Gary Christensen, CIO and COO of Rhode Island's centralized health information exchange--the Rhode Island Quality Institute--doesn't see Direct messaging between doctors as a threat to the HIE, but rather, a parallel system, with both adding value.
The ubiquity of email made it the obvious choice to allow doctors to exchange records directly, he recently told InformationWeek in an interview.
"What struck me was that if it were true that everyone could basically pass information over the Internet in a secure way--and everybody was going to do it that way--then we could use it, too, to get information from a practice into the HIE," Christensen said.
The institute operates CurrentCare, the exchange hub. To get more doctors to participate, it has encouraged direct exchange through secure email to which XML-formatted continuity of care documents can be attached.
CurrentCare acts as the certificate authority that validates Direct email accounts and issues the required digital certificates, creating one common directory for authenticating the account of any other provider or hospital in Rhode Island.
According to Christensen, the institute acts as CIO for doctor's offices that don't have one, advising them on technology purchases and implementation. It received a $5 million grant eight years ago that formed the basis of its HIE.
It quickly became apparent that exchange efforts would fail if they only included hospitals, as most health data resides in doctor's offices. CurrentCare does not collect transaction fees, but is supported by a $1 fee for each person on an insurance plan. It acts as more than an exchange, according to Christensen, but also a data warehouse that can be queried to find any participating person's records. It has most of the state's hospitals on board, with the holdouts joining soon, he said, but still faces a challenge in getting all the doctor's offices to participate.
ONC's Health IT Policy Committee is leaning toward simplified and flexible requirements for queries under Stage 3 of Meaningful Use. Yet the panel wants assurances in place that the requester is authorized to receive the information and technical means to comply when state privacy and security laws are stricter than federal regulations.
To learn more:
- read the InformationWeek article