The Standard

The Official Blog of Health Level Seven® International

visit HL7.org 

TEFCA, Testing, and the Payer/Provider 10x10 Coalition, and Da Vinci’s Take on HTI-2

[fa icon="calendar'] Aug 23, 2024 9:00:40 AM / by Leslie Amorós posted in FHIR, Payers, Da Vinci, FHIR Accelerator, FHIR Implementation Guides, TEFCA, ASTP

[fa icon="comment"] 0 Comments

August 28 Webinar Features Recent Updates Direct from Federal Officials

Are you looking for guidance and insight as you plan for 2025? If so, plan to attend this month’s Health Level Seven (HL7®) Da Vinci Project Community Roundtable, which features special guests from the Assistant Secretary for Technology Policy (ASTP) office, formerly known as the Office of the National Coordinator for Health Information Technology (ONC). ASTP presenters will highlight why the Trusted Exchange Framework and Common AgreementTM (TEFCATM) is important and share recent updates to the program, including implementation, long term plans, education and outreach, and building trust.

In ASTP’s second segment, testing and adoption efforts will be discussed, covering TEFCA’s HL7 Fast Healthcare Interoperability Resources (FHIR®) Roadmap, and ASTP’s new TEFCA Payer/Provider 10x10 Coalition. ASTP will provide an overview of the 10x10 and discuss why providers and payers should participate. They will also discuss resources available and the interplay of the 10x10 with Da Vinci.  

The session concludes with the Da Vinci PMO sharing themes and perspectives from its membership on the Health Data, Technology, and Interoperability: Patient Engagement, Information Sharing, and Public Health Interoperability (HTI-2) proposed rule.

Read More [fa icon="long-arrow-right"]

FAST Security Now Part of TEFCA and HTI-2 Requirements

[fa icon="calendar'] Jul 17, 2024 1:33:09 PM / by FAST Project Management Team posted in FHIR, health IT policy, FHIR Accelerator, FAST, FHIR Implementation Guides, FHIR Community, TEFCA, FAST Security, HTI-2

[fa icon="comment"] 1 Comment

If you can’t think of a reason to pay attention to FAST's work, we have a couple for you! Recent requirements related to TEFCA (Trusted Exchange Framework and Common Agreement) and the latest HTI-2 proposed rule have named the FAST Security Implementation Guide (IG). This recognition underscores the importance and foundational nature of FAST's contributions to healthcare interoperability. 

On July 1st, the Recognized Coordinating Entity (RCE) released the Facilitated FHIR Implementation Standard Operating Procedure (SOP), outlining the requirements for using FHIR within the TEFCA framework. Notably, these requirements include adopting the FAST HL7 UDAP Security for Scalable Registration, Authentication, and Authorization FHIR Implementation Guide (SSRAA) by January 1, 2026. This timeline allows organizations to implement FAST Security while still using SMART or other security options in the interim. 

Specifically, the SOP states: 

Prior to January 1, 2026: 

  • All FHIR Adopters MAY follow the requirements of HL7 SSRAA FHIR IG 1.0.0 STU 1 US Section 3 Registration. 
  • Manual registration requests for client_id MUST be resolved within 5 business days where sufficient information has been provided. Information requirements MUST NOT exceed those in Section 3 of HL7 SSRAA FHIR IG and this SOP. 
  • All FHIR adopters MUST use one of the following: 
    • HL7 SSRAA FHIR IG 1.0.0 – STU 1 US Sections 4 and 5; 
    • SMART Release 1.0.0; or 
    • Another authentication and authorization framework that adheres to the QTF requirements is based on out-of-band agreements between exchange partners. 
Read More [fa icon="long-arrow-right"]

Recap of the May FAST Focus Webinar: Advancing Secure Health Data Exchange

[fa icon="calendar'] Jun 12, 2024 3:15:31 PM / by FAST Project Management Team posted in FHIR, FHIR Accelerator, FAST, FHIR Implementation Guides, FHIR Community, TEFCA, FAST Security

[fa icon="comment"] 0 Comments

In May 2024, the FAST Focus webinar, "Secure Health Data Exchange," brought together experts from across the healthcare industry to delve into the intricacies of the HL7 Unified Data Access Profiles (UDAP) Security for Scalable Registration, Authentication, and Authorization Implementation Guide, commonly referred to as the FAST Security IG. This session featured insights on key components and practical implementations of the FAST Security IG. 

Introduction to the FAST Security IG 

The session began with an explanation of the role of FAST in addressing healthcare interoperability challenges. The FAST Security IG aims to create a scalable, secure framework for health data exchange across national networks like TEFCA, Carequality, and CommonWell

 

The Journey to Trustworthy Information Exchange 

A historical perspective on the FAST Security IG highlighted its roots back to 2017. The goal was to leverage existing standards like public key infrastructure (PKI), OpenID Connect, and OAuth 2.0 to ensure a scalable, secure data exchange solution. The FAST Security IG integrates these standards into a cohesive framework, emphasizing the importance of trust in health data transactions. 

 

Key Components of the FAST Security IG 

The core elements of the FAST Security IG include: 

  • JWT-Based Authentication and Authorization: Utilizing JSON Web Tokens for secure assertions of claims from trusted third parties.
  • Dynamic Client Registration: Automating client registration using digital certificates to eliminate the need for shared secrets.
  • Tiered OAuth: Facilitating patient-facing workflows by directing patients to trusted identity providers for authentication.

This approach ensures that both clients and servers can be securely identified and authenticated, streamlining the registration process, and enhancing trust across the network. 

 

Real-World Implementations and Insights 

The panel discussion featured firsthand experiences from implementers of the FAST Security IG. The discussion emphasized the collaborative effort in refining the FAST Security IG and the importance of ongoing participation in workgroups to further enhance the specification. 

Open-source solutions to facilitate implementation were highlighted, including a .NET reference implementation and a diagnostic tool called UDAP Ed. These resources help developers visualize and test their implementations, accelerating the adoption of the FAST Security IG. 

The importance of identity assurance was underscored, advocating for a centralized, trusted entity to manage high-security registrations. The FAST Security IG's reliance on well-established standards makes it a robust and scalable solution for the healthcare industry. 

Read More [fa icon="long-arrow-right"]

Navigating Perceptions: Insights from the FHIR at Scale Taskforce (FAST) Community Survey

[fa icon="calendar'] May 2, 2024 11:58:16 AM / by FAST Project Management Team posted in FHIR, FAST, FHIR Implementation Guides, ONC FAST, FHIR Community, TEFCA, FAST Security, Digital Identity and Patient Matching IG, National Directory IG

[fa icon="comment"] 1 Comment

March 2024 marked a pivotal moment for the healthcare IT sector, with the FHIR at Scale Taskforce (FAST) community survey revealing critical insights into the adoption, challenges, and perspectives surrounding various FAST implementation guides (IGs). This survey, engaging various stakeholders from providers to technology vendors, sheds light on the collective journey towards seamless healthcare interoperability. Let's dive into the nuanced feedback and the path it carves for the future of healthcare IT. 

 

Survey Results Overview 

 

FAST Security IG Adoption and the Quest for Clarity   

The uptake of the HL7 FAST UDAP Security for Scalable Registration, Authentication, and Authorization Implementation Guide (FAST Security IG) is on the rise, driven by an evident market need.  A notable proportion of respondents are keen to implement the HL7 FAST Security IG, likely due to its inclusion in the TEFCA FHIR Roadmap. There were some concerns expressed about market readiness. However, respondents expressed a need for clearer guidance beyond the existing FAST Security IG, suggesting the development of a companion document to aid in implementation strategies would be helpful. 

 

FAST Identity IG: Overcoming Adoption Barriers   

While there seems to be adoption readiness for the Interoperable Digital Identity and Patient Matching IG, the survey highlights perceived barriers to adoption. These barriers were related to industry issues such as cross-jurisdiction consent and broader market acceptance and adoption by other industry initiatives rather than any issues with the IG itself. 

Read More [fa icon="long-arrow-right"]

Save the Date: Discover Secure Data Exchange in Our Upcoming FAST Focus Webinar

[fa icon="calendar'] Apr 30, 2024 9:20:22 AM / by FAST Project Management Team posted in FHIR, FAST, FHIR Implementation Guides, ONC FAST, FHIR Community, TEFCA, webinar, FAST Security

[fa icon="comment"] 3 Comments

Read More [fa icon="long-arrow-right"]

HL7® Applauds ONC's Move to Embrace HL7® FHIR® for Nationwide Health Information Exchange

[fa icon="calendar'] Apr 26, 2024 8:53:27 AM / by HL7 posted in FHIR, health IT policy, interoperability, ONC, TEFCA, Common Agreement 2.0

[fa icon="comment"] 1 Comment

HL7 applauds the U.S. Department of Health and Human Services’ (HHS) Office of the National Coordinator for Health Information Technology (ONC) for its April 22, 2024 Common Agreement Version 2.0 release, which announced the requirement for health information networks participating in the Trusted Exchange Framework and Common Agreement (TEFCA) to support the HL7 Fast Healthcare Interoperability Resources (FHIR®) standard.

Read More [fa icon="long-arrow-right"]

Demystifying the Implementation of the FAST Security FHIR® IG: A Closer Look

[fa icon="calendar'] Apr 24, 2024 4:41:44 PM / by FAST Project Management Team posted in OAuth2, FAST, FHIR Connectathon, FHIR Implementation Guides, ONC FAST, FHIR API, TEFCA, FAST Security

[fa icon="comment"] 1 Comment

The HL7 FHIR at Scale Taskforce (FAST) UDAP Security for Scalable Registration, Authentication and Authorization Implementation Guide (FAST Security IG) was designed to streamline and secure data exchange across different healthcare stakeholders. This blog post seeks to dispel common misconceptions about the complexity of implementing the FAST Security IG. 

Read More [fa icon="long-arrow-right"]

Unpacking FHIR's Vital Role in Healthcare Interoperability & TEFCA: Insights from FAST on HIMSSTV

[fa icon="calendar'] Oct 25, 2023 5:40:47 PM / by FAST Project Management Team posted in FHIR, interoperability, FHIR Accelerator, FAST, TEFCA

[fa icon="comment"] 1 Comment

In a recent episode of HIMSSTV, two healthcare interoperability visionaries, Deepak Sadagopan and Duncan Weatherston, took the virtual stage to share their expert insights on the critical FHIR pathway within the Trusted Exchange Framework and Common Agreement (TEFCA) model. This captivating discussion was led by the co-chairs of the HL7 FHIR at Scale Taskforce (FAST), and it shed light on the transformative potential of FHIR in shaping the future of healthcare data exchange. 

Meet the FAST Community 

Before we dive into the interview, let's take a moment to acquaint ourselves with the remarkable work being done by the FAST community. The HL7 FHIR at Scale Taskforce is a dedicated group committed to identifying scalability challenges and defining solutions to overcome the barriers to broad FHIR adoption. FAST is addressing key areas like Security for Scalable Registration, Authorization, and Authentication and Interoperable Digital Identity and Patient Matching. The FAST community’s list of projects can be found on the FAST Confluence Project Page. An upcoming project on Consent is set to kick off soon, promising exciting prospects for healthcare data sharing. To get involved, reach out to fast@hl7.org. 

Read More [fa icon="long-arrow-right"]

Lists by Topic

see all

Posts by Topic

see all