Healthcare Interoperability
Healthcare interoperability is the ability of different health information systems, devices, and applications to access, exchange, integrate, and cooperatively use data in a coordinated manner. In the United States, interoperability requirements are driven by federal regulations, particularly the 21st Century Cures Act and the rules promulgated by the Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS).
Standards Landscape
The healthcare interoperability ecosystem comprises multiple standards, each addressing different aspects of data exchange. Understanding which standard applies to which use case is essential for implementation planning.
| Standard | Primary Use | Format | Status |
|---|---|---|---|
| HL7 FHIR R4 | Modern API-based clinical data exchange | JSON / XML / RDF | ONC required (US Core) |
| HL7 v2.x | Hospital system interfaces (ADT, orders, results) | Pipe-delimited text | Widely deployed, mature |
| C-CDA (HL7 CDA R2) | Clinical document exchange (discharge summaries, referrals) | XML | Required for Meaningful Use |
| DICOM | Medical imaging storage and transfer | Binary / DICOM JSON | Universal in imaging |
| NCPDP SCRIPT | Electronic prescribing | XML | Required for e-prescribing |
| X12 (ASC X12N) | Administrative transactions (claims, eligibility, authorizations) | EDI | HIPAA mandated |
| Direct Messaging | Secure point-to-point clinical messaging | S/MIME over SMTP | ONC certified |
| IHE Profiles | Cross-enterprise workflows built on FHIR, CDA, DICOM | Multiple | Implementation guidance |
21st Century Cures Act
The 21st Century Cures Act (Public Law 114-255), signed into law on December 13, 2016, includes significant provisions for health IT interoperability. Title IV of the Act addresses health information technology and specifically targets information blocking, patient access, and the use of open APIs for health data exchange.
Key Provisions
- Defines and prohibits information blocking by health IT developers, health information networks, and health information exchanges
- Requires HHS to adopt standards for APIs that enable patient access to their electronic health information
- Establishes conditions and maintenance of certification requirements for health IT developers
- Authorizes the Trusted Exchange Framework and Common Agreement (TEFCA)
- Defines Electronic Health Information (EHI) as information in designated record sets per HIPAA, plus other information identified by the Secretary
ONC Cures Act Final Rule
Published on May 1, 2020 (85 FR 25642), the ONC 21st Century Cures Act Final Rule implements many of the Cures Act requirements. The rule establishes requirements for certified health IT, defines information blocking, and adopts standards and implementation specifications.
| Requirement | Standard / Specification | Notes |
|---|---|---|
| Standardized API for patient services | HL7 FHIR R4, US Core IG, SMART App Launch | Patients can access their EHI via third-party apps |
| Clinical data content | USCDI (US Core Data for Interoperability) | Defines minimum data classes and elements for exchange |
| Clinical document exchange | C-CDA R2.1 | Consolidated Clinical Document Architecture |
| Vocabulary standards | SNOMED CT, LOINC, RxNorm, ICD-10-CM, CPT, CVX | Required code systems for structured data |
| Transport | Direct Messaging (v1.1), FHIR HTTP REST | Secure transport mechanisms for health data |
| Patient identity | HL7 FHIR R4 Patient resource | Demographics-based matching in absence of national patient ID |
TEFCA
The Trusted Exchange Framework and Common Agreement (TEFCA), authorized by the Cures Act, establishes a universal floor for interoperability across the US. ONC designated the Sequoia Project as the Recognized Coordinating Entity (RCE) to develop, implement, and maintain TEFCA.
TEFCA Components
- Common Agreement -- The legal framework and technical requirements that Qualified Health Information Networks (QHINs) must follow
- QHINs -- Qualified Health Information Networks that have signed the Common Agreement and meet technical, security, and privacy requirements
- Exchange Purposes -- Defined purposes for which exchange can occur: Treatment, Payment, Health Care Operations, Public Health, Government Benefits Determination, Individual Access Services
- QHIN Technical Framework (QTF) -- Technical specifications for QHIN-to-QHIN exchange, including message formats, security, and trust requirements
- Standard Operating Procedures (SOPs) -- Detailed operational procedures for specific exchange workflows
Information Blocking
The Cures Act defines information blocking as practices that are likely to interfere with, prevent, or materially discourage access, exchange, or use of electronic health information (EHI). The information blocking provisions apply to three categories of actors: health care providers, health IT developers of certified health IT, and health information networks and health information exchanges.
| Exception | CFR Reference | Description |
|---|---|---|
| Preventing Harm | 45 CFR 171.201 | Practices reasonably necessary to prevent harm to a patient or other person, if applied consistently and not broader than necessary |
| Privacy | 45 CFR 171.202 | Practices that protect patient privacy, if the practice is required by law, the patient has not consented, or other qualifying conditions |
| Security | 45 CFR 171.203 | Practices directly related to safeguarding EHI, if tailored to specific security risks and implemented consistently |
| Infeasibility | 45 CFR 171.204 | Practices where compliance is infeasible due to uncontrollable events, technical limitations, or segmentation challenges |
| Health IT Performance | 45 CFR 171.205 | Practices to maintain or ensure health IT performance, if applied consistently and for a limited time |
| Content and Manner | 45 CFR 171.301 | Limiting content or manner of access/exchange if alternate means are offered and response is timely |
| Fees | 45 CFR 171.302 | Charging fees that are reasonably related to costs, not based on competitive factors, and not tied to exchange direction |
| Licensing | 45 CFR 171.303 | Licensing terms that are reasonable, non-discriminatory, and allow for interoperability |
USCDI (US Core Data for Interoperability)
USCDI defines the minimum set of data classes and data elements that are required for nationwide interoperable health information exchange. ONC publishes updated versions of USCDI through a public process. USCDI v1 was adopted in the Cures Act Final Rule; subsequent versions (v2, v3, v4) add additional data classes.
| Data Class | Data Elements (examples) | Since |
|---|---|---|
| Patient Demographics | Name, Date of Birth, Sex, Race, Ethnicity, Address, Phone, Email | v1 |
| Allergies and Intolerances | Substance (RxNorm/SNOMED), Reaction, Severity | v1 |
| Medications | Medication name (RxNorm), Dosage, Route, Frequency, Fill status | v1 |
| Problems | Condition (SNOMED CT/ICD-10-CM), Date of diagnosis, Status | v1 |
| Procedures | Procedure (SNOMED CT/CPT/ICD-10-PCS), Date, Reason | v1 |
| Laboratory | Test (LOINC), Result, Units (UCUM), Reference range, Date | v1 |
| Vital Signs | BP, Heart rate, Respiratory rate, Temperature, Height, Weight, BMI, SpO2 | v1 |
| Clinical Notes | Consultation, Discharge summary, History & Physical, Progress, Procedure notes | v1 |
| Health Concerns | SDOH data, Functional status, Disability status, Mental health | v2 |
| Goals | Patient goals, SDOH goals | v2 |
| Diagnostic Imaging | Imaging study (DICOM), Reports | v3 |
Regulatory Sources
The ONC Cures Act Final Rule is published at 85 FR 25642. The information blocking regulations are codified at 45 CFR Part 171. TEFCA materials are maintained by the Sequoia Project at rce.sequoiaproject.org. USCDI versions and the public comment process are available at healthit.gov/uscdi. CMS interoperability rules (CMS-9115-F, CMS-9123-F) cover payer-to-payer exchange and patient access APIs.