Electronic Health Information Exchange Governance Framework Released

Last year, ONC issued a Request for Information (RFI) to gather public input on a potential regulatory approach that would have spelled out “conditions for trusted exchange” (safeguards, technical, and business practice) through rulemaking, and establish a voluntary accreditation and certification process for validating organizations as being legitimate participants in the Nationwide Health Information Network (NwHIN).

We started with an RFI because we recognized that the health information exchange marketplace is still in its infancy, and we wanted to get broad input before issuing a proposed rule.

How ONC is Promoting Health Information Exchange Governance

Based on what we heard, I noted in a blog from last September that we decided not to continue with the formal rulemaking process and instead implement an approach that provides a means for defining and implementing nationwide trusted exchange with higher agility, and lower likelihood of regret. And, in a December 2012 blog, I explained in greater detail some of the activities ONC intended to take on to promote good governing practices within and across communities.

Since that blog ONC has been actively listening to and collaborating with stakeholders through:

Governance Framework for Trusted Electronic Health Information Exchange

Today, I’m pleased to announce that ONC has just released the “Governance Framework for Trusted Electronic Health Information Exchange.” We were told in comments that ONC needs to establish a policy framework for private actors to align with.  The Governance Framework reflects what matters most to ONC when it comes to national health information exchange governance and the principles in which ONC believes.  We’ve published this framework to provide a common foundation for all types of governance models. Entities that set health information exchange policy should look to the Governance Framework’s principles as a way to align their work with national priorities.  It is critical that we are all working from a similar understanding of the expectations for nationwide electronic health information exchange.  This Framework is an important step to set that direction.

Governance Framework Principles

As we continue to work with all of you on this issue, expect us to follow the four key categories of principles discussed in the Governance Framework and to ask you how you’re addressing them:

  1. Trust Principles: Guide health information exchange governance entities on patient privacy, meaningful choice, and data management in health information exchange;
  2. Business Principles: Focus on responsible financial and operational policies for governance entities, with emphasis on transparency and health information exchange with the patients best interests in mind;
  3. Technical Principles: Express priorities for the use of standards in order to support the Trust and Business Principles as well as furthering the execution of interoperability; and
  4. Organizational Principles: Identify generally applicable approaches for good self-governance.

Next Steps

Finally, I want to emphasize that we intend for the Governance Framework to be a living document. As we learn with you, we will consider updating these principles over time to reflect policy changes, technological maturity, and market innovations, as necessary.

We look forward to discussing the Governance Framework with all stakeholders.


  1. Terry Martine says:

    The database contains a lot of confidential information. I hope they take the time to implement safeguards.

  2. Julia M. says:

    I believe it’s a good gesture and an be helpful for accessing information through internet. No doubt, a patient overwhelmingly experiences positive benefits when they have online access to their electronic health records. But it works only implemented in a proper way. So lets hope for the best.

  3. Craig says:

    This is definitely good news. With the Governance Framework, people nationwide can now be sure that the information they get is reliable. It is about time that this becomes a living document.

  4. DIY testkits.com says:

    HIE refers to the process of reliable and interoperable electronic health-related information sharing conducted in a manner that protects the confidentiality, privacy, and security of the information. The development of widespread HIEs is quickly becoming a reality

  5. Jay Klepacs says:

    This is really good news. If I can access my health records online, it will save time and money. I really hope this becomes more mainstream, everywhere, across the globe as they become more aware of its potential success.

  6. Todd V says:

    When will the US move toward a universal patient identifier to make exchange of PHI a simpler and more trustworthy process? Relying on disparate HIEs to develop MPIs to try and positively identify a patient doesn’t make any sense. This aspect of the original HIPAA legislation needs to be revisited with renewed enthusiasm and vigor to lay the necessary infrastructure for a nation-wide (or even regional, to be honest) approach to healthcare data exchange is feasible.

  7. Marcus Web says:

    Nice and interesting post. I like the electronic health because we will know how healthy we are in just few seconds. That’s very useful for all of us.

  8. Brian Ahier says:

    DirectTrust and the Interoperability Workgroup are paving the way for scalable health data exchange. Thanks for listening to the community and partnering with the private market in governance.

  9. Gabe says:

    Excellent Post! I think the governance framework principles will improve our Health IT. Thanks for sharing!

Leave a ReplyComment Policy