As more regulations require a standardized way to exchange information that’s HIPAA compliant, the ability to securely exchange health information from primary care providers, specialists, and hospitals can be a bit confusing. A Direct Address is the core element to foster a connection across different electronic health record networks when attempting to build the secure means of electronic communication for referrals, transitions of care, or to receive notifications of patient admission, discharge or transfer.
A Direct Address uses the internet to transmit a Direct Secure Message of clinical content to improve care coordination and workflow efficiency. In addition, a Direct Address is essential for compliance with the Quality Payment Programs under Medicare, a requisite for providers and hospitals to share their Direct Address for access, exchange, or use of electronic health information to achieve high performance scores and to avoid information blocking regulations.
If you’ve been previously contacted for a Direct Address, you may have responded, or heard someone else say:
- My email address is...
- My physical address is...
- My web address is...
None of these responses are correct, and not exactly knowing what a Direct Address is can be frustrating and mystifying.
First, a Direct Address looks very similar to an e-mail address, and is also issued to individuals, organizations, departments, or medical devices for the exchange of health information. To develop a Direct Address, a health care entity will create an organization domain which likely uses the name of the provider, clinic and electronic health record system. An example of a Direct Address may look like this:
providernameorclinic@direct.whereyouworkorelectronichealthrecordsystem.com
Health care organizations have a distinct Direct Address for each practice affiliation and need to verify sending to the correct address or location. HIPAA protections, such as identify proofing solutions verify user authentication.
To create or obtain your Direct Address, contact your EHR vendor to understand the tools available, and how to meet measurement requirements with your specific electronic health record system. Certified EHR systems are required to offer Direct Secure Messaging, manage a HISP (Health Information System Provider, such as CareQuality or Commonwell), or provide third party Direct services. You may also contact entities accredited by DirectTrust to obtain Direct Addresses to other providers and healthcare facilities for health data or information sharing.
Your Trusted Advisor in Health IT
7000 Fannin Street | Suite 600 | Houston, Texas 77030 | 361-772-4812 direct | 713.500.3479 main | 713.500.3655 fax
tracy.l.swoboda@uth.tmc.edu | https://sbmi.uth.edu/gcrec/