Direct Project Guidance Issued

Recommendations for Implementing Secure Messaging
Direct Project Guidance Issued

The Office of the National Coordinator for Health IT has issued new guidance to health information exchanges and others for how to implement Direct Project secure messaging in a standard way.

See Also: OnDemand | Don't Be the Next Cyber Attack Headline! Using Microsegmentation to Achieve Zero Trust

The guidance addresses what ONC portrays as inconsistencies in the use of the Direct Project protocol for secure peer-to-peer clinical data exchange.

The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet.

The guidance includes information about how to ensure security. It notes that if all organizations using the Direct Project protocol adhere to a common set of policies, it will help to "provide confidence that information will be securely routed to the right recipient."

The pending Nationwide Health Information Network Governance Rule will create "rules of the road" that will help alleviate the perceived need for peer-to-peer legal agreements among organizations coordinating the exchange of data, the guidance notes. In the meantime, the new guidance provides some common policies that can be immediately adopted across the more than 40 states that are implementing the Direct Project protocol.

Earlier in July, ONC issued guidance on how to exchange lab test results using the Direct Project secure messaging protocol.


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.