1 / 19

Connecting for Good

Connecting for Good. Loews Coronado Bay Resort, San Diego, California. David C. Kibbe, MD MBA President and CEO, DirectTrust. Expect Direct!. Secure Health Information Exchange at the Dawn of the Health Internet. Mission and Goals.

floyd
Télécharger la présentation

Connecting for Good

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Connecting for Good Loews Coronado Bay Resort, San Diego, California David C. Kibbe, MD MBA President and CEO, DirectTrust

  2. Expect Direct! Secure Health Information Exchange at the Dawn of the Health Internet

  3. Mission and Goals DirectTrust.org, Inc. (DirectTrust) is a voluntary, self-governing, non-profit alliance dedicated to the support of Direct exchange of health information at national scale, through the establishment of policies, interoperability requirements, and business practice requirements. Taken together, these create a Security and Trust Framework for the purpose of uniting multiple Direct implementations and their communities, enhancing public confidence in privacy, security, and trust in identity when using Direct. DirectTrust is the recipient of an ONC Cooperative Agreement award in the amount of $280,205 as part of the Exemplar HIE Governance Program. Within this Program, DirectTrust is charged by ONC with further development of the Direct Trusted Agent Accreditation Program, and the establishment of a national trust anchor bundle distribution service for Direct exchange implementers.

  4. The problem behind the lack of data liquidity in healthcare -- fragmentation

  5. La, la, la... I can’t hear you, can’t hear you! I’m sending you Mrs. Smith! 60-70% of physicians and hospitals now use EHRs…yet • Not a single EHR is interoperable with another vendor’s product…EPIC literally can’t move data to NextGen except by fax. • Nearly 100% of referrals and transitions of care require paper, fax, or mail transmittal of important health information. • Specialists report that over 50% of the time they never get information from referring PCPs, and PCPs report that over 50% of the time they never hear anything back from the specialists.

  6. And that’s just the tip of the iceberg… • PHRs have languished because patients can’t easily get their data from providers. • Payers, e.g. Medicare, spend $$ on mail and fax trying to communicate with providers and beneficiaries. • State and federal agencies depend on fax, phone, and mail for most communications.

  7. Stage 2 MU focus is on exchange

  8. Health Information Exchange 101What’s the status in late 2013? HIE is electronic sharing of health information among varied health care providers and their organizations, while maintaining meaning. HIE types • Direct “push” / email / point-to-point • Exchange / XD* protocols /Enterprise-to-enterprise • Data collection, aggregation / central hub & query Data frequently exchanged • Any file type, but structured data as HL7 CCD, cCDA • Stage 2 MU sets common data set, requires EHRs to certify Direct exchange capability, cCDAcapablity.

  9. Only Direct exchange… • Is easy, familiar, email-based (SMIME/SMTP+PKI). • Required by Stage 2 MU of all EHRs by 2014 for both provider-provider and provide-patient data exchange. • Uses the Internet natively for point-point exchange between any two addresses.

  10. A deeper dive into Direct: identity assurance is key feature • Before Direct users can exchange messages and attachments, they must interact with three entities that serve as “trusted agents,” each of which has separate roles and responsibilities. • A Health Information Service Provider, HISP, handles the encryption and identity validation on behalf of the Direct addressee, assigns accounts and addresses, and arranges for the addressees to be issued an X.509 digital certificate; • A Certificate Authority, CA, issues the X.509 digital certificate to the addressee, along with the public key, relying on the information supplied to it by the; • A Registration Authority, RA, which verifies and proofs the identity of the addressee applying for an X.509 digital certificate.

  11. HISP-HISP between EHRs Arc of Liability identity validation encryption EHR EHR DrBob@direct.familypractice.com (has been identity vetted, has X.509 Digital certificate bound to address.) DrSusan@direct.cardiology.com (has been identity vetted, has X.509 Digital certificate bound to address.)

  12. HISP-HISP exchange between EHR and PHR Arc of Liability identity validation encryption EHR PHR DrBob@direct.familypractice.com (has been identity vetted, has X.509 Digital certificate bound to address.) Pt.Dave@direct.MyPHR.com (has been identity vetted, has X.509 Digital certificate bound to address.)

  13. Consider the near future! • Any Direct addressee can send/receive data in any format to/from any Direct addressee, securely, over the Internet. • Any information available to the patient, e.g. vitals, device results, images, etc., can be made available to providers in near real time. • Next generation “medical information homes” have the source of data, and the means of sourcing data, available for the first time.

  14. Security & Trust Framework EHNAC-DirectTrust Accreditation Program Trusted Anchor Bundle Distribution DirectTrust Approach The goal is to make it easy and inexpensive for trusted agents, e.g. HISPs, to voluntarily know of and follow the “rules of the road“for security and Identity, while also easy and inexpensive to know who else is following them.

  15. Accreditation and Audit DirectTrust is accrediting HISPs, CAs, and RAs In partnership with EHNAC. Look for the EHNAC-DirectTrust seal of accreditation for assurances of best practices for privacy, security, and trust-in-identity. Accreditation status of HISPs, CAs, RAs is always available at www.DirectTrust.org 15

  16. About DirectTrust • The ONC is establishing governance mechanisms for nationwide health information exchange, in part through a cooperative agreement with DirectTrust. • The Stage 2 MU regulations require eligible providers to engage in health information exchange via standards and in a manner consistent with these governance mechanisms. • DirectTrust is a non-profit industry alliance that is supporting Direct exchange adoption and use through policy setting, accreditation, trust anchor distribution, and outreach activities. The AAFP is one of the founding members of DirectTrust.See:http://www.healthit.gov/buzz-blog/health-information-exchange-2/onc-partners-health-information-exchange-governance-entities and also http://www.healthit.gov/buzz-blog/electronic-health-and-medical-records/directtrust-builds-transparency-confidence-direct-exchange). 

  17. Short lexicon of terms Direct Project A public-private sector initiative sponsored and run by ONC whose aim was to create a simple, secure, and open standard for transport of messages and attachments between health care participants over the Internet, regardless of end-user technology. Direct Standard The outcome of the Direct Project. A set of protocols and specifications, along with a security and trust architecture, for simple, secure, inter-vendor communications over the Internet for use by health care professionals and patients. Direct Message Exchange Use or deployment by individuals or entities of health information exchange utilizing the Direct standard. Also sometimes referred to as Directed “push” exchange, Direct exchange. Direct User or Subscriber An organization or an individual that participates in sending and receiving messages and attachments using technology equipped to do so, e.g an EHR or a web portal, via the Direct standard, and who has the authority to do so.

  18. Resources and additional information • DirectTrust website www.DirectTrust.org Information on Membership Information on Workgroups and Active Projects DirectTrust Membership List Accreditation Status List Code of Ethics DirectTrust Community X.509 Digital Certificate Policy Federation Agreement Direct Trusted Agent Accreditation Program (DTAAP) Trust Anchor Bundle Website David.Kibbe@DirectTrust.org

  19. Thank you

More Related