Blog

Blue background with various white patterns above it
What’s New for 2020? DataMotion Pivots to PaaS 768 303 Bob Janacek

What’s New for 2020? DataMotion Pivots to PaaS

As we kick off the new year, we thought it would be good to reflect not only on what we’ve been doing over the last year, but also what we are planning for the DataMotion platform over the coming year. We spent a little time with DataMotion CEO Bob Janacek talking about his vision for DataMotion.  We’d like to share that with you below. Our questions are in bold. The interview has been lightly edited.

As 2019 comes to a close, it seems like a good time to reflect on the progress made this year. Thinking about this, can you describe the major initiatives DataMotion worked on this year, and the impact these have had for customers?

Bob Janacek: Sure. Thanks. We’ve spent many years working with customers in regulated markets like banking, insurance, government and healthcare, addressing their concerns around secure collaboration with their clients and partners. Our secure messaging system is used by many of these organizations to enable easy, secure and compliant communications for employees with their constituents.

That’s our software as a service, which is an end user product. It’s a turnkey solution that customers can implement as is. And what we’ve seen in the last year – really the last couple years – is a shift. These collaborative features that previously were used in a standalone sense, now our customers are asking for them to be integrated. And, they want to do so in the mainstream workflow of how they do business. For instance, many of our customers have a member portal. That’s where they drive their clients’ usage – through their portal and mobile apps. Our customers spend considerable resources on digital transformation and customer experience of their portals and apps. Collaboration was a missing piece. A lot of these portals are read only. For example, they may show a client’s explanation of benefits or bank balance, but they don’t allow them to ask a question or submit supporting documents.  So rather than having a separate email encryption portal where their clients must go to ask questions and exchange sensitive information, our customers want that collaboration to happen seamlessly from within their member portals and apps. This provides a better user experience that’s secure, simple and fast. Security that gets in the way of business processes is typically ignored. But if you can make it melt into the process, so that it’s as easy to use as any other feature, then it can accelerate business and add a lot of value to what companies bring their customers.

So, as you look to the future then for 2020 what changes do you see happening and where and how do you see the company evolving?

Bob Janacek: To meet this need of stitching secure collaboration into our customers’ workflows, DataMotion is investing heavily in our platform as a service. Whereas our traditional products were software as a service or SaaS, the API version of that – the version that could be integrated into customers’ systems – is a platform as a service or PaaS. That’s where we expose APIs and protocols that allow internal systems for customer service, for loan processing, for underwriting – a wide range of systems to participate in the secure exchange of information with their clients. The other end of these connections are often client-facing apps and portals. We’re investing in the APIs and protocols that allow backend systems to participate in the secure exchange of information. We’re also investing in the APIs and methods that allow mobile apps and front-end systems to integrate secure correspondence seamlessly for their members.

Okay, so talk about why it’s so important that the company evolved in this way. This is kind of a pivot or change in direction for DataMotion. What is it that’s driving all of this? You talked a little bit about customers requesting this, but, what’s really behind all of that.

Bob Janacek: A new generation of consumer is interacting with our customers, including millennials and younger ones in generation Z.  These users are tech savvy and expect companies that they do business with to be the same.  They expect mobile apps. They expect smartphone first interfaces. They don’t want to call in and wait 20 minutes listening to music on hold if they can get an answer by typing something digitally in a few seconds. They don’t necessarily want to deal with fax anymore. Or sign paper documents and send them by postal mail or overnight courier. They may not even have postage stamps laying around. They don’t think about those ways of doing business, which a lot of organizations are still built on. So, the younger generations are expecting a capable digital experience for interacting with their suppliers, whether it’s their bank, insurance company, healthcare or a government agency. They know the bar that Apple and Amazon.com created. If you can do everything online, then why go physical. Problem is a lot of the service companies use legacy customer service methods built around fax, phone calls, postal mail and FedEx, which is not the modern world. So, there is a groundswell, really a paradigm shift, in moving from legacy systems to pure digital, or at least supplementing traditional channels with digital ones. The digital experience is smarter, less expensive and faster. It’s secure. It’s auditable. It’s compliant. There’s a lot of benefits to going digital, but companies will need vendors like DataMotion that have the rich toolset to be able to integrate secure digital collaboration into their existing internal and client-facing experiences.

So, part of what is driving this is that they’ve got these existing workflows and they can’t just wholesale throw them out and try something else. It’s more of an evolution for these companies as well?

Bob Janacek: Right, we are very focused on helping our customers and their users, employees and systems work in ways that are most natural to them. It should just work, without rip and replace, and it should be transparent and easy.  If it’s a back-end or legacy system that speaks a certain protocol, we want to be able to speak that protocol. Then that system can remain in place and can participate. If it’s a client-facing portal or mobile app, REST APIs may be the preferred way of integrating secure collaboration. So, by providing a range of methods, APIs and protocols, and enabling all of them to interoperate, we allow a wide range of workflows involving systems, employees and consumers to participate in ways that are most natural to them.

Can you describe in more detail about how this is going to affect the products or services that DataMotion offers, especially as we go into 2020?

Bob Janacek: In 2020, you’re going to see a lot more emphasis on DataMotion’s platform as a service and our developer center that backs that platform as a service. Currently the developer center offers a range of APIs that programmers can access in a self-service manner. They don’t have to contact sales to gain access to it, they can go right to developers.datamotion.com and sign up for access, and immediately start testing out the APIs.

What we’re going to see in 2020 is a broader range of APIs that are made available. I can’t talk about all of them right now. But there’s a lot in store for DataMotion on the platform as a service as it relates to collaboration, security and compliance.

So, you’ll be expanding the different ways, systems and workflows that these organizations will be able to communicate by?

Bob Janacek: It’s really about transparency. It’s about integrating security and compliance into the collaboration process in a transparent way. It’s also about efficiency. If things are embedded tightly in the workflow, then that security and compliance is seamless in the workflow. The efficiency is maximized. Compliance is maximized at the same time. A lot of times you see security get in the way of workflows. It can add extra steps for users, or force processes to use outdated communication tools. Security is also the step that users remove from the process because it can prevent companies from meeting revenue goals – it gets in the way of business processes. By having the DataMotion platform as a service, and a range of very robust APIs and protocols, the security becomes transparent in the process. It’s really a win, win for compliance and customer experience. Organizations’ online processes are secure. And from a business point of view, those business processes drive revenue recognition, and customer satisfaction goes up dramatically.

That leads right into the next question that I had for you, which is about how these organizations are going to benefit from these changes – this new direction that we have been talking about. Being able to be more secure and compliant – and have that all baked into those processes is a clear benefit?

Bob Janacek: Well one of the things about digital transformation and modernization is that it drives costs out of legacy processes. If you look at having to return a document by mail, it has to go through the handling of the mail room, it may get scanned and then an image may get attached to a CRM system. It may need OCR or optical character recognition that often introduces errors into process – especially if it’s handwriting. You know, an eight may look like a zero. That results in bad data that’s put into the system. Now, someone has to correct that. All the steps of handling legacy workflows are costly and error prone. By modernizing not only are you satisfying the expectation of today’s consumer, but you’re also reducing the cost of the organization’s operations, reducing errors and becoming more efficient.  Increases in brand loyalty, and customer retention and acquisition rates also occur, resulting in more profitable lines of business.

DataMotion has been a part of the email encryption industry for a long time. What role do you see email encryption playing in this evolution for DataMotion? 

Bob Janacek: Most email encryption solutions are SaaS offerings – it is a mature solution with a lot of vendors including DataMotion. But now – customers in the highly regulated industries –healthcare, financial services, insurance, and some functions of government – they need something better. The vendors that will excel in the email encryption market are those that have built on a robust platform that allows for integrated functionality which is in demand from these industries. Having that functionality baked into workflows and business processes, is really the next step in the transformation of these companies, customer experiences and their journey into digital transformation. SaaS is fine for many organizations that need ad hoc email encryption for legal and HR departments. But for those that are constantly handling sensitive information as a core business process – you need to evolve with the times. Email encryption offered as a PaaS and baked into the workflow is really where we see the major growth opportunities with these industries.

Every industry and company can face disruptions at some point, and it sounds like that’s what this is. Can you talk about other disruptions that DataMotion has been seeing and what you’re doing to meet these kinds of challenges?

Bob Janacek: Well, it’s really about secure collaboration in a broader sense. Email encryption is one channel. But systems also exchange files; people exchange files. There’s also the need for structured data or electronic forms exchange to be easier for organizations. They have security needs, but then they also have workflow needs as well. There’s a lot of opportunity to modernize legacy methods that have been in place for decades. So, we see secure collaboration involving email, messages, files and forms as ripe for a paradigm shift that strategically integrates them into an organization’s workflow, allowing appropriate systems and business processes to participate, all in a very easy, secure, compliant manner. It’s really bringing all those to the next level.

All right. So, in 2020, what’s your number one goal for DataMotion? If you had to pick just one thing – what would you want to see DataMotion accomplish?

Bob Janacek: The one thing that I’d like to see DataMotion accomplish in 2020, and which is already well underway, is the emphasis of platform as a service allowing developers to easily access and touch our APIs – and integrate them into their solutions. There are many types of solutions that would benefit from secure customer collaboration, include help desk ticketing and customer contact systems, ERP systems, accounting systems, healthcare systems and CRMs.  Besides GDPR, there are many privacy regulations being introduced or taking affect such as the California Consumer Privacy Act. These regulations are affecting companies and vendors – any organization that sends and touches sensitive data, they need to have a way to keep that data secure. The security should not get in the way of the business process, though. It needs to be baked in. There are a lot of opportunities for developers of these solutions to leverage DataMotion’s platform as a service, our APIs and protocols. Using these they can bake in that seamless experience and not only comply with ever-increasing privacy regulations, but also to provide the modern digital experience that their customers expect.

Going past 2020, where do you see DataMotion, and the industry in general going, looking out the next two to five years?

Bob Janacek: We have to continually serve the needs of our customers. Our customers are emphasizing security and compliance, ease of use and superior experiences for their clients. They’re also looking at machine learning, artificial intelligence, and natural language processing. So those are areas reaching a level of maturity that we can integrate into the DataMotion platform to benefit our customers. Those things are on our radar to continue our work of increasing efficiency, accelerating business processes, reducing complexity and driving cost out of collaboration.

Sounds like exciting times.

Bob Janacek: It absolutely is.

Two last questions. One is a fun question. What type of music do you have that you’re recommending this year?

Bob Janacek: I’ve been listening to the No Shoes Radio channel on satellite radio lately. There’s a lot of island music on that station. It just transports you to a different place. You know, it’s all about experience. You know that we’re also elevating the experience. But yeah, the islands and palm trees and all that kind of put you in that state of mind that says if you could make something so optimal and get so much enjoyment out of it in the islands, why can’t we bring that enjoyment to your customers use of technology?

Cool. So last question. Is there anything else that you’d like to add that we haven’t covered that you’d like our customers and prospects to know about DataMotion and where we’re going in this coming year.

Bob Janacek: As technology matures, history has shown that it consolidates, and it gets easier and easier to use. And I think that’s where we are in the curve of our offering. Whereas previously, for example, there were vendors for encrypted email, there were file transfer vendors for people and for systems, and for electronic forms.

They are now converging into a secure collaboration platform where you can emphasize any of those – email, files or forms – they all exchange. Now any system, app or process can participate in any of them with one common set of security, compliance, governance and tracking tools. You have a consistent view of all your critical information exchanges. Previously, you had multiple vendors, an uneven security footprint, uneven compliance, complexities of security patch management. We offer a very high bar for security, compliance and tracking, while also providing the agility needed to really get digital transformation and collaboration right. In addition, as your processes modernize and new ones are formed, you want a platform that has enough depth that you don’t outgrow it. So that’s technology, you know, maturing, converging and making collaboration a strategic asset in a CIO’s toolbox – allowing them to enable easy, secure communication and collaboration between their wide range of systems, employees, customers and business partners.

For more information on the DataMotion platform APIs and Integrations, view our integrations page.

Learn More

Join our Newsletter

Doctor wearing white gloves and stethoscope touching an icon of a person
HIPAA Compliance in the Age of Population Health Management 600 237 Team DataMotion

HIPAA Compliance in the Age of Population Health Management

Population health management (PHM) is the improvement of the health outcomes of a group of patients with similar characteristics. One example of a population in this context are patients suffering from the same chronic condition. The care of patients in this group may be managed similarly, often involving the same treatments, tests, procedures and other forms of care.

The treatment of chronic conditions typically involves multiple parties, from a primary care physician to multiple specialists and of course the patient. This, in turn, requires frequent communications between the parties.

Electronic health records (EHR) systems were intended to facilitate these communications but have some shortcomings. And maintaining Health Insurance Portability and Accountability Act (HIPAA) compliance is a key challenge. This article looks at how organizations can use Direct Secure Messaging to overcome the technical and regulatory challenges of a Population Health Management communication scenario.

The Importance of HIPAA Compliance in Healthcare

HIPAA compliance is a cornerstone of healthcare operations. It’s a critical safeguard for patients’ sensitive health information. Compliance ensures that healthcare organizations maintain the confidentiality and integrity of patient data, promoting trust and accountability in the industry. In the age of population health management — where data sharing and analysis are essential for improving healthcare delivery — HIPAA compliance becomes even more vital.

Understanding the HIPAA Compliance Rule

The HIPAA compliance rule governs how healthcare organizations handle protected health information (PHI), including how PHI is collected, stored, transmitted and used. It establishes guidelines for healthcare entities to protect patient privacy and data security.

HIPAA applies to various healthcare entities, including hospitals, clinics, insurance providers and business associates. It covers healthcare professionals and organizations handling PHI, helping to secure your data. Essentially, it means doctors can share patient information with other doctors to help treat you, but they cannot share it with your neighbor.

The compliance rule mandates strict safeguards for PHI, including administrative, physical and technical measures. These safeguards are designed to prevent unauthorized access, data breaches and other security threats.

Addressing the Three Key Elements of HIPAA Compliance

To achieve HIPAA compliance, healthcare organizations must focus on three key elements:

  1. Administrative: Administrative safeguards involve establishing policies and procedures for protecting PHI. They include workforce training, risk assessments and designating a security officer responsible for compliance. Effective administrative safeguards ensure responsible data handling and HIPAA compliance.
  2. Physical: These measures relate to protecting the physical infrastructure where PHI is stored. This includes access controls, facility security plans and device encryption. With the expansion of EHR and data centers, physical safeguards are essential to prevent unauthorized PHI access.
  3. Technical: Technical safeguards focus on the technological aspects of data security. They cover measures like access controls, encryption and audit trails. Robust technical safeguards are essential for protecting PHI during transmission and storage.

Population Health Management and HIPAA Compliance

Population health management has emerged as a pivotal approach to enhancing patient outcomes and healthcare quality. While the benefits of PHM are evident, it must operate within a framework of strict data privacy and security standards outlined by HIPAA.

Decoding the Main Components of a Population Health Model

Population health models allow healthcare entities to review healthcare data for a population. With this data, they can look for healthcare needs and develop strategies for addressing them. A population health model consists of five main components:

  1. Health assessment and analysis: This component involves collecting and analyzing health data from various sources, including EHRs, claims data and patient-reported information. These insights drive healthcare strategies and interventions. In the context of HIPAA compliance, it’s critical to ensure the collection and analysis of patient data follows privacy and security standards.
  2. Care coordination and intervention: Once health status is assessed, the next step is coordinating care and implementing interventions. This involves collaborating among healthcare providers, care teams and community organizations. HIPAA compliance is critical here, as the sharing of patient information among stakeholders must be managed carefully to protect patient privacy.
  3. Outcome measurement and continuous improvement: The ultimate goal of population health management is to improve health outcomes. Regularly measuring and assessing the impact of interventions is key. This component relies on data analytics and performance measurement. Health information management professionals ensure the data is accurate, complete and accessible while following HIPAA regulations.
  4. Health promotion and disease prevention: Healthcare organizations must ensure that any communication or educational materials promoting health are HIPAA-compliant and do not disclose PHI without the patient’s consent.
  5. Social determinant of health: Organizations collecting data on socioeconomic factors for addressing social determinants of health must protect sensitive information in compliance with HIPAA.

Achieving Successful Population Health Management

With a population health model, healthcare organizations can work to achieve better results for their patients. While population health models are essential, successful PHM hinges on the following:

  • Data integration and analytics: Health management needs a comprehensive and integrated data infrastructure. This infrastructure should enable healthcare organizations to aggregate data from various sources and perform advanced analytics to identify trends and opportunities for improvement.
  • Patient communication: Engaging patients is central to success. Effective patient communication, including the exchange of health information, enables informed decision-making and patient empowerment. Under HIPAA, healthcare providers must ensure secure and compliant communication channels to protect patient privacy.
  • Community partnerships: Collaborating with community organizations, public health agencies and social services is crucial to addressing the social determinants of health. HIPAA compliance extends to these partnerships, necessitating secure data-sharing agreements and risk assessments.

Leveraging Technology for HIPAA Compliance

Technology is pivotal in ensuring patient data privacy and security in today’s digital age. The use of technology and HIPAA compliance can be tricky without the right software. Effective, secure communication among healthcare professionals is essential for timely and accurate patient care. However, this communication must occur within HIPAA regulations to protect sensitive patient information. Secure digital exchange platforms like DataMotion Direct offer a solution by providing a HIPPA-compliant messaging platform.

Role of Secure Digital Exchange Platforms in Achieving HIPAA Compliance

The ideal solution is Direct Secure Messaging (“Direct”) from DataMotion. Direct is a secure email-like communications channel that enables providers to communicate with each other – as well as with patients and other caregivers – in a secure, HIPAA-compliant way. All messages are encrypted and require authentication to send and receive.

Importantly, Direct is an enhancement to EHRs, not a replacement. Providers can access Direct from within most popular EHRs.

On the provider side, Direct helps improve patient outcomes in a PHM environment by facilitating the exchange of patient medical records in a standardized manner. This includes formatted and unformatted data, as well as large files such as radiologic studies and diagnostic images. Direct enables better coordination of care. It also reduces errors and delays over conventional means of information exchange; for instance, delays when records are sent by courier, and mistakes due to the illegibility of handwritten notes.

On the patient side, Direct gets patients engaged in the management of their condition, which boosts outcomes. Patients can, for example, provide timely feedback on how well treatments are working, allowing providers to make adjustments accordingly without a delay for the patient to make an appointment with the provider. Patients can report new symptoms, complications or other issues to the provider immediately, thereby potentially avoiding life-threatening situations. And providers can ensure that patients refilled prescriptions when scheduled, or remind patients of upcoming office visits or tests to take.

Managing healthcare is increasingly a team effort. Frequent, accurate communication between the team members – including the patient – is paramount to achieving good outcomes. Direct offers an effective enhancement to EHRs that can help care providers deliver better patient outcomes while complying fully with HIPAA rules for privacy and security.

Redefining Communication in Healthcare: The Intersection of HIPAA and Digital Collaboration

Healthcare communication’s transformation through modern tech is revolutionizing how healthcare is delivered. This digital transformation enhances efficiency and aids in HIPAA compliance. DataMotion is at the forefront of this change, empowering health care organizations to embrace secure and compliant digital collaboration.

The importance of communication in public health is undeniable. By facilitating the secure exchange of patient data and clinical information, DataMotion contributes to better patient outcomes while ensuring the protection of their sensitive health information. As healthcare continues to evolve, the intersection of HIPAA and digital collaboration becomes increasingly important. Forward-thinking solutions like DataMotion Direct pave the way for a more connected and secure healthcare ecosystem.

Facing the Challenges of HIPAA Compliance in Large-Scale Healthcare Solutions

Large-scale solutions are pivotal for improving patient care and health outcomes. However, these innovations come with a unique set of challenges, particularly in the context of maintaining HIPAA compliance. Understanding the technical and regulatory challenges faced in PHM communication and current solutions to these challenges is instrumental in overcoming these obstacles.

The Challenge of Managing Chronic Conditions

Chronic conditions are complex to manage. They typically involve multiple syndromes, symptoms, tests and treatments. They require multiple specialists to manage effectively, as well as a high degree of patient diligence.

Diabetes is a good example. It cannot be cured, only managed for the remainder of the patient’s life. As with most complex chronic conditions, managing diabetes involves regular visits with specialists to ensure that things don’t get worse. Managing a patient’s glucose level is always the short-term concern, but left unmanaged, diabetes can result in catastrophic outcomes such as the loss of a patient’s feet or eyes, or kidney or heart damage.

In addition to the patient’s primary care physician, medical professionals involved in the management of diabetes could include nurse educators, endocrinologists, ophthalmologists, cardiologists, dietitians, podiatrists, exercise physiologists, dentists and others. The coordination of care between so many providers — and with the patient — is essential.

Addressing Technical and Regulatory Challenges in Population Health Management Communication

Part of the promise of EHR systems was that they would facilitate the level of information exchange between healthcare providers that is necessary for coordinating the care of patients. To do that, the HL7 data standard emerged to ensure that the hundreds of EHR products in the market could “talk to” each other. Unfortunately, different EHR vendors interpret the HL7 standard differently, resulting in incompatible data formats. This, in turn, causes missing or inaccurate patient records.

In addition, some EHR vendors employ a proprietary data format that effectively blocks information exchange with EHRs from other vendors. And, some vendors charge providers to enable their systems to interoperate with others.

These constraints make it harder to manage patient care across providers, rendering the ultimate goal of PHM – better patient outcomes – harder to reach. The alternative for information exchange – provider-to-provider email, postal mail or faxes, can result in HIPAA violations (and are slow and unreliable).

Another challenge is that EHRs were designed to facilitate provider-to-provider care. But for PHM, the patient plays a pivotal role in achieving good outcomes. So, too, can family members or other caregivers, such as home health agencies, that might not have access to an EHR.

HIPAA compliance in the context of PHM introduces specific challenges that healthcare organizations must address to effectively manage patient data. Here are key challenges related to HIPAA compliance in PHM:

  • Data aggregation and integrations: Clear communication and effective consent management are crucial for obtaining patient consent for data sharing and engagement in population health programs while following HIPAA guidelines.
  • Consent and patient engagement: Obtaining patient consent for data sharing and engagement in population health programs, while complying with HIPAA, requires clear communication and consent management strategies.
  • De-identification and anonymization: It is crucial to de-identify or anonymize patient information before aggregating and analyzing data for population health to protect privacy.
  • Data sharing for research: Collaborative PHM research often requires complying with HIPAA regulations for data sharing and patient consent, adding complexity.

Electronic communication is by far the easiest, most efficient, most reliable and most accountable means of communication between providers and patients. But standard email isn’t a viable option under HIPAA because the identity of the recipient — the reader of the email — cannot be validated. And, regular email is no more secure than sending a postcard with sensitive patient information written on it for all to see, which again presents HIPAA compliance issues. Moreover, regular email lacks documentation and audit trails that all parties involved in the patient’s care can access.

How DataMotion Can Help with These Challenges

Direct offers a secure messaging solution for these challenges. It provides a safe and compliant platform for healthcare professionals to exchange sensitive patient information, ensuring data is protected throughout communication. Using encryption and access controls, Direct helps healthcare organizations share patient data securely while meeting HIPAA requirements. With Direct care coordination, patients can receive better care without information falling through the gaps in healthcare organizations.

HIPAA Compliance and the Nationwide Exchange of Clinical Endpoints

The value of Direct Secure Messaging in large-scale healthcare solutions cannot be overstated. Efficient and secure communication among healthcare providers and organizations is the backbone of effective PHM. DataMotion Direct excels by offering a nationwide exchange network with access to over 2.5 million clinical endpoints.

This extensive network facilitates the secure exchange of clinical information across geographic regions and diverse healthcare entities. Whether it’s sharing patient records, test results or treatment plans, DataMotion Direct ensures sensitive data remains confidential and HIPAA compliant throughout its journey.

Choose DataMotion to Secure Your Healthcare Communication

Large-scale healthcare solutions are transforming how we deliver and manage healthcare. However, with these innovations come significant challenges related to HIPAA compliance and secure communication. DataMotion Direct is a reliable solution, enabling your organization to navigate these challenges effectively.

DataMotion is an accredited Health Information Service Provider (HISP), provisioning Direct services that are fully interoperable with other HISPs. Secure data delivery has been the core of DataMotion’s business since 1999, ensuring your ability to meet HIPAA compliance and Meaningful Use requirements.

By providing secure messaging capabilities and a nationwide network of clinical endpoints, we empower healthcare providers to deliver better patient care while safeguarding the privacy of patient data. If you’re interested in partnering with DataMotion or you want to learn more about our services, contact us online today!

Updated November 1, 2023

Is DataMotion Direct right for your organization?

Contact us to learn more.

Contact Us

Join our Newsletter

What Is Direct Secure Messaging? 1024 402 Team DataMotion

What Is Direct Secure Messaging?

If you work in the health care industry, you may have heard the terms “Direct,” “Direct Exchange,” “Direct Secure Messaging” or “DSM” several times. This type of messaging plays an important role in keeping protected health information (PHI), such as personal details or medical data, protected.

We are exploring the ins and outs of Direct Secure Messaging and why it is highly useful and advantageous for health care and information technology (IT) professionals.

What Is Direct Messaging?

Developed in 2010 under a part of a federal project for standards-based communications, Direct Secure Messaging is an American encryption standard for securely exchanging clinical health care data digitally. It specifies a standards-based method for sharing PHI in a highly secure and scalable way.

Healthcare providers and organizations must meet the specific requirements for data transfer utilizing Direct Messaging to qualify for incentive payments. These standards are outlined in the Meaningful Use Stage 1 criteria from the Office of the National Coordinator for Health IT (ONC) and are often demonstrated with electronic health records (EHRs). These records must comply with the ONC’s 2015 Edition Health Information Technology Certification Criteria, which includes rules for using Direct Messaging for the electronic exchange and transition of care records.

Direct Secure Messaging is leveraged by:

  • Hospitals
  • Providers/clinicians
  • Care team members
  • Patients
  • Laboratories
  • Pharmacies
  • Long-term care
  • Skilled nursing
  • Specialists
  • Dental

How Is Direct Secure Messaging Used?

Here are some of the ways Direct is useful for communicating or sharing private health information:

  1. Transitions of careDirect allows health care providers to exchange Continuity of Care Documents (CCDs) and Clinical Document Architecture (CCD-A documents) that include patient information, like medical history, medications and allergies.
  2. Physician consult requestsYou can also use Direct Secure Messaging for sending consult requests to other physicians and getting input from specialists to inform diagnoses and treatment plans.
  3. Admit-Discharge-Transfer Requests (ADT): Providers also utilize Direct to send admission, discharge or transfer information to other care facilities or hospitals.
  4. Medication reconciliationDirect Messaging allows providers to exchange information about medication to ensure accurate reconciliation.
  5. Lab/test resultsMedical laboratories can utilize DSM to share lab and test results directly with care providers.
  6. Patient communicationDirect facilitates important patient communications, like sharing appointment reminders, medication instructions and follow-ups.
  7. Order submissionAnother use of Direct Secure Messaging is transmitting orders to other facilities, such as imaging centers or labs.
  8. Report distributionDSM allows providers to share medical reports, like pathology reports or discharge summaries, with other care professionals.
  9. Peertopeer collaborationAnother beneficial way to use Direct Secure Messaging is for secure communication between health care providers. They can share patient information securely to improve care coordination.

How Does Direct Secure Messaging Work?

Direct can be incorporated into a variety of user interfaces such as an email client, a mobile device, health care IT system portals or an automated data delivery feed. Any of these interfaces are capable of sending or receiving Direct messages. But in order to participate, both sender and recipient users will need a specific Direct email address provided by their health information service provider (HISP). Health care IT systems can integrate Direct in multiple ways depending on the desired workflow.

The Importance of Direct Secure Messaging for Health Care Professionals

Why should you care about Direct Secure Messaging as a health care professional? Direct ultimately helps care providers save costs while delivering improved quality of care.

On the clinical side, Direct Secure Messaging addresses gaps in transitions of care, which have been identified as a significant patient safety issue. The incomplete exchange of patient health information among providers when transitioning from one care environment to another is a point of vulnerability that can compromise the overall quality of care a patient receives.

On the business side, Direct Messaging can reduce or eliminate the costs associated with fax workflows by transitioning relatively expensive fax communication to less expensive email workflows.

Key Benefits of Direct Messaging in Health Care

Direct Secure Messaging offers many advantages for professionals in the health care industry, including:

  • Strong security and privacy protection: DSM ensures that private health information remains secure as different health care entities exchange documents and consult one another. Direct employs advanced encryption and authentication to keep patients’ medical records confidential and accurate.
  • Improved care coordination: A major benefit of direct secure messaging is improving and streamlining communications between providers to enhance care coordination. With a seamless way to consult with other professionals and experts, care providers can ensure they facilitate the most advantageous diagnosis and treatment for their patients.
  • Efficiency and cost savings: Antiquated communication methods like faxing can be inefficient and expensive. Health care organizations can save significant time and money with Direct, as it reduces administrative burdens and streamlines communication.
  • Timely access to important information: DSM enables providers to access the medical and patient data they need as they need it. This helps care providers quickly inform decision-making, reduce errors and ultimately deliver better quality care. Easily sending and receiving information in real-time improves interconnectivity and coordination.
  • Enhanced patient engagement: Direct is an incredible method for the exchange of messages between health care providers and their patients. Those getting care can use DSM to ask questions or request appointments, helping them be active participants in their own care plans.
  • Meeting important regulatory compliance standards: DSM can help health care providers stay compliant with essential regulations, such as the Health Insurance Portability and Accountability Act (HIPAA). Abiding by applicable privacy and security laws is simpler with one unified standard that all systems can leverage.

The Role of Direct Secure Messaging in Health Care Interoperability

In addition to the benefits above, Direct Secure Messaging promotes interoperability between different health care providers and systems. DSM adheres to standardized formats and protocols, which help streamline the exchange of data across various platforms.

Standardization allows providers to seamlessly integrate information from multiple sources for informed decision-making and collaboration with other medical experts. Interoperability is essential for health care systems to communicate quickly, securely and effectively.

Regulatory Compliance and Secure Information Transfer

Today, data security is more important than ever. Health care providers must ensure they use communication mechanisms, such as the following, that offer outstanding protection against unauthorized access:

  • Encryption
  • Digital certificates
  • Access controls
  • Audit logs
  • Secure storage

In addition to featuring robust data security and abiding by important HIPAA guidelines, Direct Secure Messaging allows medical professionals to have peace of mind when transferring sensitive documents and messages.

Direct Secure Messaging for health information exchange ensures patient privacy and keeps medical data confidential, allowing health care providers to maintain trust and reliability.

How to Choose a Health Information Service Provider

Health care providers can obtain a Direct address through a health information service provider. A HISP helps authorized entities implement secure messaging infrastructure and technology platforms to support secure communication between different medical professionals.

The following are key considerations to help you determine the right provider for your specific practice:

  • Scalability: Consider whether or not the HISP has the capabilities to accommodate the volume of messages your organization will require. Factors like network bandwidth and server capacity will impact DSM scalability and reliability.
  • Support and training: Assess the quality and level of customer support and technical assistance the HISP can deliver for your practice. Ask about training opportunities for your team to learn how to maximize the benefits of DSM.
  • Reputation: Always choose a health information service provider with a reputation for providing excellent services, like DataMotion. Ask other medical or IT professionals about their experiences and get insight into the HISPs they recommend.

Explore DataMotion Direct Secure Messaging HISP Services

Secure, efficient messaging is critical to the health care industry today. With the Direct Secure Messaging HISP services from DataMotion, your health care or IT organization can easily exchange medical data and patient information with a massive number of clinical endpoints within the DirectTrust network.

Our services help you provide better care to your patient by simplifying care coordination. You can get easier access to medical records, even if you don’t have an electronic health record system.

Ready to learn more about our ONC-certified Direct Secure Messaging service? Contact us online to speak with an expert today!

Updated April 16, 2024

Join our Newsletter