eClinicalWorks Blog Details

  • 3 January 2020
  • Blog

A Direct Path to Better Security


healthcare communications security

Securing Healthcare Communications

Each year brings remarkable advances in healthcare technology and therapeutics. And healthcare providers are quick to seize on those advances to make it easier for millions of Americans to get the healthcare services they want, while improving outcomes and lowering costs along the way.

Implementing all that technology on a daily basis means a constant exchange of information. Healthcare providers routinely use their computers, tablets, and smartphones to fire off emails — to family, friends, coworkers, and business associates. Usually, such communications are fairly secure. But many medical providers also continue to use a much older technology to transmit sensitive patient data — the fax machine.

Providers who still rely on fax machines may believe that — while slow and sometimes troublesome — the fax is more secure than email. In fact, faxes are highly vulnerable to security breaches.

In August 2018, Seema Verma, then the administrator of the Centers for Medicare & Medicaid Services, told the ONC Interoperability Forum in Washington, D.C. that healthcare providers remained in a 1990’s time warp.

“Medical staff are manually entering results into EHRs, and hospitals are handing out data on a CD-ROM while the rest of the economy is functioning on fully digitized, integrated data that informs decision-making instantaneously,” Verma said, in calling for an end to fax machine use in healthcare by 2020.



Providers who still rely on fax machines may believe that — while slow and sometimes troublesome — the fax is more secure than email. In fact, faxes are highly vulnerable to security breaches.


Making the HISP-HISP Connection

It’s 2021, and the fax machine is still very much alive in healthcare. But progress is being made.

Thousands of healthcare organizations nationwide now communicate with other providers and practices by routing their emails and communications between Health Internet Service Providers (HISP) using Direct Secure Messaging.

According to DirectTrust, the non-profit healthcare industry group that developed and deployed Direct Secure Messaging, use of the system continues to grow steadily. From 168 million transactions in 2017, the organization reports that there were 142 million messages sent in just the first quarter of 2020.

While the coronavirus pandemic disrupted many practices, with a resulting decline from 2019 to 2020, the figures suggest an estimated growth of 250% in overall transactions just three years. And, DirectTrust reports, the number of patients/consumers using DirectTrust’s secure messaging system was up 107% between 2019 to 2020 — to more than 5.4 million.

That growth is likely to continue, for two major reasons.

First, nearly all healthcare providers participate in reimbursement programs run by the Centers for Medicare & Medicaid Services (CMS), and federal healthcare regulations require that such providers use Electronic Health Record that is capable of sending Direct secure messages.

Second, as the industry continues to adjust to the realities of the COVID-19 pandemic and its aftermath — including more remote, telehealth visits and fewer in-office encounters — there is a growing need for fast and reliable transmission of data.

Why Direct Is More Secure

Unlike regular Instead of using an email service such as Google’s Gmail, healthcare providers using a HISP have Direct email addresses that follow a standard format.

Say Dr. Smith wants to send a patient’s immunization records and visit summaries to Dr. Jones. She simply uploads a message to her HISP, which in turn sends it to Dr. Jones’ HISP. Dr. Jones receives and reads the message.

Fortunately, providers don’t need to understand any of the technical details. With a Direct address and HISP-HISP connections in place, they can focus on patient care. And they can do so with confidence, secure in the knowledge that any communications they share with other providers are as secure as possible using current technologies.

Why Join the Network?

eClinicalWorks has been a leader in providing healthcare providers with secure means of sharing patient information. Back in 2012, we launched the Join the Network (JTN) venture, creating a nationwide network for secure, peer-to-peer communications among providers, regardless of which EHR vendor they were using.

Today, more than 1,690,000 eClinicalWorks providers nationwide are using JTN to securely and conveniently share patient records. blog-why-jtn-848x424

Over time, JTN has combined with Direct messaging and HISP-HISP connections to create an ever larger and more secure network for sharing healthcare data. eClinicalWorks providers have access to JTN built into their EHR. When a practice goes live with eClinicalWorks, provider can secure a Direct address and exchange data through HISP-HISP connections.

Key advantages include:

  • An open network to easily connect with and collaborate with other providers
  • Communication with non-eCW providers through HISP-HISP connections
  • A summary-of-care record for all transitions of care and referrals
  • The ability to electronically send transitions of care via Direct protocols
  • The ability to send summary-of-care records to colleagues using a different EHR vendor




Related Post