DirectTrust launches patient information exchange, access standard-setting group

DirectTrust created an initiative to review and develop standards that could facilitate a voluntary patient credentialing and matching system.

The initiative will form the Privacy-Enhancing Health Record Locator Service Ecosystem standard, which will define a model that either the private or public sector could deploy to ensure secure, identity-verified electronic exchanges of health information, the not-for-profit alliance said Monday.

The group will identify and analyze existing standards while also forming new standards that improve record locators' privacy—and regulate interactions between identity providers, electronic health record systems and health information exchanges and networks.

"Managing identity and health information interoperability in healthcare is a special problem unlike other identity and identifier topics," said Scott Stuewe, DirectTrust president and CEO, in a news release. "To be useful as a mechanism for assembling a longitudinal health record, a system also needs to enable access to the locations where records are available for the individual."

The initiative's standards could include a low-cost record locator and patient identifier service shared across participating providers to support patient-matching success, DirectTrust said in its news release.

Identity providers would issue credentials and enable access to the common identifier service so patients can access their own records from various healthcare locations using a single credential.

All parties would work to assemble a single comprehensive patient record with data from sources across the healthcare continuum, using existing mechanisms for exchange.

The standard could provide an alternative to improving patient matching and health record location, using a universal patient ID, which the government has been prohibited to act on since the Health Insurance Portability and Accountability Act of 1996.

Download Modern Healthcare’s app to stay informed when industry news breaks.

As a patient-focused digital health company, Accolade is concerned about the industry's current approaches, as it uses patient demographics to match records across institutions, said Dr. Anupam Goel, the company's medical director for care solutions.

"Since nearly all patients receive care at more than one institution over the course of their lifetime, developing a highly reliable process to match records⁠—without disclosing personal identifying information⁠—should be a priority for everyone working in the American healthcare system," Goel said in a news release.

DirectTrust's focus on consumer credentials aligns with the Carin Alliance's effort to link patients to their information across different health systems.

Carin Alliance is aiming to establish a single way to verify a patient's identity, using a credentialing service that's been certified by an independent third-party and partnered with the Department of Health and Human Services' external user management system. This credentialing service would authenticate the patient so they are able to request data from participating providers and payers.

"Patient-controlled privacy is a critical complement to accurate patient identification," said Dr. Barry Hieb, chief scientist for Global Patient Identifiers, in a news release. "With a fully accurate patient identification methodology, it's possible to devise a novel strategy that enables each patient to not only construct an accurate longitudinal medical record, but to also ensure it fulfills whatever privacy constraints their medical situation requires."