- DirectTrust President and CEO David Kibbe, MD, recently requested ONC include mention of the Direct or push model of health data exchange in the Trusted Exchange Framework and Common Agreement (TEFCA).
The request came as part of Kibbe’s comments to inform the federal agency about potential changes to improve the current TEFCA draft in future iterations. The public comment period for the draft ended February 20.
In his comments, the head of DirectTrust questioned ONC’s decision to omit mention of the push model of health data exchange and instead only focus on pull model of query exchange. Direct exchange gives providers the ability to send and receive secure information electronically between providers, while query-based exchange allows providers to search, find, and request information about patients from providers.
“We applaud the intent of this framework and common agreement to further advance the interoperable exchange of electronic health information,” wrote Kibbe. “However, the omission from the documents of the importance of the Direct interoperable ‘push’ model implies that ‘query’ for a patient’s medical information is all that is needed to achieve the interoperability goals of the 21st Century Cures Act.”
Kibbe argued that both methods are needed to achieve true interoperability. Furthermore, he emphasized the importance of mentioning Direct exchange as the DirectTrust community is an example of a single, nationwide on-ramp to interoperability similar to what healthcare stakeholders hope to achieve through TEFCA.
Kibbe pointed to the following use cases as examples of instances when securely pushing EHR data via Direct is necessary:
These and other use cases require bi-directional communications including both pull and push models of health data exchange, Kibbe stated.
“Health care providers need and deserve a combination of electronic ‘push’ interoperability with ‘query’ technology to provide the full gamut of interoperation of clinical information systems,” wrote Kibbe.
While ONC has stated the push method of health data exchange has not been included as part of TEFCA because it has already been proven a successful method of data sharing, Kibbe argues ONC may have unintentionally suggested only query-based health data exchange is worthy of promotion.
“Features and functions to support easy use of Direct messaging for providers ought to remain a high priority for support by ONC,” said Kibbe. “We believe this is an unwarranted oversight on the part of ONC, and one that we hope will be corrected.”
In addition to advocating for mention of the push model of health data exchange, Kibbe also praised TEFCA’s approach to identity management.
“The TEFCA rules appropriately raise awareness of the importance of certificate-based identity management and assurance,” wrote Kibbe.
“DirectTrust has developed an effective and sustainable Public Key Infrastructure (PKI) to achieve efficient identity proofing along with essential support services for interoperability such as trust anchor bundles for trusted certificates and accreditation programs, to enable scalable distribution of trust throughout the health care industry,” he continued.
DirectTrust is willing to work with ONC and the chosen Recognized Coordinating Entity (RCE) to ensure qualified health information networks (QHINs) outlined in TEFCA can use a scalable DirectTrust PKI.
Kibbe also offered general insights from DirectTrust members. Overall, DirectTrust members expressed concern about the administrative burden that may accompany TEFCA’s lofty goals.
“There is a general concern about the high ambition, required scale, and top-down characteristics of the plans for TEFCA as currently laid out by ONC, which to some appear as ‘over-reaching,’” wrote Kibbe.
“While none of our members have expressed disagreement with the laudable overall goals of the Common Agreement, there is significant doubt about the ability of the industry to accommodate the new administrative burdens, find funding to comply with new requirements for “on ramp” exchange technology, and to manage new privacy mandates across the range of permitted uses, in the time frames anticipated,” he continued.
Furthermore, DirectTrust members questioned ONC’s ability to carry out the framework and common agreement to completion over several years given likely budget and staffing cuts.
Members also voiced specific concerns about the complexities of query-based exchange, permitted uses, the cost of changing participation agreements at local levels, non-discrimination and privacy policies, business model issues, and the process for updating the common agreement.
Ultimately, Kibbe and other DirectTrust members recommended ONC allow stakeholders additional time to submit public comments. Specifically, DirectTrust suggested stakeholders be given an opportunity to comment after information blocking regulations are released later this year, as well as after the publication of the revised Common Agreement.
“At such time, ONC should open an additional comment period so the community can react to the revised provisions,” concluded Kibbe.