Direct Lab Transaction Guide Offered

Secure Messaging Recommendations Call for Delivery Verification
Direct Lab Transaction Guide Offered

Federal officials have issued guidance on how to exchange lab test results using the Direct Project secure messaging protocol.

See Also: Take Inventory of Your Medical Device Security Risks

The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet.

The Department of Health and Human Services' Office of National Coordinator for Health IT issued the guidance, which was based on the recommendation of ONC's Direct-Laboratory Reporting Workgroup. The group determined that any electronic lab reporting method must provide accurate, reliable, confidential and timely delivery of laboratory results from the performing lab to the final report destination to meet requirements of the Clinical Laboratory Improvement Amendments, or CLIA.

To accomplish this, implementations of Direct Project specifications must provide the sending laboratory with positive notification of delivery success or failure in a manner consistent with other methods of electronic result delivery currently in use by accredited clinical laboratories, the guidance notes.

Implementing the guidance enables Security/Trust Agents "to provide a high level of assurance that a message has arrived at its destination," ONC says. STAs include message transfer agents, message submission agents and message user agents supporting security and trust for a transaction. The guidance outlines the various exception flows that result in compromised message delivery and the mitigation actions that should be taken by STAs to provide success and failure notifications to the sending system.

The workgroup included representatives from ONC, CLIA, the College of American Pathologists, LabCorp, Quest Diagnostics, Methodist Hospital of Omaha, and Pathology Inc.

Additionally, ONC says the Centers for Medicare & Medicaid Services intends to issue a CLIA "frequently asked questions" guide to inform accreditation agencies, clinical laboratories and providers that implementations of the Direct Project that support the Implementation Guide for Delivery Notification provide an acceptable technical solution for the transport of laboratory results to the final report destination.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.