFCA
Leigh Burchell, the current vice-chair and incoming chair of the Electronic Health Records Association Executive Committee, emphasized that this first part of the HTI-2 rule aims to "solidify pillars" of TEFCA, thereby shaping a legacy for outgoing leadership. This sentiment reflects a broader industry desire for continuity and clarity in health IT regulations.
Essential Privacy Updates
In addition to operational updates, the new rule corrects an oversight from the HTI-1 Final Rule, which had previously lacked specified privacy and security requirements for algorithmic-based clinical decision support (CDS) tools. HHS acknowledged that the failure to propose these necessary regulations was an oversight, and it urges compliance with these newly established standards, enhancing patient safety and data integrity.
Future Certainty on Insights Measures
HHS also mentioned that discussions around the Insights Measures—a crucial component for obtaining HHS certification of health IT modules—are still ongoing. These insights are vital for understanding the usage of certified health IT in clinical care delivery. Stakeholders remain anxious, as the uncertainty surrounding finalized measurements poses challenges as the January 1, 2026 start date approaches.
Ongoing Industry Concerns
As the health IT landscape continues to evolve, developers have voiced concerns about the workload required for AI transparency compliance. Tight timelines and unspecified regulatory requirements from the HTI-1 rule have created an atmosphere of uncertainty.
Burchell reiterated that the current framework for Insights Measures might yield data of little practical benefit, reflecting broader concerns about how these measures will be enacted. "As we inch closer to the January 1, 2026, start date, the uncertainty of finalized measurements creates challenges," he stated.
The American Hospital Association Weighs In
The American Hospital Association (AHA) has also expressed concerns regarding the proposed rule, describing burdensome encryption requirements and tight timelines that could hinder progress toward interoperability across healthcare systems. Such apprehensions highlight the ongoing struggle within the industry to balance regulatory compliance with practical implementation.
The Path Ahead
Looking forward, Burchell anticipates that remaining components of the HTI-2 proposed rule could be split into multiple future final rules. There is an urgent call from various stakeholders, including the Electronic Health Records Association, for ONC to focus on critical technical corrections pertinent to health IT vendors, particularly concerning the problematic Insights Measures.
Conclusion
As the landscape of healthcare data continues to shift, the updates to the Trusted Exchange Framework and associated rules mark significant progress toward better interoperability and patient engagement. However, as the industry grapples with AI certification and the implications of Insights Measures, the need for clarity and practical guidance remains pressing. The forthcoming final rules will undoubtedly be pivotal in shaping the future of health information technology and ensuring that all parties can navigate the complexities ahead effectively.
