How Enterprise-Scale Health Systems Are Gearing Up for FHIR, TEFCA & UDS+
Modern interoperability standards are being heavily invested in by large health systems. The UDS reporting process is being redesigned through UDS+, a new FHIR-based submission system; TEFCA is being implemented as a national policy framework for trusted network-of-networks interoperability; and HL7 FHIR APIs are being deployed across EHRs to enable real-time data sharing.
Because of these initiatives, which are supported by federal regulations and industry cooperation, businesses need to get ready right away in order to comply and benefit from smooth data sharing.
What is FHIR?
The HL7 standard for sharing medical data is known as FHIR. RESTful APIs and modular “resources” (patients, test results, medications, etc.) are defined to allow systems to query and receive specific clinical data pieces quickly and effectively. In practice, this means that rather than exchanging entire papers, an app can utilize an API to access simply a patient’s allergy or lab results. To meet federal interoperability standards, providers are updating their EHRs with certified FHIR interfaces, and FHIR’s modern, user-friendly architecture is widely supported in the industry.
FHIR makes data exchange fine-grained and real-time. For example, using FHIR, an EHR can enable a patient portal app to retrieve only a patient’s immunizations or facilitate automated quality reporting by pulling relevant elements.
As ONC notes, FHIR lets health data be “quickly and efficiently exchanged” at the data-element level. This underpins modern use cases like SMART on FHIR apps, bulk data analytics, and patient-facing APIs.
What is TEFCA?
A government program called the Trusted Exchange Platform and Common Agreement aims to provide a unified national platform for the exchange of health data. A “network of networks” is established under TEFCA, which was enacted under the 21st Century Cures Act. Qualified Health Information Networks adhere to a common legal agreement and technical standards, allowing any participant to query or access data nationwide.
TEFCA essentially addresses policy, privacy, and trust by defining who is permitted to exchange data and under what circumstances. In practice, a provider connects to a QHIN, which in turn connects to other QHINs under TEFCA’s common policy. When a query for patient records is needed, the provider’s QHIN brokers the request to other networks, which return the data to the original requester.
The Common Agreement specifies permitted exchange purposes and privacy/security requirements. Crucially, FHIR-based exchange is expressly included in TEFCA v2.0, enabling QHINs to employ FHIR APIs in addition to older transaction protocols. With this uniform platform, TEFCA hopes to eventually link thousands of clinics, hospitals, payers, and public health organizations.
What are UDS and UDS+?
The Uniform Data System is HRSA’s long-standing annual reporting framework for Federally Qualified Health Centers and similar clinics. UDS requires submission of aggregated metrics to secure funding and monitor performance. UDS+ is the new initiative to modernize this process using HL7 FHIR. Starting with 2024 data, HRSA planned to accept de-identified patient-level data via a published UDS+ FHIR Implementation Guide. Under UDS+, clinics would use FHIR Bulk Data and other APIs to export each patient’s data elements and submit them programmatically to HRSA.
In effect, UDS+ leverages FHIR R4 to replace manual, file-based reporting with an API-driven pipeline. A health center would identify all relevant patients, use the certified FHIR Bulk Data Access API to gather required data, de-identify it, and push the dataset to HRSA. This aims to reduce errors and workload in UDS reporting. In 2024, HHS paused the official rollout of mandatory UDS+, but many EHR vendors and centers are already building the infrastructure. As one vendor notes, “UDS reporting is still necessary; the capabilities we built mean our customers are ahead in FHIR-enabled interoperability.
TEFCA vs FHIR: What’s the difference?
TEFCA and FHIR address different layers of interoperability. TEFCA is a policy and network framework: it sets the rules for who can exchange data and under what legal agreements. It controls network topology, security, and consent.
FHIR is a technological standard that describes how to exchange and organize data at the API level. To put it another way, FHIR specifies how the data is formatted and delivered, while TEFCA specifies who may participate and why data may be exchanged. Key differences are summarized in the table below:
| Aspect | TEFCA (Framework) | FHIR (Standard) |
| Purpose | Nationwide interoperability framework (policies and trust) | Data exchange specification (formats/APIs) |
| Scope | “Network of networks” (QHINs, legal agreements) | API-based data format (resources like Patient, Observation) |
| Governance | U.S. Department of HHS / ONC; Common Agreement terms | HL7 standards organization; US Core FHIR profiles |
| Data Transport | May include IHE/C-CDA and FHIR | RESTful APIs (HTTPS/JSON) using FHIR resources |
| Exchange use-cases | Treatment, payment, public health, etc. | Specific data queries |
| Participants | Providers, payers, HIEs, and apps that join TEFCA via QHINs | Any system or app implementing FHIR |
How does TEFCA use FHIR?
TEFCA’s implementation plan is phased. In Stage 1, QHINs begin with existing document-based queries but prepare for FHIR. In Stage 2, “facilitated FHIR exchange” goes live: participants in one QHIN can query another participant’s FHIR endpoint. By Stage 3, QHINs will broker FHIR transactions between networks. The final stage, End-to-End FHIR, envisions seamless FHIR API exchange across any network.
In practice, a provider or third-party app will use TEFCA directory services to discover which QHIN holds a patient’s records, then use FHIR APIs to query that QHIN’s listed FHIR endpoints.
If a provider only has a FHIR endpoint registered in TEFCA’s directory, another provider can send a FHIR query directly to it via the QHIN identity layer. The diagram below illustrates a simplified TEFCA+FHIR data flow: the provider’s EHR sends a FHIR query to its QHIN, which uses patient identity lookup to find other QHINs, then those QHINs locate FHIR endpoints for the target data and return the result.
flowchart LR
EHR((Provider EHR)) -->|FHIR REST API| QHIN1([QHIN])
QHIN1 -->|Patient Discovery Query (FHIR)| QHIN2([Other QHIN])
QHIN2 -->|Endpoint Lookup| QHIN1
QHIN1 -->|FHIR API Request| FHIRServer([FHIR Endpoint
(Provider/Repo)])
FHIRServer -->|FHIR API Response| QHIN1
QHIN1 -->|FHIR API Response| EHR
ThirdApp((Third-Party App)) -->|FHIR Query| QHIN1
QHIN1 -->|FHIR Response| ThirdApp In this TEFCA+FHIR flow, a QHIN facilitates patient discovery and endpoint lookup across networks, but the actual FHIR data exchange occurs directly between FHIR servers and the requester once endpoints are known.
Why are FHIR, TEFCA, and UDS+ important now?
These technologies are becoming essential due to a convergence of market and regulatory pressures. Data access and interoperability are required by federal law and regulations.
EHRs and payers must use FHIR-based APIs in accordance with the 21st Century Cures Act and later ONC and CMS regulations (Cures Act Final Rule, 2020; CMS Final Rule on Prior Auth, Jan 2024).
- For instance, hospitals and clinics are required by law to employ certified systems by 2023, and all certified health IT must offer an FHIR API by the end of 2022.
- By January 1, 2027, CMS mandates that Medicaid and Medicare Advantage plans provide the five common FHIR APIs (Patient, Provider, Directory, Payer-to-Payer, Prior Auth).
- Serious information-blocking fines may follow noncompliance.
TEFCA addresses the policy gap. Until TEFCA, even certified FHIR systems often could not easily query across organizational and state boundaries. TEFCA’s common agreement removes legal and technical roadblocks, effectively connecting disparate HIEs and networks.
According to ONC, more than 70,000 healthcare facilities are anticipated to use QHINs to participate by early 2026, exchanging more than 39 million documents worldwide. To put it briefly, the industry is being pushed toward an interoperable, API-driven design by government funding and mandates, and health systems need to be prepared or risk falling behind.
Benefits of Interoperability for Health Systems
Gearing up for FHIR/TEFCA/UDS+ has clear advantages for enterprise-scale organizations:
- Seamless Data Access: Rather than custom point-to-point interfaces with each hospital or clinic, a health system can connect once to a TEFCA QHIN and gain broad access. This “connect once” model dramatically reduces integration costs. Applications receive only the data they require thanks to FHIR’s resource-level exchange, which increases productivity.
- Better Care Coordination: A more comprehensive patient picture is provided to clinicians. For instance, rather than waiting days for paper records, a hospital can use FHIR to query primary care EHRs or outside labs for current information (meds, labs, imaging). TEFCA enables this across regions and vendor boundaries.
- Regulatory Compliance: Systems remain in compliance with ONC and CMS regulations by proactively implementing FHIR and TEFCA. This reduces the possibility of fines and puts the system in a favorable position for value-based care initiatives.
- Operational Efficiency: CHC personnel will save time and make fewer mistakes by automating UDS reporting with FHIR (UDS+), freeing up resources for patient care. FHIR Bulk Data can simplify population health analytics in a broader sense.
- Strategic Advantage: A competitive advantage is granted to leaders. For example, one analysis notes systems “recognize that interoperability is becoming table stakes” and that early compliance with FHIR and TEFCA can be a selling point to payers and partners. A network that can share data seamlessly with others will attract more referrals and collaboration opportunities.
How Enterprises Are Preparing
Large health systems are treating FHIR and TEFCA compliance as enterprise-wide programs, not just IT projects. Key actions include:
1. EHR Modernization
Many organizations are upgrading to the latest EHR versions (Epic, Cerner, etc.) that include built-in FHIR support. They enable and test the certified FHIR endpoints and Bulk Data APIs for analytics.
- Some are also deploying integration engines (Mirth, Rhapsody, Cloverleaf, etc.) that act as FHIR intermediaries.
- By standardizing on FHIR, hospitals can streamline connections to internal and external systems.
For example, Epic’s own “FHIR on FHIR” initiative and participation in projects like Da Vinci and Argonaut ensure that any Epic customer can interoperate via FHIR.
Related: The 2025 Blueprint for Modernizing Healthcare IT Infrastructure
2. Data Governance and Identity
With vast data comes responsibility. Enterprises are bolstering data governance programs to ensure patient records are clean, de-duplicated, and meet privacy standards.
Master Patient Index and record-matching initiatives are critical so that when a TEFCA query returns results, the data truly belongs to the patient in question.
- Dedicated governance teams oversee US Core Data for Interoperability elements to guarantee consistent data definitions.
- Many organizations have also created directories of their own FHIR endpoints and are preparing to register them in TEFCA’s future directory service.
3. API Management & Security
CIOs are building API layers to securely manage FHIR traffic. This often involves deploying API gateways with OAuth 2.0 and OpenID Connect. Notably, industry groups are developing security profiles tailored for TEFCA. The HL7 FHIR At Scale task force, for example, is teaching CISOs and developers about the “FAST Security” IG that will be required by TEFCA’s launch.
A recent HL7 blog emphasized the Jan 2026 deadline for “FAST Security” to be implemented for all TEFCA FHIR exchanges. Large systems are taking note; they are incorporating these OAuth-based security frameworks into their FHIR services now.
4. Vendor and Partner Collaboration
Enterprises are working closely with EHR vendors, HIEs, and health information exchanges. Many are ensuring their chosen HIE partners become Qualified HINs under TEFCA.
- Designated QHINs include CommonWell, eHealth Exchange, Epic, Cerner, and others – all of which are preparing FHIR-enabled connections.
- Hospitals are also joining networks like Carequality or CommonWell to be part of larger exchange communities.
- On the federal side, some systems coordinate with HRSA (for UDS/UDS+) if they operate community clinics.
5. Pilot Projects and Training
Many systems run pilot FHIR projects to build internal expertise. This includes developing proof-of-concept SMART-on-FHIR apps, using FHIR bulk queries for population health analytics, or simulating a TEFCA exchange.
IT teams attend HL7 Connectathons and ONC webinars to stay current. Clinician champions are engaged early, often embedding demand for interoperability into clinical workflow improvements (e.g., single-click referrals or discharge summaries via FHIR).
Taken together, these steps – upgrades, data cleansing, API deployment, and partnerships – form a broad compliance strategy well underway at most large health systems.
Challenges and How They’re Overcoming Them
Adopting FHIR and TEFCA isn’t without obstacles. Enterprise systems report several common challenges and corresponding solutions:
1. Legacy Systems and Data Gaps
Decades-old interfaces and non-standard data keep getting in the way. Health systems often find their database fields don’t line up neatly with FHIR profiles.
Solution: Phased integration projects and middleware help. For example, some organizations map old HL7 v2 feeds into FHIR resources using translation layers. Others modernize department-specific systems (labs, imaging, pharmacies) to expose FHIR APIs. Over time, this gradually replaces brittle point-to-point interfaces.
2. Complex Governance and Compliance
Understanding TEFCA’s rules (and state privacy laws) is complex.
Solution: Many systems have formed cross-disciplinary compliance teams (IT, legal, privacy officers) dedicated to interoperability. These teams track TEFCA communications, test compliance checklists, and update contracts. They also coordinate with vendors to ensure that any system connecting to TEFCA meets the security and privacy requirements.
3. Security and Trust
Implementing robust identity-proofing and trust for data exchange is non-trivial. As ONC notes, “scaling use of FHIR has been challenging due to issues such as lack of a single directory… and mechanisms to verify who is asking for information”.
Solution: Health systems are planning to use federated identity services and to publish their FHIR endpoints in a directory (such as the future TEFCA Directory).
They’re also adopting the FAST UDAP framework (OAuth-based) and SOC 2-type security standards for any TEFCA participant, ensuring that requests come from authenticated, authorized sources. Some run internal pilot exchanges between hospitals first to validate their security processes before joining a public network.
4. Resource and Budget Constraints
Upgrading systems and hiring interoperability experts costs money.
Solution: Organizations often leverage phased implementations and seek grants or subsidies. Some work through consortia to share resources. Others prioritize “low-hanging fruit” use cases (like patient access APIs) to deliver immediate benefits. Over time, efficiency gains from reduced manual reporting and improved outcomes can help justify further investment.
5. Stakeholder Engagement
Clinicians, administrators, and IT may have differing priorities.
Solution: Successful programs articulate the clinical and financial value of interoperability. For instance, showing how FHIR-based notifications could prevent readmissions or how single sign-on to a FHIR app saves doctors’ time. Demonstrating patient satisfaction with app-driven health records also helps buy-in. Training and communication keep everyone aligned on the roadmap.
No single challenge is fatal; organizations are overcoming them through a combination of technology, process, and collaboration.
For example, adopting API management tools and standardized terminologies addresses data consistency, while federated directory services address the “no single directory” problem.
Related: 5 Challenges Associated with HL7 FHIR and How CapMinds Helps to Solve
Cost of Not Modernizing
The cost of delay is high. Without FHIR/TEFCA integration, health systems face exploding one-off connections: dozens of custom HIE agreements or interfaces to maintain. This means higher IT overhead and slower data flows. In large systems with millions of records, a lack of standard APIs also means missed insights and care gaps.
Federally, hospitals and vendors risk up to $1M fines per infraction for information blocking. On the reporting side, continuing manual UDS submissions costs hundreds of staff-hours annually per CHC. In sum, not adopting these standards means higher costs, compliance risk, and lost opportunities for coordinated, data-driven care.
Enterprise Implementation Examples
- Epic/Carequality/TEFCA: Epic (the largest EHR vendor) has announced that by the end of 2025, “all of its clients nationwide will be live on TEFCA, via its Epic Nexus qualified health information network”. In other words, Epic is onboarding thousands of hospitals and clinics to query across its Carequality/TEFCA framework. This illustrates how an EHR vendor is leveraging TEFCA+FHIR to give customers immediate interoperability reach. Epic reports that 100% of its customer base is participating in the exchange framework, demonstrating rapid enterprise-scale uptake.
- Athenahealth & FQHCs: Athenahealth built an integrated UDS/UDS+ pipeline for its community health center customers. In fact, it became “the only vendor authorized to submit live UDS+ production data” (2023 data) before the official launch. Even though mandatory UDS+ was paused, Athena emphasizes that its FHIR-based reporting tools keep its customers “ahead in FHIR-enabled interoperability”. This case shows how an enterprise system can gain efficiency and readiness by implementing FHIR Bulk Data for public reporting.
- Payers and Prior Auth (CMS 0057-F): Under the 2024 CMS final rule, large Medicaid/Medicare Advantage plans must publish FHIR-based Prior Authorization APIs. For example, Anthem and Cigna are expected to build clinical decision support systems that pull patient records in real time to automate approvals. According to Firely, “the full compliance deadline is Jan 1, 2027” for five mandated FHIR APIs. Some payers are already piloting FHIR hubs to meet this, reflecting enterprise investment driven by regulation.
- Public Health Reporting: Massachusetts and other states are piloting TEFCA networks for lab results and surveillance, using FHIR to submit immunization data. These emerging public-private initiatives (not yet widely published) indicate the trend that even state labs and agencies are gearing up for the new frameworks.
Market Context
The global healthcare interoperability solutions market is growing rapidly. It was estimated at $3.87 billion in 2024 and is projected to reach $8.57 billion by 2030.
North America represents the largest share, driven by U.S. regulatory mandates and HIT modernization. This growth reflects expanded investment in TEFCA-compliant networks, FHIR development, cloud architectures, and HIE services. For enterprise health systems, this means vendors and consultants will offer more advanced interoperable platforms, and failing to invest risks falling behind both competitors and newcomers. The table below summarizes the market outlook:
| Market | 2024 Size (USD) | 2030 Forecast (USD) | CAGR (2024–30) | Source |
| Global Interoperability Solutions | $3.87 B | $8.57 B | 14.2% | Grand View (2024) |
| North America (share) | – | – | ~42% by share (2023) | Grand View |
Sustained double-digit growth means technology budgets are expanding for interoperability. For large systems, this justifies allocating resources now to modernize data exchange.
Early movers can leverage vendor offerings that are scaling rapidly; one report notes Microsoft Azure’s FHIR service hit 1 billion API calls/month in 2024.
UDS/UDS+ FAQ
- What is UDS? UDS is HRSA’s standardized annual report for Federally Qualified Health Centers. It collects aggregate data on patient demographics, services, outcomes, staffing, costs, etc., to assess health center performance and funding needs. It is submitted in tabular form each year to HRSA.
- What is UDS+? UDS+ is the new FHIR-based reporting framework for UDS. Instead of manual spreadsheets, health centers will submit de-identified patient-level data via FHIR APIs to HRSA. A published UDS+ Implementation Guide defines the FHIR data elements. UDS+ aims to streamline reporting by automating data collection.
- How will UDS+ change reporting? Under UDS+, a center’s EHR will use the FHIR Bulk Data API to export relevant patient records, which are then de-identified and sent to HRSA’s endpoint. This replaces manual aggregation of charts. It allows more granular data analysis and reduces clerical work. Many centers are piloting UDS+ tools even if its launch was delayed.
- Does UDS+ replace UDS immediately? Not yet. HHS has paused mandatory UDS+ submission for the 2024 reporting cycle. However, centers must still submit the legacy UDS while UDS+ is refined. Organizations building UDS+ FHIR capabilities can report to HRSA’s new FHIR endpoint once required by policy. Vendors like Athenahealth have been ready for live UDS+ since 2023.
- Who must report UDS? All HRSA-funded health centers (FQHCs, look-alikes) must submit UDS annually. When UDS+ becomes mandatory, they will need EHRs or systems that can output UDS data via FHIR. HRSA provides the IG and specifications.
Enterprise Case Study: Prior Authorization APIs
A concrete TEFCA/FHIR example is the CMS-mandated Prior Authorization API for payers. Medicare Advantage and Medicaid plans now must build a FHIR “payer” API so authorized providers can check PA status in real time.
- For instance, a payer might deploy a FHIR server that connects to its claims database.
- A provider’s EHR would invoke the FHIR care team and claims resources to automate approval workflows. This reduces delays in patient care.
- It’s an example of how a large health system is investing to meet a specific CMS deadline.
Health Interoperability Solution from CapMinds
Ready to transform your enterprise’s interoperability strategy? Partner with CapMinds to harness FHIR, TEFCA-ready networks, and advanced UDS+ reporting, seamlessly connecting your EHR/EMR with any system or application. Our interoperability specialists architect secure, standards-based APIs (HL7, SMART on FHIR, UDAP, bulk-data, and more) and manage governance, identity, and compliance so you can focus on patient care and population health.
CapMinds also provides FQHC UDS reporting solutions to help community health centers stay compliant with UDS annual report requirements, streamline submissions, and unlock the benefits of standardized data. Contact us today to schedule a free interoperability assessment and take the first step toward a more agile, efficient, and future-proof health system.
Frequently Asked Questions
How do FHIR and TEFCA relate to each other?
TEFCA is the national policy framework that connects data networks, while FHIR is the technical API standard that those networks use. TEFCA defines who and why data can be shared, and FHIR defines how the data is structured and transmitted.
What is the TEFCA FHIR roadmap?
The TEFCA FHIR Roadmap lays out stages for introducing FHIR into the framework. It started with “facilitated FHIR” in early 2024 and progresses to QHIN-to-QHIN and end-to-end FHIR exchange by 2026–2027. See the section above for details.
When is the FHIR mandate for providers?
Under the 21st Century Cures Act Final Rule, all certified EHRs had to provide FHIR APIs by Dec 2022. From 2023 onward, hospitals/clinicians in federal programs must use these APIs to share data. Newer CMS rules require payers to implement FHIR APIs by 2027.
How large is the interoperability market?
Estimates project the global interoperability solutions market to grow from about $3.9 billion in 2024 to $8.6 billion by 2030. North America holds roughly 42% of this market, driven by U.S. regulations. This suggests significant vendor investment and product availability for TEFCA/FHIR solutions.
What are the benefits of UDS+ reporting?
UDS+ automates previously manual reporting. By using FHIR Bulk APIs, health centers can export detailed patient data for HRSA submissions, improving accuracy and saving staff time. It also provides richer data for analysis. In short, it makes UDS reporting faster and more efficient.
How does TEFCA help with query-based exchange?
TEFCA enables nationwide query-based exchange by linking HIE networks under a common trust framework. A provider needing outside records can “query” the TEFCA network without pre-existing relationships. The provider’s QHIN brokers the lookup, and the data flows via standard APIs back to the requester. This replaces many custom integrations with one governed framework.
Can my current EHR use FHIR for TEFCA?
If your EHR is ONC-certified, it likely supports the US Core FHIR API. To use TEFCA’s FHIR features, the provider must register an endpoint with a QHIN. Once connected, the provider can act as a FHIR endpoint within TEFCA. In practice, vendors are rolling out features to plug into TEFCA QHINs.
What is the core data required?
TEFCA exchanges data based on the US Core Data for Interoperability plus additional IGs. For UDS+, HRSA’s guide defines exactly which FHIR resources to include.
