HealthBlog

Thoughts, comments, news, and reflections about healthcare IT from Microsoft's worldwide health senior director Bill Crounse, MD, on how information technology can improve healthcare delivery and services around the world.

ONC Direct–the secure way to send patient information electronically. Get started now!

ONC Direct–the secure way to send patient information electronically. Get started now!

  • Comments 0

My colleague Sean Nolan serves as “distinguished engineer” in Microsoft’s Health Solutions Group.  Really, Sean is the guiding light and visionary engineer in residence for the group’s solutions (HealthVault and Amalga)—a CTO if you like.  In his popular blog, Family Health Guy, Sean helps users (individuals, families, consumers, customers and partners) get the most from HSG’ solutions.

There are many things I admire about Sean, but most of all I admire his dedication to good service.  He is one of the most approachable people at Microsoft.  Whenever I have a question or need help or have a customer looking for direction, Sean is always at the ready to provide pointers or lend a hand.  And, I know how busy he is.  That makes his dedication to timely  communication and excellent customer service all the more remarkable.

Since I told you here on HealthBlog about the ONC Direct project and how Microsoft is making it possible for clinicians to securely connect with patients via HealthVault ( see Secure Physician to Patient e-mail for the Rest of Us ) I’ve been getting questions from healthcare providers on what they can do now to get started.  I’ve received similar questions from consumers who would like to be able to receive email from the community doctors who care for them.  So, I am pleased to offer some guidance that comes direct from the master, Mr. Sean Nolan himself.  Here is how he explained ONC Direct and how to get started on his blog.

*****************************************************************************************************************************************************

Getting Started with ONC Direct

1. Already have a vendor?

If you're already using an EMR or other software in your practice --- check with them to see what their strategy is for Direct. Most of the relevant vendors out there have been working with us on the project already (Allscripts has been particularly active), and as momentum grows I'm seeing more interest every day. Chances are you'll see Direct wired into your everyday experience sooner rather than later.

2. Check with your state HIE

You might also check with your state HIE organization and see if they've got plans for Direct. ONC is asking state HIEs to ensure that providers have access to Direct, and I've spoken with a number of teams that are moving quickly to do just that.

3. Do it yourself --- it's easier than you think!

Especially if you just want to send messages to patients --- this is really a pretty simple way to go. John Halamka and I had some conversations about this and he posted an overview on his blog.

The quickest way to get going is to just set up a Direct Gateway in your office ... this can all run on a single machine. Direct participants have already written two versions of a gateway that you can just install and run, one in Java and one for Windows/.NET. The basic steps for sending outbound to HealthVault are just:

  • Install a gateway using the instructions and downloads at http://wiki.directproject.org/CSharp+Reference+Implementation (this is for the .NET gateway).
  • Create an organizational certificate to use for your messages (see the end of this post of how to use the "makecert" utility on Windows for this).
  • Exchange certificates with us so that we know about each other. Tell us who you are and send us your public certificate at hvbd@microsoft.com, and we'll respond with our "anchor" certificate.
  • Configure the gateway with your certificate, email domain (mypractice.org), and the HealthVault "anchor" we sent you.
  • Configure the gateway with an address that will be the "from" address for your messages (e.g., info@mypractice.org).

That's it! You can now construct a "plain old" email message and send it through the gateway --- using any email client configured to talk to the gateway as its SMTP server --- and it will be properly encrypted and sent on its way.

Extending your gateway so that it can receive inbound messages is pretty simple as well --- you just need to make sure that it can be reached from other machines on the Internet. This involves some setup using a "DNS" service like godaddy.com --- I'll post more on that later, or feel free to drop me a line if your ready to give it a shot.

4. Can't I just sign up for service online?

Not quite yet --- but I know of at least two companies that are planning to have this service available in the next few months. We're looking at how we might do it ourselves as well --- still early on that one.

The cool thing about Direct is that running it is (almost) as easy as running any other email system ... so contact your regular email provider and tell them they could get some great business by extending their service to support the healthcare protocols at http://directproject.org --- just about any credible ISP could make it happen without a lot of trouble.

OK, now how do I know what HealthVault address to send to?

This is way simpler that folks might suspect. First, just ask your patient for their Direct address when they're at the front desk. If they have one, great --- you're good to go. But at least at first, most of them won't, so we provide a really great way to take care of this case too.

Just ask the patient for their "regular" email address, and then send their Direct message to newuser@direct.healthvault.com, setting the Subject of the message to their regular address. We will store the message away in a special holding pen, and automatically forward the patient a "pickup message" at their normal email account. This message will include a special code and instructions for setting up their HealthVault account and claiming their information.

This is really important to making the system work --- you can use Direct to send messages to ALL of your patients that want to receive information electronically, not just those that have already set up a PHR account. I love this feature!

************************************************************************************************************************************

Thanks Sean!  As always, you are a rock star.  On behalf of clinicians everywhere who are seeking a safe and efficient way to communicate with patients, especially clinicians who are not affiliated with a large hospital or clinic, ONC Direct and the connection to HealthVault is priceless.

Bill Crounse, MD                                  Senior Director, Worldwide Health                               Microsoft

Leave a Comment
  • Please add 4 and 7 and type the answer here:
  • Post