Call to Action: Exchange Purposes


At Clareto, we’re receiving a growing number of inquiries from colleagues, clients, and partners regarding new health IT buzzwords like TEFCA and QHINs. And if you’re reading this, you’ve likely already been promised that these acronyms are going to solve all your digital health data needs. 

When it comes to interoperability, it can be hard to find a signal in all the noise – so we’re publishing a series of articles to bring you up to speed. More importantly, we’re going to keep everything in layperson terms and focus exclusively on life insurance use cases. Hopefully these articles will teach you something you didn’t know. If we do a really good job, you might even enjoy reading them. 


Clareto has agreements in place with three of the initial six organizations that had their QHIN applications approved in February 2023

About Exchange Purposes 

For our second installment, we’re going to focus on exchange purposes, which are defined in the Common Agreement v1 as follows: 

Exchange Purpose(s): means the reason, as authorized by this Common Agreement including the Exchange Purposes SOP, for a Request, Use, Disclosure, or Response transmitted via QHIN-to-QHIN exchange as one step in the transmission. Authorized Exchange Purposes are: Treatment, Payment, Health Care Operations, Public Health, Government Benefits Determination, Individual Access Services, and any other purpose authorized as an Exchange Purpose by the Exchange Purposes SOP, each to the extent permitted under Applicable Law, under all applicable provisions of this Common Agreement, and, if applicable, under the implementation SOP for the applicable Exchange Purpose. 

In short, these exchange purposes represent the use cases for which health information may be used or disclosed under TEFCA. Each exchange purpose has a corresponding code, and the QHIN Technical Framework provides implementation details for these exchange purpose codes, including 1) asserting a valid exchange purpose with each query, and 2) listing each organization’s intended exchange purposes in the directory. As a result, the journey to accessing health information often begins with identifying the “right” exchange purpose – or, if a relevant exchange purpose does not exist, advocating for a new exchange purpose to meet your specific needs. 

The “Right” Exchange Purpose 

Next, let’s examine the exchange purposes listed above by answering a few simple questions. 

Which exchange purpose can we use? 

Asking the wrong question may lead to an incorrect conclusion, and this is one such scenario. To learn why, let’s look at the intended user and a real-world example for each exchange purpose. 

Exchange Purpose Intended User Real-World Example 
Treatment This purpose is reserved for health care providers. For a closer look, see the definitions of “Treatment” and “Health Care Provider” in the Common Agreement v1 and 45 CFR § 164.501, as well as 45 CFR § 171.102 and 45 CFR § 160.103, respectively. A health care provider queries for new patients to review their medical histories prior to their first appointments. 
Payment The draft Payment: Risk Adjustment Exchange Purpose Implementation SOP states “Only Health Plans and Health Care Providers may request TEFCA Information for the purpose of Risk Adjustment.” A health plan queries for its members to conduct risk adjustment activities that ensure the health plan is being compensated appropriately for high-risk patients. 
Health Care Operations The draft Health Care Operations: Limited Exchange Purpose Implementation SOP states “Only Health Plans and Health Care Providers that are Covered Entities may request TEFCA Information A health plan queries for its members to identify patients who would benefit from case management services, such as managing chronic illnesses or closing gaps in care (e.g., missed immunizations or cancer screenings). 
Public Health Under this purpose, “a Public Health Authority may Request, Use, and Disclose TI hereunder for the Exchange Purpose of Public Health.” A health care provider transmits an electronic case report to a public health authority for infectious disease monitoring. 
Government Benefits Determination This purpose covers “a determination made by any federal, state, local, or tribal agency, instrumentality, or other unit of government as to whether an Individual qualifies for government benefits for any purpose other than health care (for example, Social Security disability benefits) to the extent permitted by Applicable Law. Disclosure of TI for this purpose may require an authorization that complies with Applicable Law.” The Social Security Administration (SSA) queries for individuals who have applied for disability benefits to evaluate their eligibility. 
Individual Access Services (IAS) This purpose enables consumers to access their own health information. A patient obtains his/her own health information to share with a family member or another health care provider. 

Life insurance companies are not health care providers, health plans, public health authorities, or government agencies. By process of elimination, we’re left with two options. First, we can take the increasingly common approach of pushing responsibility to the consumer. In our first installment, we took a closer look at IAS and identified several potential points of failure where consumers may dropout, the cumulative effects of which significantly discount any potential benefits. 

Second, we can step into the shoes of another stakeholder (e.g., a health care provider), obtain information for one purpose (e.g., treatment), and then redisclose that information for our intended use case and subject to our own rules. However, this approach risks eroding the trust that serves as the foundation for interoperability. If health care organizations have to start asking questions like whether a requestor is who they say they are, whether they are actually providing certain services to patients, and what else they plan to do with the information, then we can and should expect some backsliding of recent gains in interoperability. 

Are we the intended user of any exchange purpose? 

By reframing our initial question, it becomes clear that the answer may be “none of the above.” As noted previously, life insurance companies are not the intended user for any of the existing exchange purposes. To make progress, we must first acknowledge reality. 

Does any exchange purpose fit our preferred workflow? 

We should also examine whether the workflow required by any exchange purpose aligns with our priorities. As part of the life insurance application process, an applicant signs a HIPAA authorization, which is used as the basis to gather various forms of medical evidence for underwriting purposes. By evaluating the exchange purposes through this lens, we recognize that government benefits determination – which focuses on qualifying for non-health benefits and “may require an authorization” – could be the closest match. 

Is there an established precedent? 

Yes, and it’s been around for well over a decade. Here’s a quick overview: 

  • In 2008, the SSA Health IT program for expediting disability determinations was launched. 
  • In 2009, the SSA published early results with its initial participants, including eHealth Exchange (formerly the Nationwide Health Information Network) and our predecessor, MedVirginia HIE. 
  • Today, the SSA Health IT program includes 229 health care organizations across all 50 states and continues to grow, representing what is likely the most successful interoperability initiative for non-treatment purposes. 
  • For a deeper dive on the SSA Health IT program and its benefits, please see this HIMSS 2018 presentation

Can the exchange purposes be expanded? 

We’re so glad you asked. The Common Agreement v1 leaves room for “any other purpose authorized as an Exchange Purpose by the Exchange Purposes SOP,” opening the door for additional use cases. This exact question was raised during the Sequoia Project’s TEFCA RCE monthly informational call on February 21, 2023 (listen at 58:57): 

Q: “Are there any plans to accommodate HIPAA authorization record requests?”

A: “I believe this is referring to expanding the allowable exchange purposes authorized under the Common Agreement to accommodate some additional purposes that require HIPAA authorizations, and this is part of our conversation with scoping out changes to the Common Agreement version 2.”

Call to Action 

The best way to get what you want is to ask for it. Last month, we submitted our comments to the draft SOPs for payment and health care operations. In our comments, we mapped out the creation of a new exchange purpose that leverages existing concepts wherever possible: 

  • Extends government benefits determination to address non-government benefits available in the commercial market. 
  • Applies the access consent policy specifications for authorization-based disclosures, which are included in the QHIN Technical Framework and widely adopted thanks to the trailblazing work of the SSA Health IT program.
  • Amends the Participant/Subparticipant SOP to include life insurance companies, as well as agents or contractors acting on their behalf.
  • Mirrors some of the implementation details in these draft SOPs, including creating a dedicated exchange purpose code to differentiate from government benefits determination, and utilizing NAIC codes, as applicable, to identify the originating requestor.


Sometimes the best answer to “which one of these applies?” is “none of the above,” and that’s certainly the case with the existing exchange purposes:

  • Life insurance companies are not the intended users for any of the existing exchange purposes.
  • Using one mechanism to access information and a second mechanism to deliver it to the intended recipient is inherently inefficient and may have unintended consequences.
  • If we could design a new exchange purpose, we would start with government benefits determination as the best fit, build on well-established precedents for the lightest lift, and aim for a workflow that enables true accelerated underwriting and straight-through processing.

While our ideal scenario doesn’t exist today, we’ll be doing everything we can to ensure that our voice — and the voices of our clients — are heard by policymakers at the national level. Please contact us if you’d like to join our efforts.

Similar Posts