The National Strategy for Trusted Identities in Cyberspace funded pilots aiming to show different uses for identity solutions in various markets. Resilient Network Systems and its partners have had success in the health care market with Gorge Health Connect in Oregon and San Diego Health Connect in California. The two Health Information Exchanges are using the system to securely communicate with other health care providers.
Gorge Health Connect, which coordinates health information technology connections among health care provider organizations in Oregon’s Mid-Columbia Gorge region, says Resilient’s Patient-centered Coordination of Care (PCC) pilot had helped physicians meet new standards without having to change electronic health records (EHR) systems.
“Many provider organizations are striving to meet upcoming requirements to use Direct messaging technology, yet are delayed by their EHR vendors’ 2014 version certifications or by requirements to have Health Information Service Providers coordinate their Direct message encryption certificates,” said Lori Nelson, president of Gorge Health Connect. “With the messaging services, our providers can use their existing software to reach any other provider in Oregon or California, regardless of what EHR they’re using. And, they can trust that the recipient of their message, often a member of the other provider’s staff, will be authorized to receive it, so the patient’s privacy is being protected.”
Gorge Health Connect also supports care coordination with provider organizations throughout Oregon and across their border with Washington. The organization can see value as this technology enables expansion of electronic messaging among providers and other care coordination participants, including labs, decision support services, etc.
San Diego Health Connect members used secure messages to exchange information between providers in the Gorge region and in San Diego during the pilot, demonstrating cross-state Health Information Exchange. This scale of solution was possible through the Resilient’s ability to tap into existing, national-scale identity datasets, including the American Medical Association’s Physician Verification Service and LexisNexis’ Instant Authenticate service for knowledge-based authentication.
Both exchanges were able to receive discrete attributes about recipient providers via Resilient’s Trust Network, and to perform their services without developing new accounts, passwords or duplicate entries from those attributes.
Authentify Inc. has enabled Out-of-Band Authentication service to the network. During the pilot, the company provides this multi-factor capability to authenticate providers without creating accounts or passwords.
Another aspect of the pilot’s success was the development of a Trust Framework for HIPAA-compliant Health Information Exchanges that supports cross-state exchange, and can expand into additional use cases, through its alignment with the ecosystem.
Participants in the pilot continue using solutions and are exploring commercial terms for expanding their use. The ecosystem of services available via the Trust Network grew thanks to the NSTIC pilot, and they can be re-used to enable new solutions in health care, education, government, and other sectors.
A video demonstration of the messaging system can be seen below.