
Health information exchange (HIE) is the secure electronic sharing of patient health information — medications, allergies, lab results, diagnoses, imaging reports, discharge summaries — between hospitals, clinics, pharmacies, labs, public health agencies, and other authorized participants across different EHR systems.
HIE reduces reliance on fax, phone calls, and patient memory by making clinical data accessible when and where it is needed for care.
ONC states that HIE allows doctors, nurses, pharmacists, and other providers to appropriately access and securely share a patient’s vital medical information electronically.
By 2025, 76% of U.S. hospitals engaged in all four core domains of interoperable exchange — sending, receiving, finding, and integrating outside health information.
TEFCA, the nationwide exchange framework, grew from roughly 10 million records exchanged to more than 1 billion in less than one year through mid-2026.
In this guide, we’ll be going through:
- How HIE works in clinical workflows
- Current trends in nationwide exchange
- HIPAA, TEFCA, FHIR, and HL7 standards
- Privacy, consent, and opt-in/opt-out choices
- Benefits by patient, clinician, and organization
- The three types of health information exchange
- What HIE means as both a process and an organization
Does HIE mean a network or a process?
Both — and the confusion between these meanings is one of the most common misunderstandings in health IT.
HIE as a verb refers to the act of electronically sharing patient data between organizations. HIE as a noun refers to the organization or network that facilitates that sharing. A peer-reviewed policy review explains that HIE can mean the act of sharing data or the organization facilitating exchange.
Related terms that add to the confusion:
Health Information Organization (HIO)
GovernanceManages, governs, and operates health information exchange services between participating healthcare organizations.
Health Information Network (HIN)
InfrastructureThe technical network that securely connects participants and enables electronic health information exchange.
Qualified Health Information Network (QHIN)
Nationwide ExchangeA TEFCA-designated network that enables standardized nationwide interoperability across participating organizations.
Regional HIE (RHIE)
Regional ExchangeA local or state-level health information exchange connecting providers within a defined geographic region.
When someone says “our HIE,” they might mean their exchange organization, their network, or the process itself. Clarifying which one saves significant time in vendor conversations and policy discussions.
What are the three types of health information exchange?
ONC describes directed exchange and query-based exchange as primary forms, with consumer-mediated exchange as a third patient-controlled method.
| Type | How it works | Example |
| Directed exchange | One provider securely sends information to a known recipient | Primary care doctor sends a referral summary and records to a specialist |
| Query-based exchange | A provider searches for or requests records from other sources | Emergency department looks up a patient’s medication history and recent hospital visits |
| Consumer-mediated exchange | The patient accesses, gathers, or shares their own records | Patient uses a FHIR-enabled app to share records with a new provider |
Directed exchange is the “push” model — it works like secure clinical email.
Query-based exchange is the “pull” model — a provider requests records from other systems, typically during unplanned care like emergency visits.
Consumer-mediated exchange puts the patient in control, usually through portals or third-party apps connected via Patient Access APIs.
Three Types of Health Information Exchange
Directed Exchange
Provider sends data to a known recipient
Referrals, discharge summaries, lab orders
Query-Based Exchange
Provider searches for records when needed
Emergency care, unplanned visits, new patients
Consumer-Mediated
Patient controls and shares their own records
Patient apps, portals, FHIR-based access
How does HIE work in practice?
The underlying mechanics involve patient matching, data routing, and access governance — but from a clinical workflow perspective, the process follows a predictable pattern.
Patient Encounter
A patient receives care and the clinical information is documented in the healthcare organization’s EHR.
Exchange Participation
The organization participates in a Health Information Exchange, Health Information Network (HIN), or Qualified Health Information Network (QHIN).
Secure Data Exchange
Information is transmitted using approved exchange methods such as Direct Secure Messaging, query-based exchange, ADT feeds, or FHIR APIs.
Information Access
The receiving provider retrieves the information through their EHR, an HIE clinical viewer, or an HIE portal.
Governance & Audit
Every access event is logged, governed by participation agreements, and subject to applicable patient privacy and access rights.
For most clinicians, HIE shows up as outside records appearing in the patient chart — medications from a pharmacy, a discharge summary from a hospital stay, lab results from a reference lab, or an ADT alert that a patient was admitted somewhere else.
A 2025 JAMA Network Open study of 8,122 family physicians found that ideal interoperability — automatically obtaining outside data, finding it easy to locate, and finding it easy to reconcile — ranged from only 19% for encounter documents down to 8% for outside test results.
Exchange infrastructure is widespread, but the data is not always easy to find, compare, or use at the point of care.
Who benefits from health information exchange?
HIE creates value at multiple levels — but the impact depends on data quality, network participation, workflow integration, and how consistently the exchanged information reaches the people who need it.
| Who | Potential benefit |
| Patients | Less repeated paperwork, fewer duplicate tests, better care coordination across providers |
| Clinicians | More complete view of medications, allergies, labs, imaging, and prior care |
| Hospitals | Smoother transitions, readmission prevention, faster discharge follow-up |
| Primary care teams | Real-time notifications after ED visits or hospitalizations |
| Public health agencies | Faster case reporting, immunization tracking, and population-level monitoring |
| Payers and ACOs | Better care coordination data for value-based care and risk management |
A 2024 study of 85,261 emergency department discharges among patients with Alzheimer’s disease found that more types of clinical information received from outside providers was associated with lower preventable ED visits.
The strongest effect appeared in patients with multiple chronic conditions — precisely the population where information gaps are most expensive.
A California Health Care Foundation synthesis reported that a large health plan using Manifest MedEx saved 9.7 staff hours daily by reducing outbound calls for chart retrieval, and an independent primary care network saw 21–29% reductions in ED readmissions after implementing ADT notification services.
Should you opt into health information exchange?
Most patients benefit from HIE participation because it helps their care team access medications, allergies, prior hospitalizations, and test results when they need them — especially during emergencies or transitions between providers.
Privacy concerns are valid, though. Patients should ask their provider or HIE:
- How to request access history
- How access is monitored and logged
- Who can access their data and under what conditions
- Whether they can opt out (and what that means for care continuity)
- How behavioral health, substance use, reproductive health, or other sensitive records are handled
Consent rules vary by state, network, and data type. Some states operate opt-in models (data is not shared until the patient agrees), while others use opt-out models (data is shared unless the patient declines). Patients should review their provider’s Notice of Privacy Practices and the HIE’s patient-rights materials.
What standards and regulations govern HIE?
Multiple overlapping frameworks control how health data moves and who can access it.
| Standard or regulation | Role in HIE |
| HIPAA | Governs privacy and security for PHI among covered entities and business associates |
| TEFCA | Nationwide framework for trusted exchange across networks via QHINs |
| FHIR | Modern API-based standard for structured health data exchange |
| HL7 v2 | Widely used messaging standard for ADT, lab, and result data |
| C-CDA | Structured clinical document standard for care summaries and referrals |
| Direct Secure Messaging | Secure point-to-point exchange (like encrypted clinical email) |
| USCDI | Baseline set of data classes and elements for federal interoperability requirements |
| Information Blocking Rule | Addresses practices that interfere with access, exchange, or use of electronic health information |
HIPAA allows sharing for treatment, payment, and healthcare operations without requiring individual patient authorization in most cases.
TEFCA adds exchange purposes including public health, government benefits determination, and individual access services. State laws may impose additional consent requirements, particularly for sensitive data categories.
What is TEFCA and why does it change HIE?
TEFCA (Trusted Exchange Framework and Common Agreement) is a nationwide framework managed by ONC that connects health information networks through designated QHINs (Qualified Health Information Networks).
ONC describes TEFCA as creating a path for health information to be shared beyond proprietary boundaries.
Before TEFCA, organizations had to join multiple separate networks to exchange data broadly. TEFCA creates a “network-of-networks” model where connecting to one QHIN gives access to other QHINs and their participants.
The basic structure:
- Participants connect to QHINs
- QHINs are the central connection points
- Subparticipants connect through Participants
- Exchange purposes define what data sharing is permitted
HHS reported that TEFCA exchange grew from about 10 million to more than 1 billion health records exchanged in less than one year through mid-2026.
The speed of adoption signals a shift from local, vendor-specific exchange toward federated governance at national scale — though data quality, patient matching, and workflow integration remain real-world challenges.
How are HIE and interoperability different?
HIE is the movement of data. Interoperability is the ability to exchange data and use it meaningfully once it arrives.
| Concept | What it means |
| HIE | The process or network for sharing health data electronically |
| Interoperability | The ability of systems to exchange and interpret health data |
| EHR | A digital record system at one organization (stores data, does not move it by itself) |
| FHIR | A technical standard that enables structured data exchange through APIs |
| TEFCA | A governance framework that connects exchange networks nationally |
A record that arrives but cannot be read, reconciled, or integrated into the clinical workflow is exchanged but not interoperable.
The 2025 family physician study demonstrated this gap clearly — most physicians had access to outside data, but few found it easy to automatically obtain, locate, and reconcile.
What challenges limit HIE effectiveness?
HIE infrastructure is now widespread, but several persistent problems reduce its clinical usefulness.
Patient Matching Errors
Records may not match correctly across organizations, causing duplicate records or missing clinical history.
Incomplete Network Participation
Not every hospital, clinic, laboratory, or specialist contributes data to the same exchange network.
Data Quality Issues
Shared information can be incomplete, inconsistently coded, duplicated, or no longer current.
Workflow Burden
If outside records are difficult to locate or compare, clinicians are less likely to use them during patient care.
Consent Variation
Patient consent requirements differ between states, organizations, and exchange networks.
Sensitive Data Rules
Behavioral health, substance use, reproductive health, and similar records often require additional privacy protections.
Fax Still Plays a Major Role
Despite continued growth in digital exchange, ONC data shows that approximately 40% of hospitals continued sending records by mail or fax between 2018 and 2025.
The biggest challenge is not technical anymore. It is making exchanged data findable, usable, and trustworthy at the point of care.
Your data moves between systems. MedHeave makes sure your revenue does too.
Interoperable data exchange keeps patient records connected.
But when clinical documentation flows across systems while claims sit unworked, revenue gaps widen — especially during care transitions where coding, modifier selection, and payer-specific rules shift between settings.
- MedHeave manages the full claim lifecycle from charge capture through final payment posting
- Claims are scrubbed against payer-specific rules before submission — not after denial
- Transitional care encounters get coded and billed within 24–48 hours of signed notes
- AR follow-up happens daily, not monthly
Talk to MedHeave about closing the gap between clinical data exchange and consistent revenue performance.
Frequently asked questions
Here are some commonly asked questions on this topic:
Health information exchange is the secure electronic sharing of patient health data — medications, allergies, lab results, diagnoses, discharge summaries — between different healthcare organizations like hospitals, clinics, pharmacies, and labs. HIE helps the right people access the right information when they need it for care decisions. The term can refer to the data-sharing process itself or to the organization (HIO, HIN, or QHIN) that facilitates the sharing.
Directed exchange sends patient data from one provider to a known recipient, like a referral summary going from a PCP to a specialist. Query-based exchange lets a provider search for and request records from other organizations, commonly used in emergency departments treating unfamiliar patients. Consumer-mediated exchange puts patients in control of their own data through portals, apps, or FHIR-based tools. TEFCA adds a fourth layer by connecting exchange networks nationally through QHINs.
For most patients, opting in supports better care coordination — clinicians can see your medications, allergies, and test results without relying on your memory or faxed records. Privacy protections including audit logs, access controls, and HIPAA rules apply to HIE data. If you have concerns about sensitive records (behavioral health, substance use, reproductive health), ask your provider how those categories are handled. Consent rules vary by state and network, so review your HIE’s patient-rights materials before deciding.
No. An EHR stores clinical records within one healthcare organization. HIE moves records between organizations so that a hospital, specialist, lab, or pharmacy can access relevant data from other systems. An EHR is the filing cabinet. HIE is the delivery service. Most modern EHRs support HIE through built-in connections to exchange networks, FHIR APIs, Direct messaging, and HL7 interfaces — but the EHR alone does not provide cross-organizational exchange.
TEFCA is the Trusted Exchange Framework and Common Agreement — a nationwide framework developed by ONC to connect health information networks through designated QHINs (Qualified Health Information Networks). Instead of each organization joining multiple separate networks, TEFCA creates a network-of-networks where connecting through one QHIN provides access to others. Exchange purposes include treatment, payment, healthcare operations, public health, government benefits, and individual access services.