Comments on the QHIN Technical Framework as requested by The Sequoia Project in their role as the Recognized Coordinating Entity

Our response to “Should the QTF include QHIN Message Delivery? If you believe QHIN Message Delivery should be included, how should it be technically specified?”

From among the options offered, Option 2 – “Defer “QHIN Message Delivery” from QTF until a FHIR based solution is readily available” is our recommendation because unfortunately, there is not currently an option to utilize Direct Secure Messaging under TEFCA.

Direct is a part of the workflow of every certified EHR system.  The DirectTrust Network has carried billions of messages, and the growth in transaction volume and connected parties has continued to grow exponentially. If looking to require push messaging as part of TEFCA, it makes sense to leverage Direct as a proven and thriving mechanism.

If TEFCA were to stipulate that participants and participant members utilize Direct Secure Messaging for push messaging, both TEFCA and the use of the Direct protocol would benefit.  No change to how Direct messaging would be needed, but allowing the terms and conditions of the common agreement to govern data exchange would enable use cases that otherwise might require special agreements. While most Direct exchange requires no such agreements, when intermediaries readdress messages they frequently are operating as a business associate of the sender, introducing a legal burden. An example is public health reporting through an intermediary like the Association of Public Health Laboratories (APHL).  While many millions of Direct messages were sent to APHL during the pandemic, such usage required a workaround that limited usage to facilities that had signed the eHealth Exchange DURSA or the Carequality Connected Agreement in addition to having Direct Secure Messaging capabilities.  The Common Agreement could fill this gap for TEFCA QHINs and participants.

Also, it is not at all clear that FHIR is the best approach to enabling push messaging even in the future as Direct is broadly deployed and is the only standard that supports referrals at any scale today.  As the industry reflects on how to find alternatives to fax, Direct is the one standard that can replace virtually any fax traffic with electronic exchange embedded within the workflow of the EHR.

We propose that at minimum, XCDR be eliminated entirely from the QTF, and ideally without an explicit expectation that FHIR is the ultimate choice for push messaging. We believe that for some use cases, Direct will persist as the dominant modality for transport.  Direct is the primary delivery mechanism for transitions of care, referrals, and event notifications today.  New standards work has only increased interest in Direct as 360x closed-loop referrals have begun to be utilized in production settings with several of the top 10 EHR systems. DirectTrust Standards is also about to promote our Event Notifications via the Direct Standard™ Implementation Guide through the ANSI approval process.  Eleven organizations have committed to implementing the new guide and development to comply with the guide has begun with most of the largest EHR companies.  While FHIR has the potential to replace some workflows currently supported by Direct, we expect that there will be a “mixed” environment for some time where directories will need to help determine which endpoint accepts which modality.

Rationale for Not Requiring QHIN Message Delivery Using XCDR

  • It isn’t needed: It’s duplicative with Direct Secure Messaging which works very well already. It doesn’t solve any new problems that Direct hasn’t already solved or can’t solve with more attention.
  • Raises Costs: Unlike XDS query-based exchange and Direct Secure Messaging, it is not widely deployed and would require all actors to develop it, raising costs without improving interoperability or providing new capabilities. In the US, adoption of XCDR is effectively zero.
  • Doesn’t serve public health better than Direct Secure Messaging: We saw as the pandemic raged that Direct Secure Messaging worked beautifully for communicating not only to public health for reporting, but back to primary care for notifications about pandemic care and vaccination status. Tens of millions of additional transactions flowed in our network in support of public health, many for brand new use cases supported by no other standard.
  • Could distract the market from improving Direct: Provider organizations, application developers, and health information networks are already actively working with DirectTrust to improve the use and usability of Direct Secure Messaging. Requiring a new mechanism will likely be a distraction from this work underway.
  • Will create operational challenges for QHINs: If a QHIN is to be able to deliver messages to endpoints more reliably than Direct Secure Messaging, the QHIN will need to determine where to target a message more reliably than a sender of the message can. This will not be possible. So many of the issues that the Direct community has grappled with, provided and improved over years will need to be addressed in a new ecosystem. Directory, trust and universal use by EHRs has been already addressed with Direct.
  • Won’t be coherent with a FHIR future: Building a new set of infrastructure which is not supported by any actors in the market today will be costly and of limited benefit if we believe that a transition to FHIR might be just a few years away. It will take 5 years just to get a new standard to function at any sort of scale. Direct Secure Messaging and FHIR have similar trust requirements and could share a common directory infrastructure and common capabilities for enabling trust.   Neither FHIR nor Direct require gateways and can be connected point to point at a lower cost than gateway-based modalities.

Please consider removing references to QHIN message delivery from the QTF entirely and instead offer Direct Secure Messaging as a push modality for use in TEFCA.


Scott Stuewe,

President and CEO