If your question is not answered below, please submit it to our FAQ submission page.
- 1 Table of Contents
- 1.1 How does the Direct Project complement the Nationwide Health Information Network Exchange?
- 1.2 What is the relationship between the Direct Project and state-based Health Information Exchanges?
- 1.3 What do I need to do to participate in the Direct Project?
- 1.4 What are the technical requirements for exchanging information using Direct Project specifications?
- 1.5 How will I benefit from the Direct Project?
- 1.6 Is the Direct Project a viable standalone option for health information exchange?
- 1.7 When will the Direct Project be generally/publicly available?
- 1.8 What’s a HISP?
- 1.9 Do I need a HISP?
- 1.10 Can I (should I) be a HISP?
- 1.11 What’s the security model for the Direct Project?
- 1.12 What is meant by "direct" exchange?
- 1.13 Who issues digital certificates to Direct Project participants?
- 1.14 How will I find a provider to send data to using the Direct Project? Is there a directory?
Table of Contents
How does the Direct Project complement the Nationwide Health Information Network Exchange?
The Direct Project was designed to provide support for simple scenarios where a source with data intends to push it to a receiver, purposefully limiting itself by not addressing some of the more complicated use cases supported by the Nationwide Health Information Network. More details are contained in the Direct Overview document.
What is the relationship between the Direct Project and state-based Health Information Exchanges?
While a state-based HIE is not required to support Direct exchange, it can choose to do so, providing services to its members to make it easier for them to send Direct messages to each other and to others outside the HIE. Providers do not need to belong to a state-based HIE in order to send Direct messages. More details can be found in the Direct Overview document.
What do I need to do to participate in the Direct Project?
For you, there are two levels of participation. You can contribute to our discussion, offering advice and real-world experience as we continue to design and refine the Direct Project. Suggestions for this level of contribution are outlined in the Direct Project Participation Guidelines. But you might also be interested in getting involved, taking part in actual data exchange. Since the Direct Project is currently still in a pilot phase, you would need to join one of our pilot implementations (and you'll need a lot of patience as we continue to work out the early details). You can learn more about what it takes to participate in a pilot from the pilot participation guidelines checklist.
What are the technical requirements for exchanging information using Direct Project specifications?
It's a simple question with many complicated answers. In brief, you'll need to send and receive secure e-mails, and optionally manage how trust is handled in order to make those messages secure. For further reading, please consult the Direct Overview , Direct Security Overview , Deployment Models, Core Direct Specification, and Conversions from XD* to SMTP.
How will I benefit from the Direct Project?
The Direct Project will help support simple exchange where a sender wants to push health information securely to a receiver. This simple model covers a number of user stories, and in conjunction with other data components may help to satisfy some meaningful use requirements. Further overviews of the Direct Project tailored to specific audiences can be found (in draft form) here.
Is the Direct Project a viable standalone option for health information exchange?
The Direct Project allows senders to push health information securely to known receivers. This covers a number of important exchange scenarios, but there are important limitations in the Direct Project's scope. For example, the Direct Project does not support discovering places that know about a given patient, or pulling data from organizations where that patient has been seen. More details about the Direct Project's supported scenarios and its limitations can be found in the Direct Overview.
When will the Direct Project be generally/publicly available?
There are many components to the Direct Project - code to help support its deployment, documentation to explain how it can be implemented technically, and real world pilots to prove and refine the project's specifications. To learn more about our current progress, please refer often to our progress tracker.
What’s a HISP?
A Health Information Service Provider, or HISP, is a logical concept that encompasses certain services that are required for Direct Project exchange, such as the management of trust between senders and receivers. It may be a separate business or technical entity from the sender or receiver, depending on the deployment option chosen by the implementation.
Do I need a HISP?
Not necessarily; there are various deployment models that can be used to instantiate a Direct Project implementation. The details of the various options are presented in the wiki page Deployment Models. If you choose a model in which the services performed by the HISP are not provided by a separate business or technical entity, you will have to implement additional capabilities to meet the various NHIN Direct standards and specifications.
Can I (should I) be a HISP?
As an HIE, you might choose to provide HISP services to your members to support the types of exchange covered by the Direct Project. As an organization or individual, you might choose to play the role of a HISP in order to avoid needing to establish a separate business relationship with an entity to provide services that you can easily perform yourself. You'll need to balance these advantages with the added responsibility and technical challenges you'll take on by choosing to perform HISP functions.
What’s the security model for the Direct Project?
In the same way that clinicians currently do not assume that it is safe to fax protected health information to anyone with a fax number, or mail PHI to anyone with a post office address, Direct Project users cannot assume that it is safe to send messages to any Direct Project address. Direct Project users will need to establish real-world trust relationships with other Direct Project users on their own terms, but once they have established this real-world trust, they can be sure that a Direct Project network will securely deliver Direct Project messages to the trusted Direct Project user. This secure transportation of messages is handled through a PKI model, and an overview can be found in the Direct Security Overview document.
What is meant by "direct" exchange?
Direct exchange describes the push of health information from a sender to a known receiver, similar to a how an e-mail or fax is pushed from one endpoint to another. Details are discussed further in the Direct Overview document.
Who issues digital certificates to Direct Project participants?
Currently, there is no single authority who issues certificates to Direct Project participants. The recommendations for the pilots is documented on the wiki page Digital Certificate Recommendations for Pilots.