Posted in HIX

Using Direct Messaging, FHIR together to improve data sharing

Chris Nerney
Chris Nerney, Contributing Writer |
Using Direct Messaging, FHIR together to improve data sharing

DirectTrust and FHIR have been taking different paths the same goal: healthcare interoperability.
FHIR (Fast Healthcare Interoperability Resources) is a three-year-old standards framework created by HL7 (Health Level Seven International), a non-profit organization spearheading development of international healthcare interoperability standards. DirectTrust is an alliance of health IT and healthcare provider organizations using Direct Messaging to share health information between providers and with patients.
But in a new white paper, the two organizations make a case for how FHIR and Direct communities and technical specifications for each standard can relate to each other to create new value.
"The FHIR community’s current focus is 'perimeter interoperability' – that is, exchange of data outside the institution, either with patients/consumer directly, or between institutions," the white paper explains. "In the USA, most of the focus around FHIR has been consumer to business (C2B) rather than business to business (B2B).”
But the primary use of the Direct protocol, the paper says, “is for exchanging data between clinicians and support staff in institutions."
"The existing work in the FHIR eco-system does not standardize all aspects of establishing trust between systems,” Grahame Grieve, FHIR’s original architect and director of HL7’s FHIR international programs, said in a statement. "While FHIR offers SMART-on-FHIR as a way to delegate authorization, underlying trust frameworks are needed to provide a framework in which these are managed. Working with DirectTrust could potentially save the FHIR community from the costs of building a new trust framework by using one already proven to scale high identity assurance."
The paper’s authors describe two main ways to use existing Direct and DirectTrust assets with FHIR: 1) pushing FHIR resources in Direct Messages, and 2) using DirectTrust certificates with the RESTful API, a transport protocol.
“No single standard, either for transport, or for content, or for trust in identity, can do everything that is needed by providers and patients wanting to securely share and exchange health information using various tools and technologies,” said DirectTrust President and CEO David C. Kibbe. “We should take every opportunity to combine the strengths of different interoperability standards, so that they enrich and support each other.”