The Department of Health and Human Services (HHS) Assistant Secretary for Technology Policy (ASTP)/Office of the National Coordinator for Health Information Technology (ONC) issued two final rules this week: Health Data, Technology, and Interoperability: Trusted Exchange Framework and Common Agreement (TEFCA), referred to by the ASTP/ONC as HTI-2, and Health Data, Technology, and Interoperability: Protecting Care Access, referred to as HTI-3. The rules finalized policies proposed this summer that were previously referred to as HTI-2 [refer to Washington Highlights, July 12].
Together, these two rules finalized a subset of provisions of the HTI-2 proposed rule. HTI-2 focused specifically on TEFCA to provide greater transparency on the underlying processes that support reliability, privacy, security, and trust within the final rule to improve nationwide interoperability. HTI-3 focused on amendments to the information blocking rules, including revisions to the existing Privacy and Infeasibility Exceptions to information blocking and the creation of a new Protecting Care Access Exception. The Protecting Care Access Exception builds on the recent changes to the HIPAA Privacy Rule to support reproductive health care privacy [refer to Washington Highlights, Apr. 26]. HTI-2 will go into effect Jan. 15, 2025, while HTI-3 is effective immediately.