Citizen and Patient Participation in Direct Workgroup
Leslie Kelly Hall
Indepdent patient/consumer advocate
Date and Time of Weekly Calls
Tuesdays at 3:00 ET
Purpose/Description of Workgroup
- The Citizen and Patient Participation in Directed Exchange workgroup is charged with encouraging and enabling broad Directed exchange between Citizens/Consumers/Patients and health care professionals through reaching consensus on a shared set of security and trust policies, and best practices, that will reduce the administrative burden to provision Citizens/Consumers/Patients with trusted identity credentials, including X.509 digital certificates required of participants in Direct.
- Preserve the principle that patients and consumers must be first class citizens with respect to the uses and operation of Direct for the exchange of health information. In practical terms, this means that no barriers or constraints should be placed in the way of patients' and consumers' access to Directed exchange for the use cases considered within the objectives of Stage 2 Meaningful Use, consistent with HIPAA and other relevant privacy and security laws.
- The overall DirectTrust.org goal is to help assure the stability and interoperability of Direct exchange implementations nationally, and to develop, promote, and as necessary enforce the best practices necessary to maintain security and trust within the Direct Community.
- Foster an Eco-system in which the patient is an active member in shared decision making, and an equal participant and co-producer of their health information
- Facilitate Directed exchange for the following Use Cases:
- Provider-to-patient "push" of health information, e.g. clinical summaries via Direct.
- Patient-to-provider "push" of messages via Direct.
- Reach consensus on how to enable and assure the following:
- If a patient makes available to a provider or provider's organization an X.509 certificate and a working Direct address to which that certificate is bound, the provider must be able to configure his/her HISP account to send Direct compliant messages to the patient's Direct address without further requirements or obligation placed upon the patient.
- If the provider or provider's organization wishes to receive information from a patient, the only requirements are that both the provider's and the patient's HISP can be configured to exchange X.509 certificates in a Direct compliant manner, and that the provider's HISP can be configured to filter incoming messages based on patient address.
- HISPs agree to conform to all relevant and applicable rules and regulations as promulgated by ONC in relationship to Directed exchange and the NwHIN, and also voluntarily associate under the auspices of DirectTrust.org in order to establish and maintain any additional policies, and best practices necessary to assure the security and trust of Direct exchanges for these use cases.
- Completion of the DirectTrust White Paper – Citizens & Patient Participation in Direct – Closing the Gaps
- Final recommendation
- Draft Version of the DirectTrust White Paper – Citizens & Patient Participation in Direct – Closing the Gaps
In Progress / Under Consideration
- Levels of Patient Identification – Pros/Cons