Direct Secure Messaging is a standard to facilitate secure electronic communication of patient related data between Healthcare providers and Healthcare IT systems. A key aspect is that many different and competing technology products can share patient data. Some of the types of patient data that can be transmitted are:
- Immunization updates
- Patient visit summaries
- Prescription histories
- General communications between providers
- Communication on transitions of care (like from hospital to nursing home)
In order to implement direct secure messaging, the technology vendor will install the application programming interface (API) that does the formatting and transmission of the data. Then, each provider needs to have a direct email address under their name.
What is a direct email address?
A direct address is essentially an email address issued as the identification for anyone who sends or receives direct secure messages. A direct email address differs from a regular email address in these ways:
- It follows a standard of YourName@direct.WhereYouWork.com
- It is secure, with all transmitted data meeting technical and regulatory standards
- A direct email address can be given to a provider, an organization, or even a medical device
- Instead of communications being routed through an email provider like Google, messages are routed through a Health Internet Service Provider (HISP)
- Direct addresses are maintained and governed by DirectTrust, a non-profit healthcare industry group.
Secure Direct Messaging Graphic
The simple graphic below shows how the process uses secure messaging transfer protocol (SMTP) and other secure channels to deliver patient related communications:
Direct Secure Messaging Adoption
Initially, the physician community responded with mixed feelings about direct messaging. Some providers don’t really understand the concept, not seeing the benefit over older methods like faxing; and newer technologies like secure texting.
Another challenge is the existence of a number of Health Internet Service Providers (HISP), some of which have a hard time connecting to each others’ directories.
Finally, direct messaging is not as intuitive as mobile applications and the inbasket messaging features of the leading electronic medical records (EMR) systems. Aside from these challenges, direct messaging is getting more traction, as providers are seeing that they can use the technology to send and receive orders, transition of care documents, and other clinical documentation.
The largest HISP is Surescripts, the veteran provider of electronic prescribing technology.
