The nationwide interoperable exchange of health information is still a challenge for the health IT industry, but progress in terms of technology and policy is coming along at a rate faster than we’ve seen at any time in the past.
While the federal government pushes its policy efforts to promote nationwide interoperability through the Trusted Exchange Framework and Common Agreement (TEFCA), it’s also moving forward with technology and practice efforts through DirectTrust workgroups, which was awarded an ONC Cooperative Agreement to “further work in accreditation, trust anchor distribution services and governance of the DirectTrust Community,” according to the DirectTrust website.
The effort, more widely known as the “Direct Project,” was started by the Office of the National Coordinator for Health IT in 2010 involving the participation of the American Academy of Family Physicians, the American Medical Association, the Veterans Health Administration (VHA), and the National Institute for Standards and Technology (NIST). Over the years, it has played important roles in meaningful use initiatives, the establishment of direct messaging standards and the development of Health Information Networks.
Today, DirectTrust’s framework of direct message protocols assists more than 112,000 participating healthcare organizations and 1.67 million user accounts in implementing provider-to-provider and patient-to-provider communications, according to the Healthcare Informatics blog. Those communications between healthcare professionals, patients and health IT vendors are secured using identity proofing regardless of the end user’s application of the technology.
With more than 300 electronic health record (EHR) vendors’ products using DirectTrust messaging and more than 50 health information exchanges, the security and interoperability for exchanging health information is now covered for more than half of the healthcare professionals in the U.S. under Direct.
Conquering FHIR and Open APIs
As DirectTrust messaging has proliferated, it has been a positive for interoperability efforts. As this happened, however, the industry has seen the rise of a new standard not required by the 21st Century Cures Act. Known as FHIR, the Fast Healthcare Interoperability Resources data standard developed by Health Level 7 makes it easier and faster to perform data exchange and allows patients to use apps to share information.
And that is where open Application Programming Interfaces (APIs) come in. Cures essentially laid down a mandate for healthcare to open itself up to innovation through the creation of open APIs so that developers can do what they do best, innovate. Those APIs allow for data sharing that is fueling the creation of health apps with greater clinical utility and are necessary for large scale innovation.
So how can DirectTrust, which is already widely used among EHR systems, incorporate FHIR and APIs? Two use cases have been identified and discussed by DirectTrust groups following the FHIR Connectathon in early 2018.
The first involves what DirectTrust representatives referred to as “Direct to FHIR.” What this would do is allow patients and providers to query medical information by sending a Direct Message. Health Information Service Provider MaxMD claims that it “leverages the trust-in-identity assured by a Direct Address to provide authentication and authorization of an HL7 request to a FHIR API. The user receives a response in an inbox like an ordinary Direct message,” according to a post from Healthcare Informatics.
The other use case comes in the form of using DirectTrust’s certificates in conjunction with FHIR RESTful API to allow trust to be scaled up. This would help FHIR resources be more trustworthy.
“What we showed in example one is that Direct can be used as a transport layer, as a single onramp to transmit a FHIR payload,” said Bruce Schreiber, Chief Technology Officer of MaxMD, in a recent webinar. “In scenario two, we showed the trust framework developed by DirectTrust can be used for authentication and authorization, and there are a number of ways this can be scaled.”
