On January 5, 2018, the Office of the National Coordinator for Health Information Technology released the “Draft Trusted Exchange Framework.” Per ONC’s  website, the framework:

outlines a common set of principles for trusted exchange and minimum terms and conditions for trusted exchange. This is designed to bridge the gap between providers’ and patients’ information systems and enable interoperability across disparate health information networks (HINs).

The framework was a response to Congress.

In the 21st Century Cures Act (Cures Act), Congress identified the importance of interoperability and set out a path for the interoperable exchange of Electronic Health Information. Specifically, Congress directed ONC to “develop or support a trusted exchange framework, including a common agreement among health information networks nationally

Marianne Kolbasuk McGee at www.healthcareinfosecurity.com provides a good analysis here, including  security components that go beyond HIPAA requirements. I will review the draft proposal and provide comments.

The Takeways

1. Review draft trust exchange framework, provide feedback to the ONC and alert your partners in compliance, legal, privacy and InfoSec GRC about this new framework.