How DirectTrust is Enhancing Health Data Interoperability, Usability

Over 300,000 healthcare organizations have access to Direct, making it the most ubiquitous interoperability data standard, according to Scott Stuewe, president and CEO of DirectTrust, the non-profit healthcare industry alliance that created the Direct standard.

Direct, also known as direct secure messaging, is a secure communication transport system that connects health IT systems over the open internet. The standard has a variety of use cases, including referrals, electronic case reporting, ePrescribing, and admission, discharge, and transfer (ADT) messaging. 

In Q4 of 2023, healthcare organizations sent and received over 235 million messages through the DirectTrust network. Still, many healthcare organizations are unaware of the interoperability method, Stuewe noted.

"The good news is that everybody's got a wire connected," Stuewe told EHRIntelligence in an interview. "The bad news is that a lot of them don't know they have it, and a lot of this has to do with the fact that it was an obligation."

The ONC Certified Electronic Health Record Technology (CEHRT) requirements of 2014 and 2015 mandated that EHR vendors implement direct secure messaging within their platforms. However, there are no regulations that require healthcare organizations to use the protocol.

In recent years, DirectTrust has been working to drive the use of Direct through education and enhanced standards efforts.

As a not-for-profit trade association, DirectTrust has worked with its membership of healthcare organizations, payers, EHR vendors, and interoperability companies to build and deploy educational materials on Direct.

Online resources include explainers on how Direct works, as well as tips on leveraging Direct for various use cases.

"I think the real goal is to get people to start utilizing what they already have," Stuewe said. "The opportunity here is with almost no cost, and just retraining and education, we can get substantial value from direct secure messaging just as it is today."

DirectTrust is also looking to standards development to enhance direct secure messaging capabilities. For instance, DirectTrust has created standards to differentiate direct messages across the network.

"Direct secure messaging is what we call payload agnostic," Stuewe explained. "Basically, anything you can put an email message, you can put in a direct message."

While this feature allows flexibility for various use cases, differentiating messages is important to route them to the right care team member, Stuewe said.  

In 2021, the American National Standards Institute (ANSI) approved a Direct standard for ADT notifications required under the CMS Interoperability and Patient Access Rule of 2020.

Through this standard, EHR vendors can standardize the payload for ADT notifications, allowing healthcare organizations to differentiate between those messages and other direct messages, such as referrals.

"Differentiating on the network is really important for us," said Stuewe. "We've been actively working on trying to improve that."

"It's education on the one hand, but also, can we make the standards tight and strict enough so that the thing just works when you plug it in, as opposed to needing to have an education effort to get people successful," he emphasized.

Another Direct standards effort has focused on closed-loop referrals for care coordination.

When primary care providers (PCPs) refer a patient to a specialty provider, they send along relevant health information to help the specialist manage the patient's needs. However, the PCP usually does not get information back from the specialist related to the patient, leaving the PCP to track their patient's treatment manually.

"There's work being done now around closed-loop referrals, where they basically manage some of that metadata to ensure that not only do I know what it is I'm getting, but I also have some information that I can pass back and forth to make sure that I'm talking about the same referral," Stuewe explained.

Several organizations have adopted the standard, known as 360X, including EHR vendors Epic, eClinicalWorks, and Netsmart.

Stuewe emphasized that while Direct has several high-value use cases, it is not the be-all and end-all standard for interoperability.

"In a toolkit, you pick the right tool for the right job," Stuewe noted. "If I want to screw in a screw, I pick up a screwdriver. If I want to hammer in a nail, I pick up a hammer. I don't always assume everything is a nail just because I have a hammer."

"In other words, we would not force direct secure messaging down pathways that don't make sense for direct secure messaging," he added.

For instance, since Direct is fundamentally push messaging, it is not the best-suited standard for query-based HIE, Stuewe noted. Query-based exchange gives healthcare providers the ability to find or request information on a patient from other providers, as defined by ONC.

However, certain use cases for Direct aren't going anywhere, according to Stuewe.

"From my point of view, the test for a new technology is that it needs to offer new capabilities," he said. "Why is it better to use FHIR for referrals than direct secure messaging? Well, it isn't. It doesn't provide any new capabilities. If you replace something you already have with something new, you're just increasing the cost of care."

As digital health transformation progresses, DirectTrust is taking strides to maximize the potential of Direct through education, refined standards, and use-case-specific enhancements.