NwHIN Trust Framework Involves Establishing Another Accreditation Regime

On May 15 the Office of the National Coordinator published a Request for Information (RFI) on governance of the nationwide health information network (NwHIN). At their May 24 meeting, Health IT Standards Committee members debated some of the fine points involved in setting up another accreditation and validation system to make trusted exchange of health data easier. If ONC’s basic framework is adopted, CIOs may have to add at least two new acronyms to their vocabulary: CTE (Conditions for Trusted Exchange) and NVE (NwHIN-Validated Entity).

Farzad Mostashari, M.D.

Farzad Mostashari, M.D., national coordinator for health IT, kicked off the meeting by noting that it is critical to move from information exchange trust that is established at great expense and point to point between organizations to a more scalable approach where once conditions are met, healthcare organizations can be assured the exchange just works. “This is not a theoretical exercise,” he said, adding that for meaningful use Stage 2 to work, this framework has to be in place. The challenge, he said, is to take interoperability from merely possible to making it easy and scalable.

Steven Posnack, director of the federal policy division of ONC, explained why the governance mechanism is deemed necessary. He said healthcare organizations need a common set of rules to create a consistent trust baseline. Without national rules, state and regional consortia might create potentially conflicting governance approaches to HIE.

The 16 Conditions for Trusted Exchange (CTEs) proposed in the RFI focus on safeguards, interoperability technical standards, and business practices. For instance, one proposed business practice CTE is that “an NVE must send and receive any planned electronic exchange message from another NVE without imposing financial preconditions on any other NVE.”

These NVEs are usually third-party intermediaries that are currently called health information service providers (HISPs). One example is Fishkill, N.Y.-based MedAllies, which has engaged clinicians throughout the Hudson Valley and their disparate EHR vendor partners to create a Direct project that pushes clinical information across EHR systems to support care coordination and transitions of care.

ONC proposes following the validation model it has established for meaningful use—that is, organizations that want to be NVEs would go through a process of testing and certification of products or technology as well as an accreditation of their privacy safeguards and business practices. ONC would select an accreditation body to accredit validation bodies, which would be authorized to validate CTE compliance. [The American National Standards Institute (ANSI) plays that role in accrediting EHR certification bodies today, Posnak noted.]

“It may seem byzantine to have all these layers,” Mostashari told committee members. “But we are assured and encouraged by own experience that separating the accrediting bodies and validating bodies makes sense.”

John Halamka, M.D.

John Halamka, M.D., CIO of Harvard Medical School and vice chair of the Standards Committee, said the establishment of an ecosystem of NVEs has the potential to reduce the cost of interoperability from many thousands to perhaps only a few hundred dollars. “Healthcare organizations would be able to stop working on these one-off agreements before they trust each other to share data,” he said. “It would be plug and play instead of plug and pray.”

The public has until June 15 to comment on the proposal.

The June 6 Health IT Policy Committee Meeting will include discussions on ONC's Request for Information on Governance for the Nationwide Health Information Network.