Beyond exchanging with eHealth Exchange’s 270+ health systems, federal agencies, providers and provider collaboratives, eHealth Exchange also provides Participants the optional ability to also exchange with Carequality’s 20+ networks (e.g. the AthenaNet network, the eClinicalWorks network, CommonWell and many other eHealth Exchange peer networks).
Carequality is a framework, a library of technical and policy agreements, plus a governing structure enabling independent health data networks to exchange patient data. Similar to how the telecommunications industry has a behind the scenes framework allowing Verizon mobile phone users to communicate with T-Mobile and AT&T users, Carequality provides the policies and governance enabling providers on the CommonWell network to exchange with providers on the AthenaNet, Epic CareEverywhere and eHealth Exchange networks.
Exchange via Carequality
- If your organization has not already done so, please email firstname.lastname@example.org to request Production directory entries.
- For additional information, see https://ehealthexchange.org/wp-content/uploads/2020/07/Carequality-Connectivity-Steps-for-Partcipants.pdf
2. Authorize a response to any and all Carequality directory listings for any Carequality use case (e.g. Query-Based Document Exchange) in which your organization exchanges.
- If you deny requests to organizations not on a list of permitted identifiers (HCIDs), then in order to accomplish this goal, you will need to integrate with eHealth Exchange HubAware Carequality directory via FHIR, once that directory is available circa mid-summer 2021.
- By consuming the HubAware Carequality directory, you will be able to authorize each entry in the directory by the HCID of the entry.
- In 2021 only, the eHealth Exchange will provide a Carequality directory listing in a tabular format (Excel spreadsheet). Your organization should authorize a response to all of the entries in this directory listing.
3. HIEs and similar non-providers must create sub-participant entries in the eHealth Exchange production directory that represent the providers and/or payers within your organization.
- Participants must populate the eHealth Exchange directory (which will in turn update the Carequality directory) with each of their locations that might be initiating/triggering a query and each of those locations must include a Home Community Identifier (HCID).
- Messages sent by HIEs must identify the entity that triggered the request using a home community ID (HCID or organization ID) for that entity instead of identifying the parent organization that joined the eHealth Exchange, unless the organization and triggering entity are actually one in the same.
- For example, a provider entity named “Springfield Medical Center” triggers a request so the request should be identified using the HCID of “Springfield Medical Center” and not the parent HIE organization named “Montana HIE”. In this scenario, “Montana HIE” is the parent organization that joined the eHealth Exchange and “Springfield Medical Center” is a provider that is a child of the parent organization. This is important as you can imagine for HIPAA auditing.
- There is no eHealth Exchange charge for these supplemental directory entries.
4. Adhere to the Carequality Connection Terms (https://carequality.org/resources)
- By not opting-out of exchange with Carequality, eHealth Exchange Operating Policy & Procedure 10 (section II, paragraph 3) binds your organization to adopt and flow-down the Carequality Connection Terms to be legally binding with your Participant Users.
Possible New Obligations
(required date unknown):
5. Maintain a test environment with an active certificate authority (CA) issued certificate.
- At least one synthetic patient with at least one synthetic CDA so the trusted Carequality community can test exchange with your organization at any time.
- More than one test patient is needed when one test patient is not sufficient to reasonably represent the data in your production environment.
Note: Separately, remember eHealth Exchange requires these non-production certificates be issued specifically by DirectTrust [or by Entrust as long as still permissible in 2021].
- Working through the eHealth Exchange, create new directory entries in the Carequality Stage directory (non-production) that reasonably mirrors your production setup.
- As with entries in the Carequality production directory, send an email to email@example.com to request new Stage directory entries.
7. HIE and similar participants (“Candidate Implementers” in the Carequality world) must complete a Carequality Application for Carequality Connections form.
The Carequality Application for Carequality Connections form is a survey designed to document the nature of your requests and responses for the Carequality community and how your share data with other organizations. For example:
- As an initiator, list the permitted purpose of uses and justification for each purpose of use. As a responder, which purpose of use values do you allow?
- Document external access to retrieved data
- Patient/consumer access to retrieve data
- What triggers your requests?
- How do you decide which Carequality organizations are targeted for requests?
- Patient selection approach – for example, patients targeted based on appointment check-in or ED arrival?
- Do your providers require additional terms and conditions to respond to requests? Do the terms and condition include any limitations to the purpose of use?