Secure messaging vendors to support interoperability

Register now

The 21st Century Cures Act seeks to develop new policies and standards to support an interoperable health IT technology infrastructure that enhances the use and exchange of data while enabling research into new medical breakthroughs.

Recently, the Office of the National Coordinator for Health Information Technology announced it soon will release proposed rules for public comment on developing a trusted exchange framework for the Cures Act.

Other industry initiatives are gearing up to support the Cures Act, including DirectTrust, which offers secure electronic messaging between providers, patients and other healthcare consumers via the Direct Project protocols for secure communications.

DirectTrust on Tuesday announced an extension through 2018 of its agreement with the Electronic Healthcare Accreditation Commission, known as EHNAC, to administer the accreditation and audit processes for Certificate .Authorities and Registration Authorities.

Also See: HITRUST program to aid national cyber threat sharing

Certificate authorities issue digital certificates that verify an entity’s identification on the Internet to participate in secure communications. Registration authorities do similar work to enable entities to participate in trusted networks.

DirectTrust also announced it will offer a new accreditation program in 2018 for Healthcare Information Service Providers, which are secure messaging vendors that use the Direct messaging protocols to offer access to secure trusted sites on the Internet.

DirectTrust governs the HISPs, says David Kibbe, MD, its president and CEO. “Our job is to identify proofing for purposes of encryption and identification of partners in data exchange,” he explains.

But while DirectTrust offers trusted data exchange services, so do other entities, such as EHNAC and HITRUST. As a result providers, insurers and other healthcare participants faced the prospect of being accredited by all three entities, and stakeholders make clear that they did not want to go through multiple certification programs, Kibbe says.

Consequently, HISPs now have the option of obtaining their HIPAA privacy and security accreditation and audit through either DirectTrust or HITRUST.

“We’re very pleased to continue to have EHNAC as an accrediting and auditing partner in our Trust Framework while also accepting the HITRUST CSF Assurance program,” Kibbe adds.

For reprint and licensing requests for this article, click here.