Anatomy of DirectSession 3

April 12, 2011

Agenda• Overview of Direct

• How does Direct work?

• Direct in the Real World

• Panelists:– David C. Kibbe, MD MBA, Senior Advisor, American Academy of Family

Physicians; Chair, ASTM International  E31Technical Committee on Healthcare Informatics; Principal, The Kibbe Group LLC 

– Cris Ross, Executive Vice President and General Manager, Clinical Interoperability, Surescripts

– Mark Bamberg, VP Research & Development, MEDfx

• Q&A

• Poll2

What is Direct?

A project to create the set of

standards and services that, with

a policy framework, enable simple,

directed, routed, scalable transport

over the Internet to be used for

secure and meaningful exchange

between known participants in

support of meaningful use

3

Secure Internet-based Direct Communications

• Simple. Connects healthcare stakeholders through universal addressing using simple push of information.

• Secure. Users can easily verify messages are complete and not tampered with in travel.

• Scalable. Enables Internet scale with no need for central network authority.

• Standards-based. Built on common Internet standards for secure e-mail communication.

b.wells@direct.aclinic.org h.elthie@direct.ahospital.org

4

Why Direct?

Communication of health information among providers and patients still mainly relies on mail or fax

– Slow, inconvenient, expensive– Health information and history is lost or hard to find in paper charts

Current forms of electronic communication may not be secure– Encryption features of off-the-shelf e-mail clients not often used in healthcare communications

today Physicians need to transport and share clinical content electronically in order to satisfy Stage 1 Meaningful Use requirements.

– Need to meet physicians where they are now– Direct will be one of the communication methods in the Nationwide Health Information Network

When current methods of health information exchange are inadequate:

5

Who is Direct? (as of November 2010)

The Direct Project represents over 50 organizations and over 200 participants.– Members participate in the Implementation Group and one or

more of 6 workgroups.

Implementation Group(50+ organizations, 200+ participants)

Security and Trust

Security and Trust Best PracticesBest Practices Implementation

GeographiesImplementation

Geographies CommunicationsCommunications Documentation and Testing

Documentation and Testing

Reference Implementation

Reference Implementation

6

What do you need to enable Direct?• Direct Addresses

• Security & Trust Services

• Direct Messages

• Message Transport & Delivery

7

Direct Addresses

• Direct Addresses are used to route information– Look like email addresses– Used only for health information exchange

b.wells@direct.aclinic.org

• An individual may have multiple Direct addresses

Endpoint Domain

Direct Address

8

Security & Trust: Certificates• Each Direct Address must have at least one digital certificate

associated with it in order to securely transmit and receive health information– Certificate may be tied to either the specific Direct Address or the Domain

that is part of that address– X.509v3 digital certificate standards

• By using certificates to securely transmit and receive information…– The Sender has a strong mathematical certainty that only the Receiver

or explicitly authorized delegates can view the message– The Receiver has a strong mathematical certainty that only the Sender

sent the message– Both Sender and Receiver have confidence that nothing happened to

the message in transit (e.g., tampering, disclosure, etc.)

9

Security & Trust: Certificate Discovery• Certificate discovery must occur prior to a Direct

message being sent in order to fulfill the encryption functions of the S/MIME format

• Discovery based on existing Internet protocols– Existing specifications exist for discovery via DNS

• Address-bound certificates must be associated with a Direct-formatted address

• Organization-bound certificates are stored under the Health Domain Name

– If DNS is not supported, an alternate method must be offered

10

Security & Trust: Trust Anchors

• Certificates are issued by Trust Anchors

• Trust Anchors are Certificate Authorities (CAs)

• Certificates are issued to parties that agree to abide by policies set and/or enforced by the Trust Anchor

11

Direct Messages• Direct Messages are essentially email messages (RFC

5322)– Headers– Contents – text plus attachments– Security information – signatures, certificate information as

applicable

• Contents can be (and often are) structured, but can be unstructured– HL7 lab results– CCD, CCR– PDF, TIFF– Text and other human-readable representations– IHE XDM specifications

12

Message Transport & Delivery

• Direct specifies Simple Mail Transport Protocol (SMTP) as its primary mechanism for delivering healthcare content from a sender to a receiver– This choice supports environments that have minimal

capabilities in terms of using Web Services and generating detailed metadata and allows for more advanced interoperability

13

Direct Project Compliance

• Compliance is defined in the Applicability Statement for Secure Health Transport– Core set of requirements for using SMTP, S/MIME, and

X509 certificates in an interoperable way

• However, it’s recognized that communities may use other standards or proprietary mechanisms internally– Will generally have Direct-compliant gateways that

implement the Applicability specification while harmonizing local standards/mechanisms to Direct-equivalents

– XDR and XDM for Direct Messaging specifies such a solution when using IHE XDR for local transport

14

SOAP, IHE and XD* Conversions• While SMTP is the primary delivery method for Direct,

some healthcare environments have existing SOAP-based Web Services that provide detailed metadata and have adopted a family of IHE profiles– SOAP – format for exchanging structured information, based on

XML for message format• XDR and XDM for Direct Messaging

– XDR – supports a direct push model using Web Services transport

– XDM – supports a direct push model with SMTP as a transport option, among several

• XD* Conversion– Enables interoperability between Direct participants who may be

using SOAP+XDR, SMTP+XDM, or SMTP+MIME

15

XD* Conversion Processes

XD* Conversion involves both transport and metadata•Always occurs when moving between transport mechanisms•Metadata may be created or transformed

Three cases each for Senders and Receivers:•SMTP+nonXDM (RFC5322+MIME)•SMTP+XDM (RFC5322+XDM)•SOAP+XDR

16

Direct in the Real World

AAFP Physicians Direct – David C. Kibbe, MD MBA, Senior Advisor, American

Academy of Family Physicians; Chair, ASTM International E31Technical Committee on Healthcare Informatics; Principal, The Kibbe Group LLC

– Cris Ross, Executive Vice President and General Manager, Clinical Interoperability, Surescripts

MEDfx– Mark Bamberg, VP Research & Development,

MEDfx

17

AAFP Physicians Direct

“Direct Plus” secure online messaging for physicians in partnership with Surescripts

Doctor-to-Doctor Information Sharing

19

How do doctors predominantly share patient records with other medical professionals?

17%Electronic

means

83%Non-electronic

means

74% Electronic

means

Electronic = Computer storage devices + electronic networks + email or secure messagingNon-electronic = Fax + mail or courier + give records to patients Source: Markle Foundation

25%Non-electronic

means

Patient-Doctor Information Sharing

20

How do doctors predominantly share patient records with patients?

5%Electronic

means

95%Non-electronic

means, or do not share records

47% Electronic

means

52%Non-electronic

means, or do not share records

Electronic = computer storage devices + website + email or secure messagingNon-electronic = fax/mail or courier + paper copies + don't share records Source: Markle Foundation

Agenda

• A brief overview of Direct-compliant implementations– What does having a Direct address mean? What can you do with

it? What basic service or infrastructure must a Direct addressee have available to her to do Direct-compliant clinical messaging?

– What is a HISP? What does the Direct Project specify that a HISP must do in order to offer Direct-compliant clinical messaging functionality to its users, members, or subscribers?

• AAFP Physicians Direct via the Surescripts CI Network– Why did the AAFP choose to partner with Surescripts to bring its

members a national, secure, and affordable clinical messaging service?

– What are the differences between Direct-compliance and what we are calling a “Direct-plus” clinical messaging solution

21

22

Therefore, one answer to this question is that having a Direct address means you can can send authenticated and encrypted health information directly to a known and trusted recipient over the Internet.

What will having a Direct address mean for me?

23

What’s a HISP?

In brief, the essence of a HISP’s duties are to:•Package message content using MIME and, optionally, XDM.•Secure the confidentiality and integrity of the content by handling it through S/MIME encryption and signatures.•Ensure the authenticity of the sender and receiver via X.509 certificates.•Route messages through at minimum SMTP (other protocols allowed by• mutual consent between HISPs)

More detail on HISP functionality

24

• A HISP must be able to assign unique Direct addresses to individuals or organizations, e.g. johndoe@direct.sunnyfamilypractice.com.

• A HISP must be able to associate X.509 certificates with full Direct address (e.g., johndoe@direct.sunnyfamilypractice.com) or Health Domain Names (e.g., direct.sunnyfamilypractice.com). The HISP may issue the certificates itself as a Certificate Authority (CA) or obtain the certificates from a trusted third-party CA.

• A HISP must provide an “edge” or “on-ramp” protocol or application/protocol combination to the user, for sending and receiving messages and attachments. The protocol must comply with a minimum set of privacy and security requirements for protection of PHI. (What are these?)

• A HISP must be able to format the “payload” as an RFC5322-compliant email message with a valid MIME body (RFC2045, RFC2046).

More detail on HISPs, continued

25

• A HISP must be able to sign, encrypt, decrypt, and verify the payload using S/MIME.

• A HISP must have a method for discovering the certificates of message recipients prior to sending a message, in order to fulfill the encryption functions of S/MIME. (TBD)

• A HISP must be able to judge the trustworthiness of certificates issued by Certificate Authorities that are presented to it in the course of sending and receiving messages. ((TBD)

• A HISP must be able to judge the trustworthiness of leaf certificates used as trust anchors. (TBD)

More detail on HISPs, continued

26

In addition to these requirements, it is optional that a HISP

•Support certificate publication in a directory that is available to other HISPs. (TBD)•Utilize DNS servers to store both the users’ Direct addresses and the certificates associated with them (public key only). (TBD)

Context - governance

27

Direct standards and specifications are developed by a group of public-private stakeholders, using an open and transparent collaborative process.

Direct Project Output:• Standards and Service Definitions• Implementation Guides• Reference Implementation• Pilot project testing and real-world

implementation

Vendors incorporate reference

implementation into HIT products

First phase grounded in real-world

pilot projects implemented

by early 2011

Incorporation of HITPC, HITSC, and ONC policy

guidance

Wide-scale adoption of Direct standards by late 2012

Opportunity for States and HIEs to build on and drive adoption

27ONC Materials, presented to HITSC March 29

Context - NwHIN• Nationwide Health Information Network Exchange (NwHIN)

– 10 Current Exchange ParticipantsDoD Kaiser PermanenteVA Regenstrief InstituteSSA HealthBridgeCDC Inland Northwest Health ServicesMedVA NCHICA

– Active Onboarding applicants• Qualification -- 9 (Beacon Community, State HIEs and CMS and their partners)

• Validation -- 13 (7 SSA Awardees, 3 Beacon Community and 3 State HIEs)

• Activation -- 5 (5 SSA Awardees)

– Inquiries received: 14 (combination of State HIEs, Beacon Community awardees and others)

– HITECH obligates ONC to establish a governance mechanism for the nationwide health information network. ONC is initiating rulemaking process, with notice of proposed rulemaking expected in fourth quarter of 2011.

28

ONC Materials, presented to HITSC March 29

Context - Connect

• Ongoing Release cycles and development

– CONNECT 2.5 released February 2011

– CONNECT 3.2 to be released in June 2011

• Additional Updates

• Building an automated test environment for organizations to better test their CONNECT installations to be able to share data securely with other organizations using Nationwide Health Information Network standards

• Expecting to award new development contract within next month

• ONC remains committed to establishing modular implementation specifications and robust testing to assure interoperability

29

ONC Materials, presented to HITSC March 29

Context – look ahead to Stage 2/3 MU• Need to explore “low regret” standards for future information

exchange needs to support innovation and a learning healthcare system

• Candidates include:

– Synchronous secure transport (e.g., SOAP + TLS + WS-Security and HTTP + TLS + OAuth2)

– Subset of current NWHIN specifications for exchange– Metadata for a universal exchange language derived from existing exchange

standards– Distributed queries to support risk adjustment, quality reporting, public health

30

ONC Materials, presented to HITSC March 29

Implementation example: Surescripts• Surescripts extending network beyond e-prescribing to doctor-to-doctor

exchange of messages

• Will connect to EHR vendors using interfaces similar to e-prescribing

– Directories, certification, security and privacy, vendor and user support

• Internet portal and “send to anyone”, including HISPs

• Will leverage Direct protocols (e.g. hospital lab to public health connection, connect to HISPs)

• Will leverage Exchange, Connect and standards as developed

• Provide interoperability regardless of technology platform or protocol

• “Direct Plus”

– Direct and connection to other protocols

– Direct augmented with additional services (directory, certification, support)

31

Physicians Direct Description

AAFP Physicians Direct is an information service, offered in partnership with Surescripts, which will provide users and their colleagues secure, affordable, and easy-to-use electronic clinical messaging. Use of the service to exchange health data among physicians will improve continuity of care, support achievement of Meaningful Use, and advance the patient-centered medical home.

AAFP Physicians Direct will provide a web-based portal for subscribers to securely send and receive messages and attachments, and the portal will be branded as an AAFP service. Colleagues (consultants) will be urged to subscribe to the portal, and to use AAFP Physicians Direct to send and receive messages from users. Integration with EHRs will also be part of the offering in time, and the plan is to have at least 6 EHR vendors onboard at the launch of the project. A key attribute of AAFP Physicians Direct is that users will be able to securely message to any provider, including non-subscribers. However, for ease of use it is likely that these one-time sessions will induce the receiving consultants to subscribe and become part of the network.

32

MEDfx Presentation

Using Direct to EnablePatient Centered Medical Home

Background

• Dominion Medical Associates

– Is an independent, minority physician practice located in Richmond, Virginia.

– Has traditionally been a paper-based practice

– Is in the process of moving toward use of an EMR

• MedVirginia

– CenVaNet and MedVirginia are working with the practice to help in its achievement of recognition as a Level 3 NCQA Patient Centered Medical Home

• Objectives

– Utilize the Direct Project standards and transactions to facilitate the referral process

– Improving care management and coordination services for identified high risk chronic disease populations, including diabetes.

34

Patient Centered Medical Home

• Is a model of care that puts the needs of the patient first. • Is the base from which health care services are coordinated to

provide the most effective and efficient care to the patient.• This includes

– Use of health information technology– Coordination of specialty and inpatient care– Providing preventive services through

• through health promotion• disease management and prevention• health maintenance• behavioral health services• patient education• diagnosis and treatment of acute and chronic illnesses.

35

Dominion Medical Associates Goal

• Achieve Level 3 PCMH status as defined by NCQA.– Care coordination and chronic disease management

are integral to meeting the requirements– CenVaNet is providing Dominion Medical Associates

with RN care managers to support the needs of the high-risk patients with chronic diseases

– Care managers provide• Direct services to targeted patients• Coordinate additional support (community

resources, referral coordination, etc.)

36

Quality of Care

• Today Physicians at Dominion Medical Associates– Attend to the needs of approximately 6000 patients– Have two office locations in Richmond, Virginia– Employ certified medical assistants– Care is episodic and acute– Usually provided in response to an event as opposed

to being proactive in nature.– Patients are seen when they are sick, with

instructions for follow-up or on-going personal management.

37

Quality of Care

• CenVaNet

– Identified high risk patients who could benefit from on-going care management support.

– Information about these patients is documented on the referral form and uploaded into Lifescape by a Dominion staff member at the practice.

– This is transmitted to the CenVaNet care manager who retrieves the document and begins the assessment process.

– Using MedVirginia Solution the care management nurse has access to any CCD information on these patients to aid in their assessment and intervention.

38

With Direct

• A referral letter is generated electronically– Replaces manual process of

• Printing• Creating fax coversheet• Faxing to MedVirginia

• Transmitted to MedVirginia using Lifescape Portal via Direct

• Stored in Clinical Data Repository• Used by CenVaNet nurse to create an Initial Assessment

39

What makes it work?

• What are the components?

• How do the component interact?

– When Dominion submits a referral request

– When MedVirginia sends an Initial Assessment

• What were the challenges?

40

Direct Pilot Components

SMTPMedVirginiaHISP

MedVirginiaPortal

SMTPS SSL

HTTPS

DominionHISP

DominionPortal

SMTPS SSL

HTTPS

Interchange

Lifescape

Solution 1

CONNECTfx

Interchange

Lifescape

Solution 1

DOD

VA

SSA

NwHIN

41

Data Flow – Dominion submits Referral Request

SMTPMedVirginiaHISP

MedVirginiaPortal

SMTPS SSL

HTTPS

DominionHISP

DominionPortal

SMTPS SSL

HTTPS

Interchange

Lifescape

Solution 1

CONNECTfx

Interchange

Lifescape

Solution 1

DOD

VA

SSA

NwHIN

42

Data Flow – MedVirginia sends back initial Assessment

SMTPMedVirginiaHISP

MedVirginiaPortal

SMTPS SSL

HTTPS

DominionHISP

DominionPortal

SMTPS SSL

HTTPS

Interchange

Lifescape

Solution 1

CONNECTfx

Interchange

Lifescape

Solution 1

DOD

VA

SSA

NwHIN

43

Demo – Let’s see it work

44

What were the challenges?

• Certificate Generation

• SMTPS configuration

• Identifying and locking down the HISP

• Permission to open port 25 on the public internet

• Configuring the HISP through an SSL tunnel

• Managing external communications

45

Direct Project Reference Implementation

46

Direct Project Reference Materials

• Direct Project Overviewhttp://wiki.directproject.org/The+Direct+Project+Overview

• Applicability Statement for Secure Health Transporthttp://wiki.directproject.org/Applicability+Statement+for+Secure+Health+Transport

• Direct Project Security Overviewhttp://wiki.directproject.org/Direct+Project+Security+Overview

• XDR and XDM for Direct Messaginghttp://wiki.directproject.org/XDR+and+XDM+for+Direct+Messaging

47

Q&A

Poll

49