AHA urges delay on TEFCA individual access SOP over patient privacy concerns

Apr 24, 2026 - 02:53 PM
AHA proposed rule comment

The AHA April 24 urged the Sequoia Project to delay implementation of the Trusted Exchange Framework and Common Agreement Individual Access Services Exchange Purpose Standard Operating Procedures version 3.0 until key legal and regulatory issues are resolved. The proposed IAS SOP, slated for implementation by August 2027, includes new patient-matching methodologies that bypass or limit provider verification, which the AHA argues could expose hospitals to unauthorized disclosures, data breaches and misidentification errors. 

The AHA emphasized that hospitals and health systems are already legally bound to verify identity, consent and authority before disclosing protected health information, warning that the proposed IAS SOP does not adequately account for these statutory obligations, creating significant compliance and liability risks for covered entities. To address the risks, the AHA recommended delaying the SOP and pursuing statutory or regulatory solutions, such as a provider safe harbor or clear regulatory guidance confirming compliance with IAS satisfies the Health Insurance Portability and Accountability Act verification and consent requirements. 

Related News Articles

Headline
CMS accepting comments on data collection requirements for Medicare Advantage plans, Part D sponsors
The Centers for Medicare & Medicaid Services is seeking comments by May 11 on its proposed revisions to data reporting requirements for Medicare Advantage…
Headline
SHSMD releases Futurescan 2026 
The Society for Health Care Strategy and Market Development has released Futurescan 2026, the newest edition of its strategic outlook by health care leaders,…
Headline
AHA files amicus brief in support of dismissal of online tracking case
The AHA Dec. 18 filed an amicus brief in the U.S. Court of Appeals for the First Circuit in support of a district court’s dismissal of an online tracking…
Headline
CMS announces pilot on MA service level data collection for initial determinations, appeals
The Centers for Medicare & Medicaid Services released a memo Dec. 16 announcing the agency’s intent to conduct a voluntary pilot in 2026, called the…
Headline
CDC streamlines bird flu and influenza reporting
The Centers for Disease Control and Prevention July 7 announced it is streamlining H5N1 bird flu updates with its routine influenza data given the low public…
Headline
AHA makes recommendations supporting CMS’ proposed MAO data collection and audit protocol
The AHA Nov. 11 voiced strong support for the Centers for Medicare & Medicaid Services’ proposed plan for data collection and reporting requirements for…