DirectTrust Workgroups Work to Incorporate FHIR and Open APIs

a computer graphic of cartooney file folders on opposite sides with files being exchanged between the two of them

The nationwide interoperable exchange of health information is still a challenge for the health IT industry, but progress in terms of technology and policy is coming along at a rate faster than we’ve seen at any time in the past.

While the federal government pushes its policy efforts to promote nationwide interoperability through the Trusted Exchange Framework and Common Agreement (TEFCA), it’s also moving forward with technology and practice efforts through DirectTrust workgroups, which was awarded an ONC Cooperative Agreement to “further work in accreditation, trust anchor distribution services and governance of the DirectTrust Community,” according to the DirectTrust website.

The effort, more widely known as the “Direct Project,” was started by the Office of the National Coordinator for Health IT in 2010 involving the participation of the American Academy of Family Physicians, the American Medical Association,  the Veterans Health Administration (VHA), and the National Institute for Standards and Technology (NIST). Over the years, it has played important roles in meaningful use initiatives, the establishment of direct messaging standards and the development of Health Information Networks.

Today, DirectTrust’s framework of direct message protocols assists more than 112,000 participating healthcare organizations and 1.67 million user accounts in implementing provider-to-provider and patient-to-provider communications, according to the Healthcare Informatics blog. Those communications between healthcare professionals, patients and health IT vendors are secured using identity proofing regardless of the end user’s application of the technology.

With more than 300 electronic health record (EHR) vendors’ products using DirectTrust messaging and more than 50 health information exchanges, the security and interoperability for exchanging health information is now covered for more than half of the healthcare professionals in the U.S. under Direct.

Conquering FHIR and Open APIs

As DirectTrust messaging has proliferated, it has been a positive for interoperability efforts. As this happened, however, the industry has seen the rise of a new standard not required by the 21st Century Cures Act. Known as FHIR, the Fast Healthcare Interoperability Resources data standard developed by Health Level 7 makes it easier and faster to perform data exchange and allows patients to use apps to share information.

And that is where open Application Programming Interfaces (APIs) come in. Cures essentially laid down a mandate for healthcare to open itself up to innovation through the creation of open APIs so that developers can do what they do best, innovate. Those APIs allow for data sharing that is fueling the creation of health apps with greater clinical utility and are necessary for large scale innovation.

So how can DirectTrust, which is already widely used among EHR systems, incorporate FHIR and APIs? Two use cases have been identified and discussed by DirectTrust groups following the FHIR Connectathon in early 2018.

The first involves what DirectTrust representatives referred to as “Direct to FHIR.” What this would do is allow patients and providers to query medical information by sending a Direct Message. Health Information Service Provider MaxMD claims that it “leverages the trust-in-identity assured by a Direct Address to provide authentication and authorization of an HL7 request to a FHIR API. The user receives a response in an inbox like an ordinary Direct message,” according to a post from Healthcare Informatics.

The other use case comes in the form of using DirectTrust’s certificates in conjunction with FHIR RESTful API to allow trust to be scaled up. This would help FHIR resources be more trustworthy.

“What we showed in example one is that Direct can be used as a transport layer, as a single onramp to transmit a FHIR payload,” said Bruce Schreiber, Chief Technology Officer of MaxMD, in a recent webinar. “In scenario two, we showed the trust framework developed by DirectTrust can be used for authentication and authorization, and there are a number of ways this can be scaled.”

healthcare informatics
YES! Please send me a FREE guide with course info, pricing and more!
Facebook
Twitter
LinkedIn

Academic Calendar

SUMMER I – 2024

Application Deadline April 12, 2024
Start Date April 29, 2024
End Date June 23, 2024

SUMMER II – 2024

Application Deadline June 7, 2024
Start Date June 24, 2024
End Date August 18, 2024

FALL I – 2024

Application Deadline August 2, 2024
Start Date August 19, 2024
End Date October 13, 2024

FALL II – 2024

Application Deadline September 27, 2024
Start Date October 14, 2024
End Date December 8, 2024

SPRING I – 2025

Application Deadline December 13, 2024
Start Date January 6, 2025
End Date March 2, 2025

SPRING II – 2025

Application Deadline February 14, 2025
Start Date March 3, 2025
End Date April 27, 2025

SUMMER I – 2025

Application Deadline April 11, 2025
Start Date April 28, 2025
End Date June 22, 2025

Get Our Program Guide

If you are ready to learn more about our programs, get started by downloading our program guide now.