Directed Exchange, when built into electronic medical record software as early as this fall, is a requirement of stage 2 of the federal government's Meaningful Use protocols for healthcare providers.
"Directed Exchange is designed to be as easy as email," Kibbe says. "That's because Directed Exchange really is email. It uses protocols and specifications from email very similar to what we all use with Gmail or with Yahoo mail to send messages and to attach attachments, and move data to where we want to between known parties.
"But there's a big difference, and that is that in healthcare, when health information is being exchanged, we need it to be private, we need it to be secure, and we need to have trust in the identity of the persons or organizations with whom the information is exchanged, whether it's going between one doctor to another, or a doctor to a nurse, or from a nurse to a patient,"Kibbe adds.
The new ONC grant is a key enabler to EHNAC's accreditation program to certify "trusted agents," who act on behalf of Direct Exchange users to assure that a layer of security is in place, and that the parties providing those services are held accountable over time, Kibbe says. So far, a dozen HISPs and certificate authorities are undergoing accreditation, he adds.
"Health Internet service provider A serves a group of providers, and health Internet service provider B, who services another group, need to be able to exchange information and to trust one another with respect to privacy, security, trust, and identity," Kibbe says. "Contracting between HISP A and HISP B with legal contracts is not a very efficient way to do that at all. As a matter of fact, it probably wouldn't work at scale. Accreditation is a means of allowing those parties to voluntarily take a test and then achieve recognition and a seal of approval with respect to having passed that test, and having kept their security and trust and identity procedures up to date."