Dayton Children’s Whitlock Says TEFCA Trust Model Needs Stronger Guardrails to Stop Data Misuse

The episode dives deep into the TEFCA trust framework, exposing how its current design leaves patient health information vulnerable to misuse. CIO J.D. Whitlock recounts the high‑profile Health Gorilla case, where Epic‑approved QHINs allegedly altered clinical data to masquerade non‑treatment queries as legitimate. This breach of trust illustrates the broader policy quagmire: health systems must share data to comply with interoperability rules, yet they risk exposing PHI to “shady” actors and costly class‑action lawsuits. Whitlock stresses that without stronger guardrails, the promise of seamless exchange collapses under legal and ethical pressure.

Whitlock points to the fragmented governance chain that fuels the problem. The Office of the National Coordinator (ONC) contracts the Sequoia Project as the Recognized Coordinating Entity (RCE) to oversee QHIN onboarding, but oversight remains opaque. Both ONC and Sequoia have faced criticism for allowing entities like Health Gorilla and GuardDog to operate with minimal vetting. Industry leaders are now urging tighter onboarding criteria, mandatory identity verification, and enforceable penalties for non‑compliant QHINs. Such reforms would restore confidence in the TEFCA model and align it with HIPAA’s security expectations.

Beyond system‑level policy, the discussion highlights unique pediatric challenges. Adolescents and custodial parents present complex consent scenarios, and the rise of consumer health apps threatens to export children’s PHI beyond HIPAA‑covered environments. Whitlock warns that simplifying individual access—such as one‑click data downloads—must be balanced with robust safeguards, especially for vulnerable populations. He advises CIOs to stay plugged into policy steering committees, leverage peer networks, and maintain close dialogue with legal and privacy officers. By proactively shaping governance and championing responsible data‑sharing, health leaders can protect patients while advancing true interoperability.