Direct Overview Call for Consensus

Document is well structured and a good overview level. Just a few comments:

1. Section 2.2 first example #1 and Glossary: The definition of HISP concerns me. The agreed to name was Health Information (NOT Internet) Service Provider, see http://nhindirect.org/NHIN+Direct+Abstract+Model. I disagree with the meaning of this acronym being changed, I'm hoping it was accidental. But I noticed that the glossary and Section 2.2 describe it as "serve a similar purpose as a typical Internet Service Provider that handles e-mail messages today". I think this is misleading and will cause more confusion that not. I agree with another comment that a HISP is not well defined and is unlikely to be as seamless as a typical ISP. A better definition for this key component would be helpful.
2. Section 3: Disagree with the term "universal patient discovery". Change the first bullet to be something like this:
NHIN Exchange Specifications support health information exchange across health information organizations (HIOs). A primary aspect of this health information exchange is the ability to identify a common patient even without a common patient identifier and search for and exchange records about patients. This capability goes beyond the “simple, direct, among known participants” scope of NHIN Direct. Exchanges between HIOs {the rest is unchanged} are not limited to “direct” messages or “known participants.” For example, the emergency department that treats a patient who was vacationing did not have a prior relationship with the patient’s providers, and none of the previous providers directed a message to the ED.
3. Glossary: Remove the term "patient discovery" from the glossary. In #2 I recommend adjusting the section that references it and in any case this definition is not accurate if it refers to the NHIn Exchange use of Patient Discovery.
4. I concur with comments from VisionShare # 2, 4, 5, 6. I found these problems also in my review.

1. Section 1.3, paragraph 2: The three prerequisite components are listed as Transport, Ontology, and Semantics. The three example sentences that follow seem to be ordered as Transport, Semantics, and Ontology. Assuming that's correct, items 2 and 3 should be swapped for clarity. As a corollary, I'll suggest that the term Ontology won't have much meaning to the target audience.
2. Section 2.2: The Abstract Model diagram and supporting text uses the term Sender and Receiver. The approved Abstract Model uses Source and Destination. Also, the Glossary defines all four terms. I would suggest using the original terms from the Abstract Model, or asking NHIN Direct to change the Abstract Model terms to Sender and Receiver. Multiple overlapping terms can become confusing.
3. Section 2.2 (again): The descriptions of the ack transactions (1.3, 2.4, and 3.4) in the examples do not match what was intended in the Abstract Model. Example 1 says that the service provider (the sender's HISP) acknowledges successful receipt of the message. These transactions in the Abstract Model are actually explaining how a Destination to Source ack occurs (in transaction order 3.4 to 2.4 to 1.3). This is a fundamental semantic disconnect that should be clarified.
4. Section 3, first bullet: The first three words are "NHIN Exchange Specifications". To match the terminology used further down in the doc, the first three words should be replaced with "NHIN Specifications".
5. Section 3, third bullet: There is a spurious "(" before the word "to".
6. Glossary: Since DNS is mentioned in the Abstract Model diagram in section 2.2, the term "DNS" should have an entry in the Glossary.

1. Section 1.2: Are there any scenarios where the participants do not know each other in advance? If so how does that impact these assumptions?
2. Section 1.2: How is this done? What NHIN Direct infrastructure supports this assertion? [that the Sender has determined it is clinically and legally appropriate to send information to the receiver]
3. Section 1.2: Re: Patient identifier - But they DO require accurate patient identification. It seems incorrect to focus on the negative of not requiring an identifier while ignoring the positive requirement that they two must come to a correct agreement on what patient this data regards
4. Section 1.2: In light of these restrictions can an NHIN Direct message contain information on a set of patients rather than a single individual? This makes things like obtaining patient permission much more complicated. If not, then this should be noted in section 1.3 as a limitation in scope.
5. Section 1.2: This is the most critical section of the document. Once these assumptions are finalized they must be implemented in a way that gives the recipient medico-legal assurance that these properties are true. If the recipient is going to trust that the sender met these obligations then several things are required that are not mentioned above.
   a. Non-repudiation. NHIN Direct must include a mechanism(s) to ensure that a sender cannot later disown authorship of a message.b. Immutability. NHIN Direct must include one or more mechanisms such a check sum in its transport architecture to ensure that the message has not been altered in transport.c. Attestation. Every message that is sent using NHIN Direct must include some form of legally binding assertion that the sender abided by the principles above. This might involve including such a statement in each message or including a reference/pointer in each message to a separate statement or there may need to be a legal judgment that this is implied when an NIHN Direct message is sent.The recipient of an NHIN Direct message is medically, legally and ethically responsible when they use that information for patient treatment. NHIN Direct must provide the above three assurances in order to enable the recipient to act on the information in the message.
6. Section 1.2: Is there an ‘onboarding’ process for senders and receivers in NHIN Direct? If yes, where is this described? If no, how can any participant trust any other participant?
7. Section 1.3: It should be noted in this section that NHIN Direct only supports ‘push’ of medical information, not pull.
8. Section 1.3: Also see the limitation in the last bullet of the previous section – only one patient per message (I assume.)
9. Section 2.1: Aren’t these first four examples [Priority 2, first 4 bullets] of information on a set of patients rather than an individual? I need clarification on whether information on multiple patients is permitted in a single NHIN Direct message.
10. Section 2.2: How are functions such as determining the receiver’s communications requirements and doing message protocol translation handled?
11. Section 2.2 Example 1.3: Would having a patient name in the header be a violation? This example assumes that there has been prior out of band communication. Is that necessary?
12. SEction 2.2 Example 2.1: No! this is his PHR address. The patient may have multiple NHIN Direct addresses including his e-mail, his PHR and his physician’s EHR depending on the specific use case
13. Section 2.2 Example 2.3: How? How is the patient identified? Through having a unique URL?
14. Section 7: Abstract Model - there should be a URL or pointer to this document
15. Section 7: How does a user "qualify" to participate in a HISP?