Difference between revisions of "TEFCA"
m (→Problems) |
(→Context) |
||
| Line 4: | Line 4: | ||
==Context== | ==Context== | ||
The context of an [[FHIR]] interaction is the transfer of [[PHI]] although other transaction could occur of the interchange so established. | The context of an [[FHIR]] interaction is the transfer of [[PHI]] although other transaction could occur of the interchange so established. | ||
| + | |||
| + | The Draft Trusted Exchange Framework is intended to enable Health Information Networks (HINs) to | ||
| + | securely exchange electronic health information with each other to support a wide range of | ||
| + | stakeholders. The draft Trusted Exchange Framework sets up an ecosystem wherein Qualified HINs | ||
| + | connect to each other to support the use case of broadcast and directed query for treatment, payment, | ||
| + | operations, individual access, public health, and benefits determination purposes. To enable the | ||
| + | broadest set of use cases, Qualified HINs and their participants are required to be able to exchange the | ||
| + | USCDI when such data is available (i.e. if a participant or Qualified HIN does not capture or have access | ||
| + | to a specific data class, they are not expected to be able to exchange that data class). By requiring | ||
| + | Qualified HINs and their Participants to be capable of exchanging the USCDI, the Trusted Exchange | ||
| + | Framework will, over time, be able to support the Cures Act requirement of all electronic health | ||
| + | information from a patient’s record being available. | ||
==Problems== | ==Problems== | ||
Revision as of 14:17, 14 September 2018
Full Title or Meme
Trusted Exchange Framework and Common Agreement (TEFCA)
Context
The context of an FHIR interaction is the transfer of PHI although other transaction could occur of the interchange so established.
The Draft Trusted Exchange Framework is intended to enable Health Information Networks (HINs) to securely exchange electronic health information with each other to support a wide range of stakeholders. The draft Trusted Exchange Framework sets up an ecosystem wherein Qualified HINs connect to each other to support the use case of broadcast and directed query for treatment, payment, operations, individual access, public health, and benefits determination purposes. To enable the broadest set of use cases, Qualified HINs and their participants are required to be able to exchange the USCDI when such data is available (i.e. if a participant or Qualified HIN does not capture or have access to a specific data class, they are not expected to be able to exchange that data class). By requiring Qualified HINs and their Participants to be capable of exchanging the USCDI, the Trusted Exchange Framework will, over time, be able to support the Cures Act requirement of all electronic health information from a patient’s record being available.
Problems
- FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.
- Privacy in FHIR is focused on the data access methods and encoding leveraging existing Security solutions. Security in FHIR needs to focus on the set of considerations required to ensure that data can be discovered, accessed, or altered only in accordance with expectations and policies.
Solutions
FHIR taken as a whole is designed to securely exchange PHI in a Privacy preserving manner.
References
- Trusted Exchange Framework and Common Agreement: A Common Sense Approach to Achieving Health Information Interoperability
- FHIR STU3 version of the Security and Privacy Module has a good overview of protection of health information.
