This post was written by Trip Hofer, CEO at Redox.
When I joined Redox in 2023, I quickly learned there’s no such thing as a single, all-encompassing interoperability partner. The scope and complexity of the challenge is too vast. A single company can’t possibly cover every use case, every workflow, every system nuance. Success requires collaboration across an ecosystem, with each participant delivering unique capabilities. This is because technical architectures are complex, workflows don’t always align, data standards are inconsistently applied, and regulations are constantly evolving. None of these factors are static, and each presents its own set of barriers to the kind of seamless, secure, and rapid data exchange that we all strive for.
The recent CMS Data Interoperability gathering in Washington, D.C. sparked important conversations about where we’re headed as an industry. I was further encouraged by the recently published CMS pledge initiative and especially pleased to see that many of the organizations signing on are already valued Redox customers and partners. We share a common vision: Protected Health Information (PHI) should move where it’s needed securely, quickly, and in a way that improves care.
The CMS Interoperability Framework: emphasis on ALL and SPEED
To recap, the CMS Interoperability Framework is a voluntary roadmap designed to accelerate progress without creating additional regulatory burdens. It focuses on alignment, execution, and momentum. The pledge outlines 26 specific actions and goes into depth about each one.
While all 26 are important, they share a common emphasis on speed, as well as getting all relevant clinical data to patients and providers quickly and securely, with full transparency into access activity.
These words are easy to say, but non-trivial to bring to reality. “All the data” means pulling from multiple systems, in multiple formats, often converting legacy structures into FHIR. It means securing data with modern identity and encryption practices, and doing it all in near real time. And it means building the infrastructure to do this reliably at scale.
The Realities Behind the 26 Actions
The pledge is certainly aspirational, and we applaud it. We also know from experience that the execution will be challenging. Here’s where many organizations will encounter real-world complexity.
1. Converting and standardizing data
By July 4, 2026, participating networks must provide data via FHIR APIs aligned with the US Core Implementation Guide, including USCDI V3 or later. Although all ONC certified EHRs and Payers are required to have a USCDI API, a lot of healthcare data still resides in systems and formats that are not covered by regulations and may be hard to access and make sense of. Sophisticated transformation capabilities and infrastructure are required to convert these older formats to FHIR while ensuring outputs are both machine- and human-readable, and can reliably translate across formats without data loss.
2. Building responsive, scalable infrastructure
The pledge calls for timely responses to clinical data queries, ideally in real time where legally permissible. That’s not just about fast software, it’s about an architecture that can handle massive volumes without bottlenecks. Record locator services, which identify where patient data resides across networks, are also a key requirement to keep queries efficient and reduce unnecessary search load.
3. Supporting provider access and delegation
Providers must be able to transact on the network using any application or delegated vendor of their choice. This is a critical flexibility feature, preventing vendor lock-in and encouraging innovation. But it also means systems must be capable of working with any Qualified Health Information Network (QHIN) and supporting a broad spectrum of query types
4. Maintaining trust and transparency
Providers have an obligation to protect patient information. Patients have an expectation of privacy regarding their data. Without trust, PHI will not move to where it can have a positive impact; without transparency there will be no trust.
Audit logs, access control, consent management, transparent vetting, and recognized security certifications aren’t just compliance boxes—they’re trust enablers when implemented transparently. Patients and providers alike need to know who accessed data – when and why – and have confidence that those who should not access the data can’t. These controls policies are a foundational part of making the pledge real.
5. Enabling patient access—often through B2B channels
Direct patient-mediated exchange is important, but today most patients interact with their health data through applications connected to payers or providers. Delivering on the pledge will require robust business-to-business integrations that can handle everything from claims to prior authorizations to clinical results, in a way that supports the apps patients actually use.
Moving From Concept to Reality
Like most things in healthcare, the idea is not the hard part; we know what needs to happen. The hard part is the execution: building the infrastructure, making the connections, ensuring compliance, supporting the real-world formats, standards, requirements and handling the day-to-day realities of moving sensitive clinical data at scale- making sure it works in practice vs in theory.
That’s why the CMS pledge matters. It’s a unifying set of principles that gives our industry a common target to strive for, and whether your organization has signed it or not, the complex work to meet its goals is worth doing. Better patient outcomes, more coordinated care, and faster innovation are not theoretical benefits, they are possible with the right approach.
For over a decade at Redox, we’ve been building with this philosophy in mind. We’ve always believed that no single network, standard, or vendor will “win” interoperability. The future is, and must be, plural.
Our role has been to make that plurality work for healthcare organizations, not against them. Instead of asking you to pick one network, one approach, or one technology stack, we’ve built a platform that connects you to many. That means you can take advantage of each network or solution, whether that’s a QHIN, a specialty data source, a cloud analytics platform, or a legacy EHR connection, without having to build your integrations from scratch each time.
It’s an approach that mirrors the CMS pledge’s intent: openness, flexibility, and speed. Over the years, we’ve seen that the organizations best able to adapt to change are those that keep their options open and their data strategy modular. A platform approach allows you to respond quickly to new regulatory requirements, take advantage of emerging interoperability models, and connect to new partners as they enter the ecosystem.
We’re entering a phase of healthcare data exchange where “either/or” thinking will slow you down. The future is plural: FHIR and non-FHIR, direct and delegated, one network and another. The CMS pledge points the way to plurality. We’ve been preparing for it since day one. Let’s make this pledge a reality, together.