← Back to all briefings
Data Strategy 5 min read Published Updated Credibility 40/100

Data Strategy Briefing — April 18, 2023

ONC’s HTI-1 proposed rule updates US health IT certification with USCDI v3, algorithm transparency documentation, TEFCA integration, and expanded information blocking accountability.

Zeph Tech Research Lead

Research lead, Zeph Tech

Timeline plotting source publication cadence sized by credibility.
8 publication timestamps supporting this briefing. Source data (JSON)

Executive briefing: The US Office of the National Coordinator for Health IT (ONC) released the Health Data, Technology, and Interoperability (HTI-1) proposed rule to advance nationwide health information exchange, mandate adoption of USCDI v3 data classes, and require transparency around certified health IT that uses predictive decision support. The proposal updates certification criteria, codifies reporting metrics from the 21st Century Cures Act, and aligns with the Trusted Exchange Framework and Common Agreement (TEFCA) to promote secure, standards-based interoperability. Health systems, payers, and health IT developers need to mobilise cross-functional teams to modernise data models, document algorithmic risks, and prepare for expanded public reporting obligations.

ONC’s rule introduces the decision support intervention (DSI) framework that broadens existing clinical decision support requirements to include machine learning, predictive risk scoring, and other advanced analytics embedded in certified health IT. Developers must supply “source attributes” detailing training data, evaluation procedures, performance characteristics, and appropriate use guidance so clinicians and patients can assess trustworthiness. The rule also updates information blocking regulations, adds a TEFCA participation metric to the Certified Health IT Developer program, and proposes a new Insights Condition to standardise data export capabilities.

Capability expansion and impact

The HTI-1 rule accelerates capabilities across five domains:

  • Data interoperability. Adoption of USCDI v3 introduces data classes for sexual orientation, gender identity, social determinants of health, and personal health records, enabling richer population analytics and equity dashboards.
  • Algorithm transparency. The DSI framework demands lifecycle documentation—intended use, limitations, validation settings, known risks—that empowers providers to implement AI responsibly and enables regulators to scrutinise high-risk models.
  • Public health readiness. Updated certification criteria require electronic case reporting, bulk FHIR export, and support for Health Level Seven (HL7) FHIR R4 capabilities, improving response during outbreaks and national emergencies.
  • Patient empowerment. Enhanced electronic health information export requirements and performance reporting metrics give individuals faster access to longitudinal records and visibility into how their data supports care coordination.
  • Compliance assurance. Information blocking updates clarify that actors must respond to patient and provider requests within specific timeframes and maintain auditable logs, elevating accountability for data sharing practices.

Collectively, these capabilities create a blueprint for interoperable, trustworthy digital health ecosystems, but they demand significant investment in data governance, vendor collaboration, and change management.

Implementation roadmap

Organisations should structure implementation across four coordinated tracks:

  • USCDI v3 data readiness. Conduct gap analyses between current data dictionaries and USCDI v3 classes, prioritising structured capture of social determinants, sexual orientation, and gender identity data. Update EHR templates, terminology services, and patient intake workflows to support consistent coding and privacy controls.
  • Decision support governance. Inventory all AI- and rules-based interventions embedded in clinical workflows. For each, build DSI documentation packages covering input features, intended user, evaluation metrics (sensitivity, specificity, fairness), and monitoring plans. Establish a multidisciplinary review board (clinicians, data scientists, ethicists) to approve deployment and retraining cycles.
  • TEFCA and bulk exchange enablement. Align with TEFCA Qualified Health Information Network (QHIN) onboarding requirements by upgrading identity proofing, security tokens, and consent management. Enhance FHIR bulk export tooling to meet the proposed Insights Condition and support payer-to-payer exchange mandated by CMS interoperability rules.
  • Information blocking compliance. Update request management systems so patients, providers, and public health agencies can track information sharing requests end-to-end. Automate exception evaluation, logging, and disclosure to satisfy ONC’s expanded documentation expectations.

Each track should integrate change management plans that include clinician education, patient communications, and vendor coordination. Align capital budgets with the rule’s phased timelines—most provisions anticipate compliance within 24 months of finalisation, while reporting metrics may require earlier pilot submissions.

Responsible governance and oversight

HTI-1 pushes leaders to strengthen governance across clinical, technical, and ethical dimensions:

  • Board and executive engagement. Include interoperability readiness and algorithm transparency on quality and compliance committee agendas. Track progress using balanced scorecards that measure USCDI adoption, TEFCA connectivity, and DSI documentation completeness.
  • Risk management integration. Incorporate algorithmic harm scenarios into enterprise risk registers. Align with FDA’s software as a medical device guidance and forthcoming joint ONC-FDA-OCR AI oversight principles to avoid misclassification of high-risk DSIs.
  • Ethics and equity safeguards. Embed bias assessment checkpoints into model development, using representative datasets and auditing demographic performance. Document mitigation strategies and communicate them through DSI transparency artifacts.
  • Vendor accountability. Update contracts with health IT developers to mandate timely delivery of DSI documentation, USCDI updates, and interface changes. Require attestation that code updates will be provided ahead of regulatory deadlines.

Governance structures should ensure patients are represented in decision-making, especially when models influence diagnosis, triage, or care management. Public reporting obligations will expose laggards, so proactive transparency is essential.

Sector playbooks

  • Health systems. Establish interoperability command centres to coordinate EHR upgrades, TEFCA onboarding, and clinician training. Integrate DSI evaluation with medical staff credentialing and quality improvement programmes.
  • Health plans. Synchronise HTI-1 requirements with CMS interoperability and prior authorisation rules. Build FHIR-based member data repositories that support payer-to-payer exchange, risk adjustment analytics, and utilisation management transparency.
  • Health IT developers. Prioritise roadmap items for USCDI v3 support, bulk FHIR export, DSI documentation tooling, and TEFCA integration. Offer sandbox environments and APIs so clients can test workflows before deploying updates.
  • Public health agencies. Use the proposed funding and standards alignment to modernise surveillance platforms, ensuring they can consume EHR exports, reconcile data across jurisdictions, and feed analytics back to providers during emergencies.

Measurement and continuous improvement

Organisations should develop metrics and evidence packages that demonstrate compliance and value realisation:

  • USCDI coverage. Percentage of encounters capturing new USCDI v3 elements, completeness scores for social determinants fields, and audit trails for patient consent related to sensitive data.
  • DSI transparency maturity. Share of deployed decision support tools with complete documentation, cadence of performance monitoring, and number of bias mitigation actions executed per quarter.
  • Exchange performance. TEFCA transaction volume, average response time for patient-initiated information requests, and uptime of FHIR APIs measured against ONC reporting metrics.
  • Information blocking responsiveness. Average time to fulfil requests, exception utilisation rates, and issue resolution ageing.
  • Clinical impact. Quality measures (readmissions, preventive care adherence) correlated with deployment of DSIs and enhanced data sharing, demonstrating value beyond compliance.

Maintain a compliance binder containing certification attestations, DSI documentation, board minutes, and performance dashboards. Refresh quarterly to respond to ONC audits, payer due diligence, or accreditation surveys.

Zeph Tech partners with digital health leaders to operationalise HTI-1 requirements through interoperability roadmaps, AI transparency toolkits, and value-tracking dashboards.

Timeline plotting source publication cadence sized by credibility.
8 publication timestamps supporting this briefing. Source data (JSON)
Horizontal bar chart of credibility scores per cited source.
Credibility scores for every source cited in this briefing. Source data (JSON)

Related briefings

Curated signals from the same pillar or overlapping topics.

Continue in the Data Strategy pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • Healthcare interoperability
  • AI governance
  • US regulation
Back to curated briefings