Facilitating the Secure Exchange of Health DataScott Stuewe, CEO of DirectTrust, Discusses Its Acquisition of SAFE Identity
The recent acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, which is best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
Currently, DirectTrust's constituency is predominately healthcare provider organizations, while SAFE Identity's users are primarily pharmaceutical companies communicating with each other or with government agencies, such as the Food and Drug Administration, Stuewe says in an interview with Information Security Media Group about DirectTrust's acquisition of SAFE Identity last month.
"The ways we enable our public key infrastructure-based trust frameworks are slightly different, but the SAFE Identity organization has ... a bridge certificate authority," which makes connecting the two PKIs possible, Stuewe explains.
"On our side, from a use case standpoint, it's mostly secure health information exchange, and for SAFE Identity, it's mostly authentication and document signing."
But combined, Stuewe says, the two entities can offer an assortment of new use cases for secure information exchange in healthcare.
"Think of clinical research organizations that need to communicate with both the pharmaceutical and healthcare provider industries - we can provide the trust and identity that makes such a connection possible."
The combination also will potentially help foster secure electronic health information access for patients, according to Stuewe.
For instance, "Consumers would like a credential to log into several health systems to get their health records. Today, they have to do that with separate credentials for each healthcare system," he notes.
Stuewe says having a universal credential requires having a scalable trust framework in place, so the constituents can "know and trust each other." He adds that the combination of DirectTrust and SAFE Identity could help facilitate that.
In the interview (see audio link below photo), Stuewe also discusses:
- How the DirectTrust and SAFE Identity trust frameworks mesh with one another;
- Implementing a "zero trust" strategy;
- What's next for DirectTrust.
Stuewe is a 27-year veteran of the healthcare IT industry. Before becoming the president and CEO of DirectTrust in 2018, he was director of strategy and interoperability at DataFile Technologies, a provider of health information management software and services. Previously, Stuewe spent 24 years at Cerner Corp., most recently as director of national interoperability strategy.