government trust anchorOn February 25, 2016, the DirectTrust and Federal Health Architecture announced that they have entered into an historic agreement creating a Government Trust Anchor Bundle to facilitate secure, interoperable healthcare data exchange among government agencies and between government agencies and private healthcare industry providers.

The new Trust Bundle consists of 23 federal agencies that deal in one way or another with health care. They include CMS, the Department of Defense, the Veterans Administration and Indian Health Services. This action enables the 23 agencies to use Direct Messaging for the electronic exchange of health information with each other and with private sector healthcare providers.

DirectTrust is a collaborative, non-profit association of health IT and healthcare provider organizations formed to support the secure, interoperable exchange of healthcare information under the Affordable Care and HITECH acts utilizing new data transfer protocols such as the Direct message protocol that currently drives the network. DirectTrust has created a “trust framework”, established policies for exchanging medical records between healthcare organizations and individuals. A “trust anchor” is an organization that has been accredited to conform with EHNAC, DirectTrust, and HIPAA privacy, security, and breach notification rules. A “trust anchor bundle” is a collection of trust anchors.

The Federal Health Architecture (FHA) is an initiative led by the Office of the National Coordinator for Health IT (ONC) to coordinate the health information technology (HIT) efforts of the 23 federal agencies involved in health care. The Governmental Trust Anchor Bundle (GTAB) will incorporate stronger levels of security and identity controls than those of DirectTrust’s first trust bundle known as Accredited Trust Anchor Bundle (ATAB). GTAB will make it possible for federal agencies to join and participate securely within the DirectTrust trusted network of private sector health care organizations using the Direct protocol.

The new Governmental Trust Anchor Bundle will also facilitate the use of Direct protocol by state agencies, such as state Medicaid and state health and public health departments, that require the more stringent security controls that are contained in the new Governmental Trust Anchor Bundle.

“This is a momentous day in the advancement of secure electronic health information exchange. Congratulations to all at the FHA and to DirectTrust’s Trust Anchor Approval Committee year-long effort to accomplish this important goal,” said DirectTrust President and CEO David C. Kibbe, MD, MBA.

“We look forward to secure electronic Direct messaging with attachments replacing fax and mail for care coordination among clinicians in government health facilities and their counterparts in the private sector. Considerable and significant benefits can be expected for the care of millions of Americans including, veterans and active duty military personnel, and their families.”

iShare Medical℠ is one of 38 EHNAC Accredited DirectTrust Health Information Services Providers (HISP) in the Accredited Trust Anchor Bundle (ATAB). iShare Medical℠ provides secure, HIPAA compliant exchange and sharing of medical records over the DirectTrust Nationwide Health Information Network (NwHIN). It’s like a clearing house for medical records. Medical information may be exchanged securely between healthcare providers, between providers and insurers, or with individuals.

iShare Medical℠ iShareID looks like an email address and iShare Medical℠ Messaging looks like an email system, but this is no email system. Your iShare Medical℠ messages can only be opened by a trusted individual to whom the message is addressed using their secret key to unlock the message. Messages are sent over a safe and secure encrypted network.

“Why do I need iShare Medical℠ Messaging?”

Electronic protected health information (ePHI) refers to any protected health information (PHI) that is covered under Health Insurance Portability and Accountability Act of 1996 (HIPAA) security regulations and is produced, saved, transferred or received in an electronic form.

Electronic protected health information includes patient names, addresses, Social Security numbers, email addresses, fingerprints or photographic images, among others. In addition, any past medical records or payment information is subject to the same degree of privacy protection.

Under the HIPAA Privacy Rule, healthcare providers and their business associates must protect the privacy of the patients’ identifiable health information in any format including electronic, paper or oral (verbal). The Privacy Rule calls this information “protected health information (PHI)”.

Use of nonsecure electronic transfer, such as ordinary email, can result in data breaches. These expose healthcare providers and insurers to severe fines and penalties for allowing PHI to be unprotected, not to mention the impact of a breach on the affected individual whose identification and health data may be misused.

iShare Medical℠ ID-proofs every person before issuing that person an iShare Medical℠ iShareID and a secret key. An iShare Medical℠ iShareID is an address that uniquely identifies an individual in the health care system. The individual can be a patient or a provider such as a physician, nurse practitioner, physician assistant, physical therapist, dentist, or staff member of a provider such as a medical assistant, nurse, administrator, scheduler, receptionist, or biller. This means that you will know who is sending and receiving the message. The iShare Medical℠ iShareID can be used to safely and securely send and receive messages to and from medical providers and to and from patients.

iShare Medical℠ Messaging provides a secure way to exchange data and messages over an encrypted and authenticated nationwide network. Messages can be sent to individuals both inside and outside of your practice.

Linda Van Horn, MBA | Tuesday, March 22, 2016