Friday
Apr102015

EHNAC and DirectTrust to Conduct a Pilot of a PHR HIPAA Compliance Accreditation Program for Personal Health Record and Patient Portal Vendors

Call for Beta Organization Participants Now Open

FARMINGTON, Conn., April 10, 2015 (GLOBE NEWSWIRE) -- The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit standards development organization and accrediting body for organizations that electronically exchange healthcare data, and DirectTrust, a non-profit trade alliance that advances secure, health information exchange via the Direct Protocol, announced today they are developing an accreditation program for personal health record (PHR) and patient portal vendors.

This pilot accreditation program will assess these organizations and their ability to meet or exceed HIPAA privacy and security rules based upon the areas of security, privacy, and confidentiality, technical and personnel resources, best practices and compliance with HIPAA and the HITECH Omnibus Rule that updated HIPAA. In 2012, EHNAC and DirectTrust partnered to develop the existing Direct Trusted Agent Accreditation Programs (DTAAPs) for health information service providers (HISP), registration authorities (RA) and certificate authorities (CA) supporting Direct Exchange. The new pilot program for personal health record vendors will be similar to those programs in that it will recognize excellence in health data processing and transactions, and confirm compliance with industry-established standards for privacy and security that are equivalent or exceed HIPAA.

"Personal health record and patient portal vendors are the fastest growing new membership group within DirectTrust – and they deserve a rigorous accreditation program that recognizes the same level of data security and privacy as other organizations accredited by EHNAC-DirectTrust," said DirectTrust President and CEO David C. Kibbe, MD. "The program that DirectTrust and EHNAC is piloting will provide assurance equivalent to and possibly beyond what HIPAA requires. For example, we're looking into incorporating an encryption component for stored data, as well as two-factor authentication to further protect the customers of both PHR vendors and EHR vendors looking to develop their own portals."

EHNAC Executive Director, Lee Barrett added, "We're in an environment of increased angst over security and privacy issues – and with good reason. Today's healthcare providers not only have access to a patient's protected health information including financial data, but also insights into diagnoses, treatment plans, medications, etc. As patients take greater control over their own healthcare decisions and transition their health information to personal health records, they need to have confidence in all healthcare stakeholders that their data will remain secure and confidential. EHNAC and DirectTrust are working collaboratively to close that gap."

PHR vendors looking to participate as a pilot organization and contribute to the development of the program are encouraged to contact info@ehnac.org for more information.

About EHNAC

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, electronic health networks, EPCS vendors, eprescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors and third-party administrators.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit www.ehnac.org, contact info@ehnac.org, or follow us onTwitterLinkedIn and YouTube.

About DirectTrust

DirectTrust.org, Inc. is a non-profit, competitively neutral, self-regulatory entity created by and for participants in the Direct community, including HISPs, CAs and RAs, doctors, patients, and vendors, and supports both provider-to-provider as well as patient-to-provider Direct exchange. The goal of DirectTrust.org is to develop, promote and, as necessary, help enforce the rules and best practices necessary to maintain security and trust within the Direct community, consistent with the HITECH Act and the governance rules for the NwHIN established by ONC.DirectTrust.org is committed to fostering widespread public confidence in the Direct exchange of health information. To learn more, visitwww.directtrust.org.

Wednesday
Apr082015

DirectTrust Announces TASCET as Platinum Sponsor of the 2nd Annual DirectTrust Networking Reception at HIMSS15

TASCET serves as Platinum Sponsor for DirectTrust Networking Reception at HIMSS

Washington, D.C. (PRWEB) April 08, 2015

DirectTrust, a non-profit trade alliance that advances secure standards-based health information exchange (HIE) via the Direct Protocol, is proud to announce TASCET, Inc. as a Platinum Sponsor for the 2nd Annual DirectTrust HIMSS15 Reception.

TASCET is a digital enterprise risk management company, providing software that enables enterprises to proactively manage risk, prevent fraud and protect consumers. In healthcare, TASCET issues a Standard Patient Number™ (SPN), which overcomes the flaws in existing methods of matching patients to medical records and solves the need to identify patients across disparate medical systems during electronic exchange. SPNs solve enterprise risks ranging from medical identity fraud, out of network providers and internal and external patient record sharing while protecting patients in the event of a data breach.

Larry Aubol, CEO TASCET stated, “Everything is digitized, except the most important thing; the customer, the patient, the employee. They remain stuck in the sixteenth century of paper and ink. When we rely on documents and information to identify the people we do business with, we inadvertently promote fraud and threaten the enterprise."

“We are pleased to have TASCET as a valued member of DirectTrust and a Platinum Sponsor for our upcoming event. TASCET and its collaborating peer organizations in the DirectTrust network will continue to have a tremendous impact on patient identity and matching," said Dr. David C. Kibbe, President and CEO of DirectTrust.

About DirectTrust 
DirectTrust is a nonprofit, competitively neutral, self-regulatory entity created by and for participants in the Direct community – including health information service providers (HISPs), certificate authorities, registration authorities, doctors, patients, and vendors. It supports both provider-to-provider, as well as patient-to-provider Direct exchange. The goal of DirectTrust is to develop, promote and, as necessary, help enforce the rules and best practices needed to maintain security and trust within the Direct network, consistent with the HITECH Act and the governance rules for the NwHIN established by the ONC. DirectTrust is committed to fostering widespread public confidence in the Direct exchange of health information. DirectTrust is the recipient of a two-year Cooperative Agreement with the Office of the National Coordinator for Health IT, ONC, under the Exemplar HIE Governance Program, and has been supported in part by a grant associated with the Cooperative Agreement. To learn more, please visit http://www.DirectTrust.org.

Wednesday
Mar182015

DirectTrust Interoperability Report Suggests Best Practices, Improvements

DirectTrust releases its Report on DirectTrust Interoperability Testing and Recommendations to Improve Direct Exchange.

Washington, D.C. (PRWEB) March 18, 2015

DirectTrust, a non-profit trade alliance that advances secure standards-based health information exchange (HIE) via the Direct Protocol, will present its Report on DirectTrust Interoperability Testing and Recommendations to Improve Direct Exchange during the DirectTrust Mini-Conference co-located at the 12th Annual World Health Care Congress on Sunday, March 22, 2015 at 2 pm at the Washington Marriott Wardman Park in Washington, D.C. Last year there were nearly 23 million Direct exchange transactions, and the report is the compilation of two years of best practices and observations on how to efficiently implement interoperability within the context of Stage 2 Meaningful Use.

"The infrastructure for Direct exchange is robust and exchanges are going quite smoothly for most people and organizations attesting to Stage 2 MU 'transitions of care' objectives," said DirectTrust President and CEO David C. Kibbe, MD, MBA. “The report's goal is to get HISPs, EHRs, PHRs, and their customers up to speed using Direct even more quickly, and also to improve the network's processes and policies for more consistent, reliable end-to-end data transfers via Direct."

The challenge-solution format is designed to help Direct service providers and end-users avoid potential stumbling blocks and trouble-shoot any issues that may arise. In addition, it includes a number of recommendations to the Office of the National Coordinator for Health Information Technology (ONC), the health exchange community, electronic health record (EHR) vendors, as well as members of Congress. The focus is improving interoperable communications among providers using EHRs for Meaningful Use programs.

Among the recommendations are: 

  •     Changes to the Applicability Statement, which is the technical description of the Direct standard
  •     Acceptance within the industry of new guidance that will remove ambiguity through best practices
  •     Adding ONC certification proving EHR interoperability in the field, not just in testing labs

Although parts of the report are highly technical in nature so as to benefit engineers implementing interoperability, the report will also prove valuable to CIOs, CTOs, doctors and others in healthcare operations who need specific guidance on solving business problems and managing different scenarios.

"The network is a collaborative community of more than 35,000 healthcare organizations," said EMR Direct CEO Julie Maas. "The report is really a consolidation of shared experiences on overcoming growing pains that are common in such a dynamic system. Solutions evolve and issues resolve. That's what happens when a group is dedicated to finding answers instead of placing blame."

Dr. Kibbe pointed to the report's accounts of a growing number of health information service providers (HISPs) that have successfully implemented Direct exchange. Despite initial, and understandable, skepticism, as well as a number of technical variables — compatibility of systems, claims specifics, etc. — HISPs are demonstrating proof of interoperability between systems.

"Interoperability is hard work, but DirectTrust's skeptics are becoming extinct," he said. "Our hope is that this report provides near term and actionable steps that can be taken to realize the goals for Direct as a first step in interoperability on a national scale, equally vital to patients and consumers as it is to providers and provider organizations."

DirectTrust-EHNAC accreditation means that strict privacy, security, and trust-in-identity controls are in place to ensure that messages and attachments sent over the Internet remain encrypted end-to-end, and that senders and receivers are identity-proofed. In addition to medical practices, clinics, hospitals, pharmacies and laboratories, DirectTrust technology is also being adopted by a growing number of federal agencies, such as the Veterans Administration, U.S. Postal Service, and Indian Health Services.

The interoperability report is the latest in a series of advances made by DirectTrust. Their network grew nearly 970 % last year, and it recently launched a pilot program to create a national directory of Direct email addresses – about 660,000 accounts – for accredited members and their customers.

Those interested in attending DirectTrust's conference presentation or attaining accreditation are advised to visit http://www.DirectTrust.org.

About DirectTrust 
DirectTrust is a nonprofit, competitively neutral, self-regulatory entity created by and for participants in the Direct community – including health information service providers (HISPs), certificate authorities, registration authorities, doctors, patients, and vendors. It supports both provider-to-provider, as well as patient-to-provider Direct exchange. The goal of DirectTrust is to develop, promote and, as necessary, help enforce the rules and best practices needed to maintain security and trust within the Direct network, consistent with the HITECH Act and the governance rules for the NwHIN established by the ONC. DirectTrust is committed to fostering widespread public confidence in the Direct exchange of health information. DirectTrust is the recipient of a two-year Cooperative Agreement with the Office of the National Coordinator for Health IT, ONC, under the Exemplar HIE Governance Program, and has been supported in part by a grant associated with the Cooperative Agreement. To learn more, please visit http://www.DirectTrust.org.

Wednesday
Mar112015

DirectTrust Pilot Program to Connect Providers via Private, National Directory

DirectTrust launches a pilot program to create a directory of Direct email addresses for providers.

Washington, D.C. (PRWEB) March 11, 2015

DirectTrust, a non-profit trade alliance that advances secure standards-based health information exchange (HIE) via the Direct Protocol, has launched a pilot program to create a directory of Direct email addresses for providers in its trusted, national network. The network, which grew nearly 1,000% last year, would not only become more efficient, but participants will find it easier to meet 2015 Stage 2 Meaningful Use “transitions of care” requirements.

“We’re exploring ways to enhance our services in order to match our growth and ensure secure, interoperable health information exchange,” said DirectTrust President and CEO David C. Kibbe, MD, MBA. “Although we’re starting this as a pilot program, our vision is to scale our Provider Directory to enable our entire network of health professionals – about 660,000 accounts – to find their peers’ Direct addresses through their EHRs. The goal is to facilitate care coordination efforts with the utmost security, confidence and efficiency.”

Dr. Kibbe emphasized that the Directory would be available only to DirectTrust accredited members and their customers, is being built according to widely accepted directory standards, and the information therein will not be sold, rented or shared with third parties.

Currently, each health information service provider (HISP) is responsible for providing its own network with a directory of addresses. Different HISPs and electronic health records (EHRs) use different formats, gather different information, and follow different protocols. Consequently, if a provider wants to send a Direct message to another provider who uses a different HISP or EHR, they have to call the provider and request their address.

Last year, there were nearly 23 million Direct exchange transactions.

“There’s a great demand for streamlined communication, and we realize that given the size of our network, we need to crawl before we can walk, then walk before we run,” said Med Allies CEO and DirectTrust Board Chairman John Blair III, MD. “There are more than 35,000 healthcare organizations in our network, so we anticipate that spots in the pilot program will fill up quickly. If this pilot is successful it could eventually have a strong impact on interoperability”

DirectTrust-EHNAC accreditation means that strict privacy, security, and trust-in-identity controls are in place to ensure that messages and attachments sent over the Internet remain encrypted end-to-end, and that senders and receivers are identity-proofed. In addition to medical practices, clinics, hospitals, pharmacies and laboratories, DirectTrust technology is also being adopted by a growing number of federal agencies. HISPs from the Veterans Administration, United States Postal Services, and Indian Health Services have applied for DirectTrust-EHNAC accreditation.

For details on participating in the Directory pilot program or attaining accreditation, please visithttp://www.DirectTrust.org.

About DirectTrust

DirectTrust is a nonprofit, competitively neutral, self-regulatory entity created by and for participants in the Direct community – including health information service providers (HISPs), certificate authorities, registration authorities, doctors, patients, and vendors. It supports both provider-to-provider, as well as patient-to-provider Direct exchange. The goal of DirectTrust is to develop, promote and, as necessary, help enforce the rules and best practices needed to maintain security and trust within the Direct network, consistent with the HITECH Act and the governance rules for the NwHIN established by the ONC. DirectTrust is committed to fostering widespread public confidence in the Direct exchange of health information. DirectTrust is the recipient of a two-year Cooperative Agreement with the Office of the National Coordinator for Health IT, ONC, under the Exemplar HIE Governance Program, and has been supported in part by a grant associated with the Cooperative Agreement. To learn more, please visit http://www.DirectTrust.org.

Friday
Jan302015

DirectTrust Grows Almost 970%, Nears 23-Million-Messages Record in 2014

DirectTrust announced that in 2014, the organization expanded its trusted, national network to include 38 Direct exchange HISPs, which now provide Direct exchange services to more than 35,000 health care organizations with more than 660,000 individual Direct accounts and addresses nationwide.

Washington, D.C. (PRWEB) January 30, 2015

DirectTrust, a non-profit trade alliance that advances secure, health information exchange (HIE) via the Direct Protocol, announced today that last year’s growth far exceeded projections. In 2014, the organization expanded its trusted, national network to include 38 Direct exchange health information service providers (HISPs), which now provide Direct exchange services to more than 35,000 health care organizations with more than 660,000 individual Direct accounts and addresses nationwide. In all, there were nearly 23 million Direct exchange transactions in support of Meaningful Use transitions and other use cases for care coordination.

That translates into the following performance: 
Healthcare Organizations: Up 969% 
Accounts and Addresses: Up 797% 
Direct Transactions: Up 794%

“We’ve experienced stunning growth on every level,” DirectTrust President and CEO David C. Kibbe, MD, said. “We’re talking about nearly a 10-fold increase in the number of health care organizations signed on to Direct. The word is spreading quickly, not just about the ease of implementation and use, but also about the considerable potential for quality improvements and cost savings as electronic Direct exchange replaces paper, mail, fax, and e-fax transmissions. We are starting to see the business case for use of Direct for clinical and administrative information exchanges between federal- and private-sector providers and their organizations, as well.”

DirectTrust-EHNAC accreditation signals strict privacy, security, and trust-in-identity controls are in place to ensure that messages and attachments sent over the Internet remain encrypted end-to-end, and that senders and receivers are identity-validated. Used within electronic health record (EHR) software, this empowers providers and hospitals to communicate with HIPAA-compliance across organizational boundaries and proprietary software platforms. It also qualifies them for the federal government’s meaningful-use incentive programs.

More than 300 certified EHRs now rely upon DirectTrust HISPs for their Direct exchange capability.

“Cerner believes our industry needs interoperability to offer patients the improved continuity of care they deserve,” said Andy Heeren, director, network IP, Cerner. “By partnering with DirectTrust, we’re making it easier for health care organizations to utilize an open, yet secure, communication infrastructure that will help shape the future of health information exchange.”

Despite somewhat disappointing numbers of providers and hospitals participating in Stage 2 Meaningful Use in 2014, expansion is expected to continue during 2015 among its current core users – including medical practices, clinics, hospitals, pharmacies and laboratories. The technology is also being adopted by a growing number of federal agencies. HISPs from the Veterans Administration, United States Postal Services, and Indian Health Services have applied for DirectTrust-EHNAC accreditation so as to provide interoperable and secure Direct exchange between their own and private sector providers and their EHRs.

Other organizations interested in details on attaining accreditation may visit http://www.DirectTrust.org.

About DirectTrust 
DirectTrust is a nonprofit, competitively neutral, self-regulatory entity created by and for participants in the Direct community – including health information service providers (HISPs), certificate authorities, registration authorities, doctors, patients, and vendors. It supports both provider-to-provider, as well as patient-to-provider Direct exchange. The goal of DirectTrust is to develop, promote and, as necessary, help enforce the rules and best practices needed to maintain security and trust within the Direct network, consistent with the HITECH Act and the governance rules for the NwHIN established by the ONC. DirectTrust is committed to fostering widespread public confidence in the Direct exchange of health information. DirectTrust is the recipient of a two-year Cooperative Agreement with the Office of the National Coordinator for Health IT, ONC, under the Exemplar HIE Governance Program, and has been supported in part by a grant associated with the Cooperative Agreement. To learn more, please visit http://www.DirectTrust.org.

About Cerner 
Cerner’s health information technologies connect people, information and systems at more than 14,000 facilities worldwide. Recognized for innovation, Cerner solutions assist clinicians in making care decisions and enable organizations to manage the health of populations. The company also offers an integrated clinical and financial system to help health care organizations manage revenue, as well as a wide range of services to support clients’ clinical, financial and operational needs. Cerner’s mission is to contribute to the improvement of health care delivery and the health of communities. Nasdaq: CERN. For more information about Cerner, visit cerner.com, read our blog at cerner.com/blog, connect with us on Twitter at twitter.com/cerner and on Facebook at facebook.com/cerner.

Friday
Dec122014

Direct: 5 Years Of Simplifying Health Information Exchange

David McCallie, father of the Direct protocol, discusses the state of interoperability in healthcare with Georgia Tech informaticist Mark Braunstein.

Five years ago today, Gartner Group HIT expert Wes Rishel posted a guest article on his blog entitled "Simplifying Interop," written by David McCallie, Jr., MD.

In his introduction, Rishel said, "I am advocating a layered approach to standards that cherry-picks the easy cases and approaches them using Internet standards that are widely used and, if necessary, easily adapted." He identified Dr. McCallie as a co-conspirator. I interviewed McCallie to recognize the key result of that post exactly five years ago: Direct, the first example of health information exchange using current Internet standards.

McCallie joined Cerner in 1991 and now serves as the company's senior vice president of medical informatics. He is responsible for a research and development team focused on developing innovations at the intersection of computer science and clinical medicine. His current work targets applications of semantic content extracted from the clinical record using natural language parsing techniques. He currently is a member of the Office of the National Coordinator's HIT Standards Committee, where he serves on numerous workgroups, including the JASON Task Force (co-chair); the Architecture, Services, and API WG (co-chair); the Privacy and Security WG; and the Interoperability and HIE WG.

[Nurturing a standard: DirectTrust Delivers Interoperable Messaging To Healthcare.]

Prior to joining Cerner, McCallie was director of research computing at Children's Hospital in Boston, where SMART on FHIR was developed. He earned a bachelor's degree in electrical engineering at Duke University and an MD at Harvard Medical School. He has published numerous articles and presents frequently on the subject of healthcare informatics.

Mark Braunstein: David, I'm afraid it is not as widely known as it should be that you were one of the innovative thinkers behind Direct. Can you explain how you came to see the need for a simpler, secure email-based means of sharing health information?

 

David McCallie, Jr.
David McCallie, Jr.

 

David McCallie, Jr.: We (the ONC HIT Standards Committee, or HITSC) were just getting started selecting the standards for Meaningful Use, and I was concerned that we didn't have a national standard for simple encrypted email-like exchange between providers. It occurred to me that starting with a simple "push" model of exchange would greatly simplify the governance and policy decisions necessary for what we wanted -- universal exchange -- as ubiquitous as the fax machine.

At that time, there were numerous proprietary secure messaging systems, but nothing that could be used for national-scale exchange. I pointed this out to Wes Rishel one evening before an upcoming standards committee meeting. Wes agreed with me and asked me to write about it on his Gartner blog. Clearly a lot of other people had been thinking about this problem, and so we had terrific response to the proposal, leading to numerous experts from around the country volunteering to help design and build a secure email system, based on existing Internet standards (SMTP, S/MIME.)

Eventually, due in large part to the ONC-sponsored coordinating work of Arien Malec and the volunteer efforts of dozens of experts (including Sean Nolan, Greg Meyers, Brett Peterson, Umesh Madan, Nagesh Bashyam, Paul Tuten, Janet Campbell, Rich Elmore, Mike Davis, and many others), the Direct standard emerged.

MB: For readers not familiar with the specifics of Direct, can you briefly explain what it is and how it works?

DM: Sure. Direct is a specific set of profiles on how to use Internet email (SMTP) and standard message encryption (S/MIME) to send secure messages from one provider to another.

Direct leverages well-known open source standards but adopts them for healthcare specific uses. The main thing that Arien's team did was to specify exactly how to manage the complex S/MIME encryption algorithms such that implementation challenges would be minimized, while still guaranteeing that the messages would be securely transmitted. Direct is managed on a local or regional basis by a special service provider called a Health ISP, or HISP. Among other things, providers are registered in the HISP after a verification process to establish "trust" -- that they are who they say they are -- and are issued special email addresses for use only for sending/receiving Direct messages.

MB: Today, of course, Direct is being increasingly used. Are you satisfied with Direct adoption levels?

DM: I am glad to see the rapidly growing availability of Direct users, but I am frankly surprised at how hard it has been to get close to our original notion of universal connectivity. It turns out that building a national-scale "trust framework" is harder than we had anticipated. We didn't think we could force Direct on everyone via a top-down government mandate, so we settled on a federated trust model: Each HISP would have to determine which other HISPs to trust. This has been slower and harder than expected, but we are now seeing lots of progress.

MB: What things do you see that still need to be done to increase Direct adoption and ease of use by providers?

DM: I see two major challenges. The first is the establishment of the trust framework that I mentioned before. The work of DirectTrust has been very important in addressing the creation of such a national-scale trust framework. The second major challenge is for EHR vendors to do a better job of integrating Direct-based secure messages into the clinical workflow. Meaningful Use Stage 2 has perhaps an overly specific use case for Direct, and ironically, that over-specification may have slowed overall adoption.

MB: I note with interest that the first response to your Gartner blog post was by Dr. David Kibbe, who now leads DirectTrust, the organization you just mentioned. Can you explain the need for that effort?

DM: David Kibbe has been a major advocate of Direct from the very earliest discussions. Trust, from a national perspective, is the ability of HISPs to be comfortable that other HISPs have properly vetted everyone who is assigned a special Direct email address to ensure they are who they say they are and that they are managing their encryption keys properly. David and some of his colleagues stepped up to the challenge of building a national trust framework by founding DirectTrust a few years ago, when they realized that federated trust models don't just spontaneously emerge.

DirectTrust works by allowing participating HISPs to undergo a rigorous certification process that proves to the other HISPs that security is being handled according to industry best practice standards. Once a HISP has passed the certification and is added to the DirectTrust "trust bundle," then all of the other participating HISPs can immediately trust the new member. This process is now scaling rapidly, since most of the major HISPs are participating in DirectTrust.

MB: Previously, I've discussed the JASON Report and the recent advice on adopting it that was provided by the JASON Task Force (JTF) convened by CMS and ONC. You co-chaired that task force, so what can you tell us about the likely future of the JASON recommendations?

DM: The original JASON report called for (among other things) the establishment of a "public API" that would be deployed by all major participants in the HIT infrastructure. The JTF agreed with that JASON recommendation and fleshed out some specific suggestions for how the HIT industry could indeed deploy the "public API."

The key is to understand that the public API consists of two things. The first is a standards-based API (likely HL7's FHIR) that all participants could implement, and the second is an expectation that everyone would deploy the API in a fair and non-discriminatory way.

We wrestled with the question of the government's role in ensuring adoption of the public API and settled on a recommendation that, once the public API is piloted and well tested, it should become part of the ONC EHR Certification program (CEHRT). We also suggested that ONC could speed the readiness of the vendor community to implement the public API by simplifying some of the proposed Meaningful Use Stage 3 (MU3) recommendations. In other words, trade off some of the current MU3 complexity for the increased power of a generic API.

We are now awaiting the release of the ONC Interoperability Roadmap, due out very soon, and we'll see how they have responded to these recommendations.

MB: Cerner has become a strong advocate for FHIR, another Internet-based technology that is rapidly receiving attention. I've interviewed Graham Grieve previously, but I'm sure our readers would be interested in getting a perspective on FHIR from a major vendor. What might we see from Cerner in the coming years in the way of FHIR support, for example?

DM: We believe that FHIR is the best candidate for becoming the public API that I mentioned earlier. FHIR is very well-designed, and it leverages many of the design principles (such as HTTPS) that have led to the success of the Internet. Cerner believes that many EHR vendors will come to see themselves as "platform" vendors more than just as product vendors.

The idea of a platform is that your customers can access the API to extend the product on their own -- to add in capabilities that the vendor might not have addressed. This could also lead to an ecosystem of "app developers" who utilize the public API to create "plug-in" apps much like we take for granted in our smartphones, etc. Cerner is working closely with the SMART on FHIR group (from Boston Children's) to create the open standards and specifications to make this vision a reality. Our early pilots in this space have been very well-received. We plan to deploy production versions of SMART and FHIR later into 2015.

MB: Interoperability has been for decades arguably the grand challenge facing health informatics. We've both been in the field for most -- in my case, nearly all -- of that time. I never thought I'd see the level of attention to the problem we're seeing now, nor did I feel I'd see an actual potential solution with a real chance of succeeding. Are you optimistic that we'll achieve interoperability, and can you take out your crystal ball and tell us how you think things may unfold over the coming years?

DM: As an engineer by training, I am always optimistic, but I agree that movement in the last year or so bodes very well for future improvements in interoperability. As you might expect, I think FHIR and specifications like SMART on FHIR will go a long way towards radically increasing the options we have to get our systems to have smarter interactions.

The use of a generic API like FHIR opens the door to innovative new interactions -- the kind that were not possible with the static, "bespoke" interface standards of the past. For example, FHIR will enable us to move past the reliance on document exchange via the complicated CDA approach and allow just the needed clinical data to be requested and received. This should lead to more satisfying interactions for the clinicians who use our systems.

This transition will take years to play out, but I am optimistic that we are indeed at a turning point in the industry's approach to interoperability.

Apply now for the 2015 InformationWeek Elite 100, which recognizes the most innovative users of technology to advance a company's business goals. Winners will be recognized at the InformationWeek Conference, April 27-28, 2015, at the Mandalay Bay in Las Vegas. Application period ends Jan. 16, 2015.

 

Mark Braunstein is a professor in the College of Computing at Georgia Institute of Technology, where he teaches a graduate seminar and the first MOOC devoted to health informatics. He is the author of Contemporary Health Informatics (AHIMA Press, 2014) as well as Health ... View Full Bio
Tuesday
Jul222014

Q&A: DirectTrust CEO David Kibbe, M.D., on future of Direct exchange

Friday
Jul112014

Direct Enablement of Patient and Consumer Health Applications: the Last Mile

Read article here

 

Dr. David Kibbe 
President and CEO 
DirectTrust

David KibbeDr. Kibbe currently serves as the President and CEO of DirectTrust, a non-profit industry alliance that recently received a Cooperative Agreement Award from ONC as part of the Exemplar HIE Governance Program.  DirectTrust serves as a forum and governance body for persons and entities engaged in Directed exchange of electronic health information as part of the Nationwide Health Information Network (NwHIN).  DirectTrust's Security and Trust Framework is the basis for the voluntary accreditation of service providers implementing Directed health information exchange, including Health Internet Service Providers, Certificate Authorities, and Registration Authorities.

What is DirectTrust and how can it benefit patients?

DirectTrust is a non-profit alliance of 130+ Direct exchange providers and supporters of secure Direct messaging, for both providers and patients, including members who are EHRs, Health ISPs (HISPs), PHRs, patient portals, connectivity firms, large multi-specialty health care organizations, federal agencies, and state and local HIEs.   The goal of these entities is to make Direct exchange secure, affordable, and easy to use anywhere there is a connection to the Internet, and to make Direct useful to improve transitions of care and patients' engagement in their own health and health care.

Patients and consumers can benefit from the policies and governance of DirectTrust, as these make it easier for patients to access and move their own health information how and where they see fit.  The difficulty that patients have always experienced -- until Direct -- was how to get their data and information out of their doctors' and hospitals' EHRs and into applications of their own choosing.  This is what proved to be the Achilles heel of Google Health, and of so many other first generation PHRs. Direct addresses this limitation, making health data able to move on the patient's behalf, wherever the patient goes in the health care system.

How can patients find out if their providers allow the use of DirectTrust for secure messaging?

They need to ask "got Direct?" Patients and consumers need to ask a few simple questions, such as: will you help me set up a Direct email account and address? Providers who want their patients engaged and empowered will guide their patients in the best uses of Direct exchange.  And:  Is your EHR and is my PHR DirectTrust accredited?  It's transparent and public information.  If the answer is "yes," then you know your Direct provider has access to a very large national network of Direct health information exchangers, and is being held to a very high standard of privacy,  security, and identity controls.  

What would a patient need to do to set up secure email with their provider?

Every certified EHR is required to offer patients and consumers the ability to "view, download, and transmit to a third party of their choosing" the patient's own health information.   However, not all providers will offer their patients Direct accounts and addresses.  You have to ask, and you have to look for Direct-enabled web-based applications, such as PHRs and patient engagement platforms who are DirectTrust members. The resources for patients are only now beginning to be built out, but the number of Direct-enabled PHRs is growing with the expected demand. 

Resources:

 

 

Wednesday
Jun182014

Pharmacists Recognize DirectTrust Members for Data Sharing Capability

Tuesday
May202014

Direct Trust at FDASIA Health IT Public Workshop

Thursday
May082014

Hospitals and Physicians Face Challenges with Stage 2 Meaningful Use

Katie Sullivan, MA
Only 50 physicians and 4 hospitals that enrolled in the federal electronic health record (EHR) incentive payment program have reported achieving Stage 2 meaningful use of EHRs. Officials from the Centers for Medicare & Medicaid Services (CMS) said that due to these low numbers, many participating practitioners who did not achieve Stage 2 risk having their Medicare reimbursement payments lowered at the end of 2014.

Hospitals that completed 2 to 3 years of meaningful use at Stage 1 advanced into Stage 2 beginning on October 1, 2013. Participating hospitals must achieve 90 consecutive days of Stage 2 meaningful use during 2014, or they will face a 1% rate reduction in their Medicare payments. Physicians and other providers will have until the end of 2014 to advance to Stage 2, but many have voiced concern as to whether they have the same capabilities as hospitals to make the transition.

“I don’t find meaningful use to be very meaningful. I find it to be aggravating and time-consuming, and sometimes a flat-out waste of time I could be using for continuing education, teaching, or otherwise honing my skills. I find that many things that I end up having to document are unnecessary and not relevant for a dermatology practice,” said Doris Day, MD, clinical associate professor of dermatology at NYU Langone Medical Center.

Despite concerns, policy advocates said that effective use of EHRs is important to improve the quality of patient care and office workflows. Some physicians maintain that meaningful use requirements, while beneficial, can infringe on time that should be spent treating patients. The HHS Office of the National Coordinator (ONC) for Health Information Technology suggested that they understand the importance of stakeholder input, recently announcing that they would be making changes to EHR certification in 2015.

“The proposed 2015 Edition EHR certification criteria reflect ONC’s commitment to incrementally improving interoperability and efficiently responding to stakeholder feedback,” said Karen DeSalvo, MD, MPH, national coordinator for health IT. “We will continue to focus on setting policy and adopting standards that make it possible for healthcare providers to safely and securely exchange electronic health information and for patients to become an integral part of their care team.”

 

Monday
May052014

DirectTrust supports 4,000 orgs and 200,000 users for info exchange

Read the lastest issue of HIT Trends  here.

Saturday
May032014

DirectTrust's comments submitted to the ONC in response to the Notice of Proposed Rulemaking (NPRM) Voluntary 2015 Edition Electronic Health Record (EHR) Certification Criteria; Interoperability Updates and Regulatory Improvements.

Thursday
May012014

DirectTrust Network Expands 2,000%, Now Serves Nearly 200,000

DirectTrust Network Expands 2,000%, Now Serves Nearly 200,000 (via PRWeb)

DirectTrust has expanded its trusted, national network to include 26 Direct exchange health information service providers (HISPs), and began large-scale interoperability testing to ensure continued reliability. These HISPs now provide Direct exchange…

Wednesday
Apr092014

DirectTrust Cooperative Agreement with ONC Renewed

DirectTrust announces that its Cooperative Agreement with the Office of the National Coordinator (ONC) for Health IT has been renewed for a second full year. The renewal came after DirectTrust exceeded the goals of the ONC’s Exemplar HIE Governance Program.

Washington, D.C. (PRWEB) April 08, 2014

DirectTrust, a non-profit trade alliance that advances secure, health information exchange via the Direct Protocol, announced today that its Cooperative Agreement with the Office of the National Coordinator for Health IT (ONC) has been renewed for a second full year. The renewal came after DirectTrust not only met, but exceeded the goals of the ONC’s Exemplar HIE Governance Program.

“This is a time when identity theft and privacy concerns are prevalent, so securing patients’ personal health information in Direct messages – and trusting the identity between senders – is a must,” DirectTrust President and CEO David C. Kibbe, MD, said. “In a remarkably short period of time, our members have created a national network for secure and trusted health data exchange over the Internet. EHR users in hospitals, medical practices, and other health care facilities, as well as their patients, will all benefit from the ability to move data securely across organizational and IT boundaries via Direct. The work has been done on time, and on target.”

DirectTrust sets policies and standards for secure health information exchange, and operates a voluntary accreditation program for Health Information Services Providers (HISPs) in partnership with the Electronic Healthcare Network Accreditation Commission (EHNAC). Accredited HISPs provide trusted, low-cost message exchanges from within EHRs, web portals, and other applications for the purposes of health care coordination and patient engagement.

To qualify for the ONC award continuation, DirectTrust had to meet a number of deadlines and milestones. One of those involved its EHNAC-DirectTrust program. Accredited HISPs share digital certificates with one another, making it transparent and efficient for Direct relying parties to know whom to trust, without having to engage in one-off contracts or single-use connections.

In all to date, DirectTrust has enrolled 49 organizations – including leading EHR companies, connectivity vendors, and state HIEs – in more than 80 accreditation and audit programs encompassing privacy, security, and trust-in-identity controls. That exceeded the goal of 50 programs set for the first year of the Cooperative Agreement.

“Over the past year, DirectTrust worked hard to promote good governance practices and enable the exchange of health information,” said Kory Mertz, the Challenge Grant director at the ONC. “We expect that in the second year of the contract, DirectTrust will continue this success and help to enable HISP-to-HISP interoperability among their participants.”

According to John Blair, MD, Chair of the DirectTrust Board of Directors and CEO of MedAllies, an accredited HISP, “The country has placed a high priority on digitizing providers throughout the health care industry. For the last several years, significant money and effort has gone into moving providers from paper to EHRs. Direct exchange is our greatest hope to create interoperability between these disparate EHR systems for transitions of care and care coordination. The partnership between DirectTrust and ONC has been a very productive collaboration between the private sector and government, something we don’t see every day.”

Details on the benefits of HIPAA-compliant messaging and EHNAC-DirectTrust accreditation can be found athttp://www.DirectTrust.org.

About DirectTrust 
DirectTrust is a nonprofit, competitively neutral, self-regulatory entity created by and for participants in the Direct community – including health information service providers (HISPs), certificate authorities, registration authorities, federal agencies, doctors, patients, and vendors. It supports both provider-to-provider, as well as patient-to-provider Direct exchange. The goal of DirectTrust is to develop, promote and, as necessary, help enforce the rules and best practices needed to maintain security and trust within the Direct network, consistent with the HITECH Act and the governance rules for the NwHIN established by the ONC. DirectTrust is committed to fostering widespread public confidence in the Direct exchange of health information. To learn more, please visit http://www.DirectTrust.org.

About the ONC Exemplar HIE Governance Program 
The Exemplar Health Information Exchange Governance Program funds cooperative agreements that advance the efforts of existing governance entities that benefit consumers and healthcare providers by allowing health information to flow securely between unaffiliated healthcare organizations. The purpose of the Program is to work with existing governance entities to further develop and adopt policies, interoperability requirements, and business practice criteria that align with national priorities, overcome interoperability challenges, reduce implementation costs and assure the privacy and security of electronic exchange of health information.

Wednesday
Mar262014

Corepoint Health Joins the DirectTrust Community to Advocate for the Secure Use of Direct Project in Health Information Exchange

As a leader in health data interoperability, Corepoint Health will play an active role in advocating for and promoting data exchange using the Direct Project protocol.

Direct Project’s simplicity will make sending and receiving health data easier for both providers and patients. With Meaningful Use as a key driver, adoption will continue to grow at a rapid pace.

Dallas, TX (PRWEB) March 26, 2014

As part of its mission to provide innovative health data interoperability solutions to healthcare providers, Corepoint Health is proud to announce it has joined the DirectTrust membership organization.

The DirectTrust organization is dedicated to build and strengthen the security and trust framework for the exchange of health data using the Direct Project protocol. Direct Project is a government-created data communication method that allows users to easily send and receive health information. Direct Project is one of five different communication methods available in Corepoint Integration Engine, health IT’s leading interoperability solution.

Jon Mertz, Corepoint Health’s VP of Marketing, said Corepoint Health joined DirectTrust because implementation of Direct Project is still in the early stages across the industry, despite significant provider interest driven by the government’s Meaningful Use requirements.

“Direct Project’s simplicity will make sending and receiving health data easier for both providers and patients. With Meaningful Use as a key driver, adoption will continue to grow at a rapid pace,” said Mertz. “As always, security and trust are of utmost importance for participants in the exchange of health data. We will continue to further both initiatives as members of DirectTrust.”

DirectTrust members must agree to participate in work groups dedicated to security, trust, and growth of the use of the Direct Project; attend monthly educational sessions; become involved with the Direct community; and support the membership growth of DirectTrust.

About Corepoint Health

Corepoint Health delivers a simplified approach to internal and external health data integration and exchange for hospitals, radiology centers, laboratories, and clinics. Corepoint Integration Engine has been named the #1 interface engine for five consecutive years, 2009-2013, in the Best in KLAS: Software & Services report. Our software solutions help healthcare providers achieve interoperability goals and create operational leverage within their care organization.

To read entire article click here

Saturday
Mar222014

Dr. Kibbe speaking at HIMSS14 in Orlando, FL

Dr. David Kibbe did a great job at HIMSS during the Surescripts presentation of succinctly laying out the work of Direct Trust.

Thursday
Feb272014

Covisint Achieves DirectTrust.org/EHNAC Accreditation

Direct Trusted Agent Accreditation Ensures Adherence to Data Processing Standards and Compliance With Security Infrastructure, Integrity and Trusted Identity Requirements

read entire article here

 

ORLANDO, Feb 26, 2014 (GLOBE NEWSWIRE via COMTEX) -- HIMSS Conference & Exhibition -- Covisint Corporation COVS +0.24% , provider of the leading cloud engagement platform, today announced that it has achieved full accreditation with the Direct Trusted Agent Accreditation Program (DTAAP) from DirectTrust.org and the Electronic Healthcare Network Accreditation Commission (EHNAC). Direct Trusted Agent accreditation recognizes excellence in health data processing and transactions, and ensures compliance with industry-established standards, HIPAA regulations and the Direct Project.

Through the consultative review process, EHNAC evaluated Covisint in the areas of privacy, security and confidentiality; technical performance; business practices and organizational resources as it relates to Directed exchange participants. In addition, EHNAC reviewed the organization's process of managing and transferring protected health information and determined that the organization meets or exceeds all EHNAC criteria and industry standards. Through completion of the rigorous accreditation process, Covisint demonstrates adherence to strict standards and participation in the comprehensive, objective evaluation of its business.

"Endorsed by the Office of the National Coordinator for Health Information Technology (ONC), the Direct Trusted Agent Accreditation Program ensures that organizations like Covisint establish and uphold a superior level of trust for their stakeholders," said Lee Barrett, executive director of EHNAC. "The need for guidance and accountability in health information exchange is undeniable, which is reflected in Covisint's commitment to the highest standards in privacy, security and confidentiality."

"The Office of the National Coordinator and the Centers for Medicare and Medicaid are increasingly requiring Direct to be part of the ecosystems of state Medicaid agencies and health information exchange projects," said Steve McDonald, Covisint Vice President of Healthcare. "Covisint's capabilities far exceed Direct requirements and, as a result, we already have many customers running Direct. As one of the few solutions that's also HISP accredited, Covisint is the secure, proven, and trusted choice for healthcare executives considering Direct."

Covisint delivers high value to accountable care stakeholders by supporting a comprehensive health information technology roadmap that helps improve health outcomes, increases efficiencies and fills the gaps left by existing technology investments. Covisint's agnostic platform, which works with or without an existing EMR system, enables the free, secure flow of information with the customer in full control, helping healthcare providers and payers maintain data independence and control.

 

Saturday
Feb222014

New ConnectCare Solution from Kodak Alaris Helps Healthcare Providers Convert and Direct Message Patient Information for Easy Transitions of Care

ROCHESTER, N.Y.,February 19 2014 - Every day, healthcare providers face the challenge of managing and exchanging patient information originating from paper and digital formats. To provide the best patient care, providers must have the ability to securely and efficiently convert and exchange such unstructured/structured content between fellow providers, with Electronic Medical Record (EMR) system interoperability—or by a secure Direct independent means.

Even as a range of providers have implemented EMR technology, the industry remains challenged by inconsistent adoption rates of the Meaningful Use (MU) government mandate. As a result, providers who are unable to uniformly exchange patient information across the healthcare continuum risk a reduction in referrals, which can negatively impact revenue. Additionally, providers who cannot attest to MU2 face reduced reimbursement rates.

To address these urgent health IT communication needs, Kodak Alaris and Inofile have partnered to offer the ConnectCare Solution, a structured Direct patient information solution featuring INOFILE Kno2™ software. The affordable new solution is based on easily implemented, cloud-based software that captures and manages patient information regardless of its source or format. The ConnectCare Solution with Inofile's Kno2 software transforms and structures patient information and provides a secure Direct Messaging capability within the DirectTrust framework. This solution helps to transition patient information between EMR and non-EMR providers to complete the Continuum of Care and offers a secure fax alternative.

"Many small- to midsize providers have been unable to cost justify implementation of EMR, leaving them without options to securely communicate various forms of healthcare information in a timely manner to support patient-centered care objectives," said Dolores Kruchten, President of Kodak Alaris' Document Imaging division. "We are excited to combine our world-class document imaging technology and Inofile's Kno2 Direct Messaging technologies to introduce a solution that enables any provider to transform and communicate patient information securely and electronically."

Kodak Alaris' ConnectCare Solution, part of a newly expanding healthcare solution portfolio, will debut at the Kodak Alaris booth (#8164) at HIMSS14 in Orlando, Feb. 23–26. Inofile also will be at the conference providing Kno2 demonstrations in suite MP 109 on the first floor outside of the exhibit hall, and at the HIMSS14 Interoperability Showcase.

"Kno2 is an easy-to-use, cost-effective, cloud-based application that creates an 'on-off ramp' between sources of unstructured clinical content and Electronic Medical Records systems as well as Health Information Exchange networks, including the nation's largest, SURESCRIPTS," said Inofile CEO Jon Elwell. "Combined with Kodak Alaris' document imaging technology, Kno2 offers providers in all care settings the ability to transform and securely communicate unstructured and structured patient information using standards-based protocols, helping to improve patient transition needs while connecting the Continuum of Care."

Read full article here.

Friday
Feb142014

EMR Direct Receives Full DirectTrust EHNAC Accreditation

phiMail™ Direct Messaging and phiCert™ Identity Services Receive Direct Trusted Agent Accreditation Program (DTAAP) Triple Accreditation as Health Information Service Provider (HISP), Certification Authority, and Registration Authority

SAN DIEGOFeb. 14, 2014 /PRNewswire/ -- EMR Direct, a leading developer of Direct messaging software and provider of Direct HISP and identity services for the secure exchange of Protected Health Information (PHI) over the Internet, has received full accreditation through the Electronic Healthcare Network Accreditation Commission (EHNAC) Direct Trusted Agent Accreditation Program (DTAAP).  EMR Direct's practices were audited against over two hundred technical, physical, and operational criteria and found to be fully in compliance with HIPAA/HITECH, the Direct Project standards, DirectTrust policies, and other measures prescribed by DirectTrust and EHNAC.       

Direct messaging solves the historically expensive problem of securely transferring information across different vendors and healthcare systems, promoting broad interoperability.  The EHNAC symbol has become synonymous with compliance in healthcare-related data transfer procedures, and DirectTrust/EHNAC DTAAP accreditation, endorsed by the Office of the National Coordinator for Health Information Technology (ONC), is the industry-accepted stamp of approval for objective review of Direct services.  "The accreditation of EMR Direct's HISP, CA, and RA services demonstrates their adherence to a higher standard of quality, privacy, security, and confidentiality, as well as data management, and their compliance with HIPAA and HITECH," saysLee Barrett, Executive Director of EHNAC.

DirectTrust, an independent non-profit trade association with over 100 member organizations, establishes policies to promote security and trust in Direct messaging.  An early member of DirectTrust, EMR Direct has been an active participant in this process, and EMR Direct CTO Luis Maas currently serves as Co-Chair of the DirectTrust Security and Trust Compliance Workgroup.  "EMR Direct consistently brings an impressive level of technical expertise in both Direct messaging and public key cryptography to the DirectTrust community, and has played an important leadership role in the development of many DirectTrust policies," says David C. Kibbe, MD, President and CEO, DirectTrust.  "EMR Direct clearly wants interoperability to 'just work', and actively collaborates with other members to make Direct scale across the nation. Accreditation plays an important part in achieving these goals and growing the DirectTrust Network."

"The rigorous criteria for DTAAP accreditation help standardize best practices for the large number of moving parts involved in Direct messaging, a high priority towards achieving true health data liquidity, and providing better care at a lower cost," says Julie Maas, CEO of EMR Direct.  "The EMR Direct phiMail platform receives excellent feedback from EHR developers and has been easily integrated into dozens of EHR products and healthcare applications seeking to meet the Direct messaging requirements for Stage 2 of Meaningful Use.  Our phiMail HISP has been successfully tested in over a dozen EHR certifications for MU2, with many more certifications scheduled in coming months.  EMR Direct's strengths include our easy integration Direct messaging API and connector libraries for multiple application frameworks, ongoing product enhancements based on customer feedback, helpful MU2 certification and other Direct messaging product documentation, high-touch customer support, and industry-leading capabilities such as built-in handling of separate signing and encryption keys, two factor authentication, XDR support, and trust policies tailored to customers' business needs."

About EMR Direct
EMR Direct is headquartered in San Diego, California, and provides Direct messaging services, Direct addresses, and, through its phiCert Certification Authority, the supporting public key infrastructure (PKI) required for Direct exchange.  With the goal of simplifying interoperability and enabling custom workflows, phiMail is easy to deploy and does not require expensive, one-off, peer-to-peer interfaces.  EMR Direct is committed to protecting patient privacy, improving the quality and coordination of care, increasing productivity, and reducing costs.  As part of this commitment, the EMR Direct management team actively participates in numerous government-sponsored and industry workgroups to help refine, expand, and govern the use of Direct messaging.  More information may be found at http://www.emrdirect.com.  Healthcare providers and IT professionals may request evaluation software by registering for a developer or production account

About DirectTrust and EHNAC
DirectTrust is an independent non-profit trade association created by and for participants in the Direct community, to establish and maintain a national Security and Trust framework in support of Direct exchange.  EHNAC is an independent, federally recognized, standards development organization and accrediting body designed to improve transactional quality, operational efficiency, and data security in healthcare. 

Trademark Notice:  phiMail and phiCert are trademarks of EMR Direct.

Media Contact:
Julie Maas
EMR Direct
pr@emrdirect.com
858-367-0770

 

SOURCE EMR Direct