DirectTrust Workgroups Work to Incorporate FHIR and Open APIs

a computer graphic of cartooney file folders on opposite sides with files being exchanged between the two of them

The nationwide interoperable exchange of health information is still a challenge for the health IT industry, but progress in terms of technology and policy is coming along at a rate faster than we’ve seen at any time in the past.

While the federal government pushes its policy efforts to promote nationwide interoperability through the Trusted Exchange Framework and Common Agreement (TEFCA), it’s also moving forward with technology and practice efforts through DirectTrust workgroups, which was awarded an ONC Cooperative Agreement to “further work in accreditation, trust anchor distribution services and governance of the DirectTrust Community,” according to the DirectTrust website.

The effort, more widely known as the “Direct Project,” was started by the Office of the National Coordinator for Health IT in 2010 involving the participation of the American Academy of Family Physicians, the American Medical Association,  the Veterans Health Administration (VHA), and the National Institute for Standards and Technology (NIST). Over the years, it has played important roles in meaningful use initiatives, the establishment of direct messaging standards and the development of Health Information Networks.

Today, DirectTrust’s framework of direct message protocols assists more than 112,000 participating healthcare organizations and 1.67 million user accounts in implementing provider-to-provider and patient-to-provider communications, according to the Healthcare Informatics blog. Those communications between healthcare professionals, patients and health IT vendors are secured using identity proofing regardless of the end user’s application of the technology.

With more than 300 electronic health record (EHR) vendors’ products using DirectTrust messaging and more than 50 health information exchanges, the security and interoperability for exchanging health information is now covered for more than half of the healthcare professionals in the U.S. under Direct.

Conquering FHIR and Open APIs

As DirectTrust messaging has proliferated, it has been a positive for interoperability efforts. As this happened, however, the industry has seen the rise of a new standard not required by the 21st Century Cures Act. Known as FHIR, the Fast Healthcare Interoperability Resources data standard developed by Health Level 7 makes it easier and faster to perform data exchange and allows patients to use apps to share information.

And that is where open Application Programming Interfaces (APIs) come in. Cures essentially laid down a mandate for healthcare to open itself up to innovation through the creation of open APIs so that developers can do what they do best, innovate. Those APIs allow for data sharing that is fueling the creation of health apps with greater clinical utility and are necessary for large scale innovation.

So how can DirectTrust, which is already widely used among EHR systems, incorporate FHIR and APIs? Two use cases have been identified and discussed by DirectTrust groups following the FHIR Connectathon in early 2018.

The first involves what DirectTrust representatives referred to as “Direct to FHIR.” What this would do is allow patients and providers to query medical information by sending a Direct Message. Health Information Service Provider MaxMD claims that it “leverages the trust-in-identity assured by a Direct Address to provide authentication and authorization of an HL7 request to a FHIR API. The user receives a response in an inbox like an ordinary Direct message,” according to a post from Healthcare Informatics.

The other use case comes in the form of using DirectTrust’s certificates in conjunction with FHIR RESTful API to allow trust to be scaled up. This would help FHIR resources be more trustworthy.

“What we showed in example one is that Direct can be used as a transport layer, as a single onramp to transmit a FHIR payload,” said Bruce Schreiber, Chief Technology Officer of MaxMD, in a recent webinar. “In scenario two, we showed the trust framework developed by DirectTrust can be used for authentication and authorization, and there are a number of ways this can be scaled.”

healthcare informatics
YES! Please send me a FREE guide with course info, pricing and more!
Facebook
Twitter
LinkedIn

Academic Calendar

Spring I – 2025

Application DeadlineDecember 20, 2024
Start DateJanuary 13, 2025
End DateMarch 9, 2025

Spring II – 2025

Application DeadlineFebruary 21, 2025
Start DateMarch 10, 2025
End DateMay  4, 2025

Summer I – 2025

Application DeadlineApril 18, 2025
Start DateMay 5, 2025
End DateJune 29, 2025

SUMMER II – 2025

Application DeadlineJune 13, 2025
Start DateJune 30, 2025
End DateAugust 24, 2025

FALL I – 2025

Application DeadlineAugust 8, 2025
Start DateAugust 25, 2025
End DateOctober 19, 2025

FALL II – 2025

Application DeadlineOctober 3, 2025
Start DateOctober 20, 2025
End DateDecember 14, 2025

Spring I – 2026

Application DeadlineDecember 19, 2025
Start DateJanuary 12, 2026
End DateMarch 8, 2026

Spring II – 2026

Application DeadlineFebruary 20, 2026
Start DateMarch 9, 2026
End DateMay 3, 2026

Get Our Program Guide

If you are ready to learn more about our programs, get started by downloading our program guide now.