On Monday, the Sequoia Project released more details regarding the process and requirements for becoming a Qualified Health Information Network.

WHY IT MATTERS
As the ONC-designated recognized coordinating entity to support the implementation of the Trusted Exchange Framework and Common Agreement, the Sequoia Project has put together: detailed definitions, updated QHIN Security Requirements for the protection of TEFCA Information and a list of cybersecurity certifications under consideration.

The items being released for review include Draft QHIN Onboarding and Designation Standard Operating Procedure, including requirements and criteria for becoming a QHIN, the process that will be used to evaluate applicants, and the required testing processes.

The Sequoia Project also put together a Draft QHIN Application that details the proposed application information, and specifies Draft Types of Entities That Can Be a Participant or Subparticipant in TEFCA SOP, which can help entities determine the entry point to the network of TEFCA-compliant QHINs that works for them.

The organization is requesting feedback on these items before the final documents are released. Stakeholder input is being sought through June 15. Learn more at the Sequoia Project website.

The Sequoia Project notes that the final QHIN Onboarding and Designation SOP Version 1 and the final QHIN Application Version 1, both expected in late summer, may differ from the drafts released today, depending on feedback received.

"Since TEFCA's release on January 18, 2022, we've been entirely focused on hitting our promised timeline of potential live exchange before the year's end," said Mariann Yeager, chief executive officer of the Sequoia Project, in a statement. "We look forward to the thoughtful input of potential QHINs and other stakeholders to carefully consider these drafts. Remember that these documents are just that – drafts. We're not accepting application submissions at this time."

THE LARGER TREND
As the recognized coordinating entity for TEFCA, Sequoia also released the updated QHIN Security Requirements for the Protection of TEFCA Information (TI) SOP on its website and launched an online resource where it will maintain a list of cybersecurity certifications for QHINs.

Per the Common Agreement, QHINs must achieve and maintain third-party certification to an industry-recognized cybersecurity framework demonstrating compliance with all relevant security controls.

Prospective QHINs can access an initial list of cybersecurity certifications published on the RCE website to prepare for the application and potential onboarding process.

The Sequoia Project will be hosting a public webinar on Wednesday, May 25, from 3-5 p.m. ET, focused on the review of the draft QHIN Onboarding and Designation SOP and draft QHIN Application. Registration is now open here.

ON THE RECORD
"Throughout the TEFCA development process, we've sought to instill the principles of transparency and community engagement, which are core to the Sequoia Project's values," said Yeager. "The feedback we receive through our events, website and email has been invaluable as we operationalize TEFCA and finalize implementation resources. We look forward to another robust round of engagement regarding the QHIN Onboarding and Designation SOP and the QHIN Application this month."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com
Healthcare IT News is a HIMSS publication.