際際滷

際際滷Share a Scribd company logo

The Direct Project @ Quantified Self

Download as PPTX, PDF
A
aliemami

The Direct Project aims to improve health information exchange by specifying a simple, secure, and scalable standard for sending encrypted health information directly between known trusted recipients over the internet. It uses common internet protocols like SMTP, S/MIME, and DNS to allow easy and secure communication of clinical information among healthcare providers and patients. Several major healthcare organizations and vendors have announced plans to support the Direct standard to facilitate widespread adoption by late 2012.

1 of 15
Downloaded 27 times
The Direct ProjectAli EmamiSoftware Engineeraliemami@microsoft.com
Quick History of the Direct Project5/28/2011Launched just after HIMSS 2010Response to community frustration about state of exchangeCollaboration across the industry: government, vendors, advocatesToday: real production use in multiple programs across the country
Why is there a need for Direct?5/28/2011Current methods of health information exchange are inadequateCommunication of health information among providers and patients still mainly relies on mail or faxSlow, inconvenient, expensive
Health information and history is lost or hard to find in paper chartsCurrent forms of electronic communication may not be secureEncryption features of off-the-shelf e-mail clients not often used in healthcare communications today Physicians need to transport and share clinical content electronically in order to satisfy Stage 1 Meaningful Use requirements.Need to meet physicians where they are now
Direct will be one of the communication methods in the Nationwide Health Information NetworkDirect Project Secure Internet-based Direct CommunicationsDirect Project specifies a simple, secure, scalable, standards-based way for participants to send encrypted health information directly to known, trusted recipients over the Internet.h.elthie@direct.ahospital.orgb.wells@direct.aclinic.org Simple.Connects healthcare stakeholders through universal addressing using simple push of information.Secure. Users can easily verify messages are complete and not tampered with in travel.Scalable. Enables Internet scale with no need for central network authority. Standards-based. Built on common Internet standards for secure e-mail communication.
Direct ProjectHigh quality open source librariesThe history of the Internet shows the power of permissively licensed open source in driving standardization:TCP/IP: Berkeley TCP/IP stackDNS: BINDHTTP: ApacheSuccessful open standards have easily accessible high-quality libraries trivially available to developers, including high quality documentationA key deliverable of Direct Project is a BSD-licensed software stack enabling:Client-side connectivity, for EHRs, EHR Modules, PHRs, etc. andServer-side connectivity for out of the box HIOs and Health Information Service Providers (HISPs)
Protocols and TechnologySMTP GatewayDirect uses SMTP as its transport protocol.S/MIMEMessages are signed and encrypted using the S/MIME standard. A decades old protocol for ensuring authenticity, non-tampering, confidentiality, delivery only to intended recipients. DNSUsed to serve up certificates bound to an e-mail address or organization. The highest scale distributed directory on the planet. Powers internet addressing. Configuration Web Service and DBStorage and access to orgs certs, private keys, trust anchors
HISP InternetEmail ServerSMTP GatewaySecurity & Trust AgentMIME+ TLSXD* AgentFirewallSOAP ClientHTTPGatewayXD* SOAP EndpointConfigurationWeb ServiceSQLHTML/HTTPAdminDNSGatewayConfiguration Web UIDNS Server
Scenario: Doctor to patient messagingDr. Alex wants to send a visit summary to patient Jill.From: alex@direct.ahospital.orgTo: jill@direct.aphr.orgSubject: Your health visit summaryJill,Here is the summary information from your visit.- Dr. Alex<Summary Attached>
Sending a messageAlex creates and sends the message using his favorite e-mail client.Or his hospitals EHR software. A Direct gateway is installed at ahospital.org. Secure e-mails at ahospital are relayed through this gateway. The gateway receives the message and determines it needs Jills certificate in order to send the message. It uses DNS to resolve it.The gateway:Signs the message with Alexs private key. Encrypts the message with Jills public key.Sends the message over SMTP to Jills gateway.5/28/2011
Receiving a messageJill is using a PHR system that provides her with a Direct address. Microsoft HealthVault is one such PHR system.The PHRs Direct gateway receives the message from ahospital.org. The gateway looks up Jills private key from its local configuration backend. Jills Gateway:Decrypts the message using Jills private key. Verifies the signature on the message is valid. Verifies that the signer is trusted. ie. Jill trusts Dr. Alex. Forwards the message to Jills inbox. 5/28/2011
More scenariosProvider-to-Provider scenarios have equivalent flow. Scenario: Referring doctor sends patient information to another doctor. Patient-to-Provider scenarios are just as easy!Gateways can be configured to allow incoming messages, outgoing messages, or both for a given address or domain. Example: Doctor wants to send to patients but NOT receive.
Direct ProjectThe Process Direct standards and specifications are developed by a group of public-private stakeholders. Weekly teleconferences and periodic face-to-face meetings facilitate active collaboration.Direct Project Output:Standards and Service Definitions
Implementation Guides
Reference Implementation

More Related Content

The Direct Project @ Quantified Self

  • 1. The Direct ProjectAli EmamiSoftware Engineeraliemami@microsoft.com
  • 2. Quick History of the Direct Project5/28/2011Launched just after HIMSS 2010Response to community frustration about state of exchangeCollaboration across the industry: government, vendors, advocatesToday: real production use in multiple programs across the country
  • 3. Why is there a need for Direct?5/28/2011Current methods of health information exchange are inadequateCommunication of health information among providers and patients still mainly relies on mail or faxSlow, inconvenient, expensive
  • 4. Health information and history is lost or hard to find in paper chartsCurrent forms of electronic communication may not be secureEncryption features of off-the-shelf e-mail clients not often used in healthcare communications today Physicians need to transport and share clinical content electronically in order to satisfy Stage 1 Meaningful Use requirements.Need to meet physicians where they are now
  • 5. Direct will be one of the communication methods in the Nationwide Health Information NetworkDirect Project Secure Internet-based Direct CommunicationsDirect Project specifies a simple, secure, scalable, standards-based way for participants to send encrypted health information directly to known, trusted recipients over the Internet.h.elthie@direct.ahospital.orgb.wells@direct.aclinic.org Simple.Connects healthcare stakeholders through universal addressing using simple push of information.Secure. Users can easily verify messages are complete and not tampered with in travel.Scalable. Enables Internet scale with no need for central network authority. Standards-based. Built on common Internet standards for secure e-mail communication.
  • 6. Direct ProjectHigh quality open source librariesThe history of the Internet shows the power of permissively licensed open source in driving standardization:TCP/IP: Berkeley TCP/IP stackDNS: BINDHTTP: ApacheSuccessful open standards have easily accessible high-quality libraries trivially available to developers, including high quality documentationA key deliverable of Direct Project is a BSD-licensed software stack enabling:Client-side connectivity, for EHRs, EHR Modules, PHRs, etc. andServer-side connectivity for out of the box HIOs and Health Information Service Providers (HISPs)
  • 7. Protocols and TechnologySMTP GatewayDirect uses SMTP as its transport protocol.S/MIMEMessages are signed and encrypted using the S/MIME standard. A decades old protocol for ensuring authenticity, non-tampering, confidentiality, delivery only to intended recipients. DNSUsed to serve up certificates bound to an e-mail address or organization. The highest scale distributed directory on the planet. Powers internet addressing. Configuration Web Service and DBStorage and access to orgs certs, private keys, trust anchors
  • 8. HISP InternetEmail ServerSMTP GatewaySecurity & Trust AgentMIME+ TLSXD* AgentFirewallSOAP ClientHTTPGatewayXD* SOAP EndpointConfigurationWeb ServiceSQLHTML/HTTPAdminDNSGatewayConfiguration Web UIDNS Server
  • 9. Scenario: Doctor to patient messagingDr. Alex wants to send a visit summary to patient Jill.From: alex@direct.ahospital.orgTo: jill@direct.aphr.orgSubject: Your health visit summaryJill,Here is the summary information from your visit.- Dr. Alex<Summary Attached>
  • 10. Sending a messageAlex creates and sends the message using his favorite e-mail client.Or his hospitals EHR software. A Direct gateway is installed at ahospital.org. Secure e-mails at ahospital are relayed through this gateway. The gateway receives the message and determines it needs Jills certificate in order to send the message. It uses DNS to resolve it.The gateway:Signs the message with Alexs private key. Encrypts the message with Jills public key.Sends the message over SMTP to Jills gateway.5/28/2011
  • 11. Receiving a messageJill is using a PHR system that provides her with a Direct address. Microsoft HealthVault is one such PHR system.The PHRs Direct gateway receives the message from ahospital.org. The gateway looks up Jills private key from its local configuration backend. Jills Gateway:Decrypts the message using Jills private key. Verifies the signature on the message is valid. Verifies that the signer is trusted. ie. Jill trusts Dr. Alex. Forwards the message to Jills inbox. 5/28/2011
  • 12. More scenariosProvider-to-Provider scenarios have equivalent flow. Scenario: Referring doctor sends patient information to another doctor. Patient-to-Provider scenarios are just as easy!Gateways can be configured to allow incoming messages, outgoing messages, or both for a given address or domain. Example: Doctor wants to send to patients but NOT receive.
  • 13. Direct ProjectThe Process Direct standards and specifications are developed by a group of public-private stakeholders. Weekly teleconferences and periodic face-to-face meetings facilitate active collaboration.Direct Project Output:Standards and Service Definitions
  • 16. Pilot project testing and real-world implementationVendors incorporate reference implementation into HIT products Wide-scale adoption of Direct standards by late 2012First phase grounded in real-world pilot projects implemented by early 2011Incorporation of HITPC, HITSC, and ONC policy guidance
  • 17. Momentum is RemarkableSome vendors that have already announced plans to support the Direct Project include:揃 Allscripts揃 CareEvolution揃 Cerner Corporation揃 Covisint揃 eClinicalWorks揃 Epic揃 Greenway Medical Technologies揃 Kryptiq Corporation揃 MedPlus (A Quest Diagnostics Company)揃 Microsoft Corporation揃 NoMoreClipboard.com揃 OpenEMR揃 Siemens揃 Surescripts揃 VisionShare
  • 18. Direct Project Real-world ImplementationDirect Project will be demonstrated in real-world pilots across the countryRhode Island Quality Institute (RI)VisionShare (MN)MedAllies (NY)Redwood MedNet (CA)Medical Professional Services (CT)VisionShare (OK)CareSpark (TN) Direct Project is architected for rapid adoption by:Thousands of hospitals
  • 19. Hundreds of thousands of physicians
  • 21. Tens (or hundreds?) of millions of patients
  • 22. Many other stakeholders in healthcare- 14 -
  • 23. Links to Direct Project ResourcesGet involved! http://wiki.directproject.orgC# Reference: http://wiki.directproject.org/CSharp+Reference+ImplementationJava Reference: http://wiki.directproject.org/Java+Reference+ImplementationFor more informationMy e-mail: aliemami@microsoft.com

Editor's Notes

  • #7: All are available via Reference implementation.