Interoperability in healthcare is the ability of different health information systems, devices, and applications to exchange patient data and use it meaningfully. When it works, your lab results from one hospital are available to a specialist at another, your insurance claim processes without a fax, and your medical history follows you instead of starting from scratch at every new provider. As of 2023, 70% of U.S. hospitals could send, find, receive, and integrate health information from outside their own systems, up from 46% in 2018. That’s real progress, but it also means nearly a third of hospitals still can’t do all four.
The Four Levels of Interoperability
The Healthcare Information and Management Systems Society (HIMSS) breaks interoperability into four levels, each building on the one before it.
Level 1, foundational interoperability, simply means one system can receive data from another. Think of it as getting the package delivered to your door. The data arrives, but the receiving system doesn’t necessarily know what to do with it. This is mostly an IT infrastructure problem.
Level 2, structural interoperability, standardizes the format of that data so its purpose and framework stay intact during transfer. The package now arrives with a label, and the contents are organized in a way the recipient expects.
Level 3, semantic interoperability, is where meaning is preserved. A diagnosis code entered in one system carries the same precise clinical meaning when read by another. This is the hardest technical challenge and where most of the standards work happens.
Level 4, organizational interoperability, goes beyond technology into governance, policy, legal agreements, and trust. It covers questions like who has consent to share what, how workflows integrate across institutions, and what rules govern data use. Without this layer, even perfectly formatted data can’t flow freely between organizations that lack shared agreements.
How Systems Actually Share Data
Modern health data exchange relies on a standard called FHIR (Fast Healthcare Interoperability Resources), developed by HL7 International. FHIR lets systems communicate through APIs, the same type of technology that lets apps on your phone pull data from different services in real time. These APIs use standard web protocols to create, read, update, and search health records across different environments.
Before FHIR, most data exchange happened through older messaging formats that required custom connections between every pair of systems. FHIR simplified this by using a web-native approach: if a system can connect to the internet, it can potentially exchange FHIR data without building a bespoke interface.
For the data itself to carry consistent meaning, healthcare relies on standardized coding systems. Diagnoses are coded using systems like SNOMED CT, lab results use LOINC codes, and billing uses ICD-10. When a lab result is tagged with a LOINC code, any system reading that code knows exactly which test was performed and how to interpret the value. Without these shared vocabularies, “blood glucose” in one system might not match “fasting plasma glucose” in another, even when they refer to the same test.
Where U.S. Hospitals Stand Today
The Office of the National Coordinator for Health Information Technology tracks hospital interoperability across four activities: sending, receiving, finding, and integrating outside health data. Sending is the easiest; 89% of hospitals did it in 2023, with 84% doing so routinely. Finding external records came in at 78%. Receiving hit 84%. Integration, the most complex step where outside data actually becomes usable within a hospital’s own workflows, lagged behind at 70%, and only 51% of hospitals integrated data routinely.
That integration gap matters. A hospital might receive your records from another facility but still require a clinician to manually review and re-enter key details. When 22% of hospitals aren’t integrating external data at all, patients end up repeating tests, filling out the same forms, and watching clinicians work without a complete picture.
Why It Matters for Patient Safety
A meta-analysis published in ScienceDirect found that electronic health record systems reduced diagnostic errors by 32% and medication errors by roughly 26% compared to paper-based systems. The benefits were greatest in mature systems with built-in clinical decision support, such as automatic alerts for drug interactions or flagged abnormal lab values. In less mature systems or settings where records are fragmented across platforms, those safety gains shrink.
The practical implications are straightforward. When an emergency physician can pull up your medication list and allergy history from another hospital’s system, they avoid prescribing a drug that could harm you. When a specialist can see that you already had a CT scan last week, they skip the duplicate order. These aren’t hypothetical scenarios. They’re the daily reality that interoperability either enables or prevents.
The Laws Pushing Interoperability Forward
The 21st Century Cures Act, passed in 2016, created the legal backbone for health data exchange in the U.S. One of its most significant provisions was making information blocking illegal. If a healthcare provider, health IT developer, or health information exchange interferes with access to or sharing of electronic health information, that’s a violation, with limited exceptions for privacy, security, or situations where sharing would cause harm.
The Cures Act also led to the creation of TEFCA, the Trusted Exchange Framework and Common Agreement. TEFCA establishes a nationwide infrastructure for health data exchange by creating a common legal contract that networks sign onto. It sets baseline technical and legal requirements, governs how patient identity is verified across networks, and defines the purposes data can be exchanged for: treatment, payment, healthcare operations, public health, government benefits determination, and individual access. The idea is that once networks join TEFCA, their participants can exchange data with any other TEFCA participant without needing separate agreements.
On the insurance side, CMS finalized a rule requiring government-regulated payers (Medicare Advantage plans, Medicaid, CHIP, and marketplace insurers) to make claims, encounter data, and clinical information including lab results available to patients through a Patient Access API. A follow-up rule pushes payers toward API-based prior authorization by January 2027, a change CMS projects will streamline one of the most frustrating bottlenecks in healthcare.
The Economic Case
Administrative waste is one of the clearest targets. CMS estimates that a single rule establishing national standards for electronic exchange of clinical documentation supporting insurance claims will save the healthcare industry roughly $782 million per year. That rule specifically phases out fax machines and paper mail for claims attachments, replacing them with standardized electronic transactions.
The savings extend beyond claims processing. When systems share data effectively, hospitals avoid duplicate imaging and lab work. Insurance companies process prior authorizations faster. Patients spend less time on hold trying to get records transferred. None of these savings show up in a single line item, but collectively they represent billions in wasted time and resources across the system.
What Still Gets in the Way
Technology is no longer the primary barrier. The bigger obstacles are organizational. Many health systems invested heavily in proprietary platforms and have little financial incentive to make data portable. Even with information blocking rules on the books, enforcement has been slow, and the exceptions in the law (covering privacy, security, and other concerns) give organizations enough room to justify restrictive practices.
Patient identity matching remains a persistent technical challenge. The U.S. has no universal patient identifier, so systems rely on matching algorithms that compare names, dates of birth, addresses, and other demographic details. When those details don’t match perfectly (a misspelled name, an old address) records can fail to link, or worse, link to the wrong patient. TEFCA’s technical framework includes patient identity resolution requirements, but a national solution remains elusive.
The integration problem is also partly a workflow problem. Even when data arrives in a compatible format, clinicians need it presented in a way that fits their decision-making process. A flood of unorganized external records can be as unhelpful as no records at all. The systems that perform best are the ones that filter, organize, and surface relevant information at the right moment in the care process.