# TEFCA for Gov't Benefits Determination

The Trusted Exchange Framework and Common Agreement (TEFCA) provides the groundwork for secure, nationwide data exchange for permitted exchange purposes.

Support government agencies with the information they need to determine whether a person qualifies for non-government health benefits.

[Watch the webinar to learn more about our QHIN ****](https://healthgorilla.com/home/resources/video-library/webinar-health-gorilla-achieved-qhin-designation-what-it-means-for-your-organization)

## How TEFCA supports Benefits Determination

TEFCA facilitates the secure health information exchange to assist federal or state government agencies in deciding whether a person is eligible for federal or state benefits for any reason other than health care.

## Sample workflow for Government Benefits Determination

### Step 1

Query the TEFCA network

The United States Social Security Administration (SSA) requests medical information from TEFCA exchange through a connected QHIN.

### Step 2

Retrieve medical records

Medical records are securely retrieved under the permitted exchange purpose of Benefits Determination.

### Step 3

Facilitate benefits determination

The SSA uses the retrieved information to facilitate disability benefits determination for an applicant.

## Learn more about Gov't Benefits Determination

\
\
**User’s Guide to the Trusted Exchange Framework and Common Agreement** \
\
Learn more about the goals of TEFCA, QHINs, permitted exchange purposes, and security and privacy requirements.\
\
Download ****](https://cdn.prod.website-files.com/62719a041d28d7b5603dd995/65724d6b5371bebca5e162e2_Common-Agreement-Users-Guide-version-1.1-dated-2.9.2023.pdf) \
\
**A Guide to TEFCA's Six Exchange Purposes** \
\
Read more ****\
\
Read about the six permitted exchange purposes under TEFCA and how Health Gorilla will facilitate these expanded purposes of use.](https://www.healthgorilla.com/blog/a-guide-to-tefcas-six-exchange-purposes)

## Secure and trusted

#### HITRUST R2

We’re HITRUST R2 certified, which means that we successfully manage cybersecurity risks by exceeding industry-defined information security requirements.

#### SOC 2 Type 2

SOC 2 Type 2 is a stamp of approval on our controls relevant to data security, availability, processing, integrity, confidentiality, and privacy.

#### HIPAA

Complying with applicable health data laws, including HIPAA, is ingrained in our culture, processes, and staff training.

## Get started today

Get in touch with our interoperability experts to learn more.

[Get in touch](https://www.healthgorilla.com/home/contact)
