Direct Secure Messaging and the CareAlign Portal
What is Direct Secure Messaging
Direct Secure Messaging is a simple, secure, scalable and standards-based way for healthcare clinicians to send authenticated and encrypted patient health information directly to known and trusted recipients over a secure and encrypted network provided by KHIE.
What is the CareAlign Direct Secure Messaging Web Portal?
KHIE offers the Direct Secure Messaging web portal, CareAlign, to healthcare providers who do not have an EHR or have an EHR without Direct capabilities. Healthcare organizations can utilize CareAlign to securely send and receive patient health information to and from referral partners across the care continuum and eliminate the use of fax machines.
Why is CareAlign Valuable to your Organization?
Electronic communication between healthcare organizations is a vital component to closing gaps in the coordination of patient care. Many healthcare organizations (long term care facilities, nursing homes, skilled nursing facilities, etc.) did not receive incentive dollars from federal or state programs to offset the cost for the adoption of the Electronic Health Records (EHR) that are utilized to send and receive patient health information electronically.
- Assists in closing gaps in care coordination
- Benefits providers without an EHR or an EHR without Direct capabilities
- User friendly; similar to popular email service providers
- HIPAA Compliant
How Does CareAlign Work?
The CareAlign Direct Secure Messaging Web Portal appears and operates very similar to other popular email service providers like Yahoo, Gmail, and Hotmail. The participant can send a Direct email message with a patient CCD or other healthcare documentation attached via CareAlign Direct Secure Messaging to any healthcare organization with a Direct email address. If used properly, CareAlign can assist the participant in closing gaps in care by electronically communicating with other healthcare organizations and potentially eliminating the use of the fax machine.
Who is the Direct Trusted Agent?
The Direct Trusted Agent is the person who is charged with overseeing the Direct Secure Messaging Users enforce authentication, enforce privacy and security compliance, and safeguard the integrity of all of the KHIE Direct Secure Messaging Users within that organization.
In a hospital setting, the Privacy Officer is the Direct Trusted Agent; however, the Privacy Officer can delegate individuals to serve as the Direct Trusted Agent, if needed. In all other settings,
the organization must select an individual to serve as the Direct Trusted Agent.
Once a Direct Trusted Agent has been appointed, the KHIE Direct Program Coordinator will perform an in-person Registration Authority by validating one form of government-issued ID from each organization's Direct Trusted Agent, per NIST Level 3 of Assurance. In the event that an in-person authorization is not possible, the Direct Program Coordinator can elect to complete the ID proofing via video conference.
Responsibilities of the Direct Trusted Agent
- Use one form of government-issued ID to verify the identity of the organization's Direct Users.
- Record the Direct User verification information on the Direct User Request.
- Retain the Direct User Request containing all of the Direct Users and their respective government-issued IDs used in the Direct user verification process. Upon request, be prepared to share this information with KHIE.
- Update the Direct User Request as users join or leave the organization; email changes to the KHIE Direct Program Coordinator.
INFLUENCING THE WAY HEALTHCARE IS PLANNED, COORDINATED, AND DELIVERED.