The Electronic Healthcare Network Accreditation Commission (EHNAC) and Kantara Initiative (Kantara) recently agreed to partner up and collaborate on user-level registration authorities, organizational trust best practices and identity federation. This agreement will aim to pool together EHNAC and Kantara’s strengths and develop Direct secure messaging accreditation and trust best practices.
EHNAC is already affiliated with DirectTrust.org and the organizations’ work with the Direct Trusted Agent Accreditation Program (DTAAP) helped spark the relationship with Kantara, which specializes in identity assurance programs, trusted credential services and identity proofing. Additionally, DirectTrust.org (along with EHNAC) was recently awarded a cooperative agreement from the Office of the National Coordinator for Health Information Technology (ONC) for continued progress with the DTAAP accreditation program.
Since the DTAAP prgram emphasizes trusted information exchange and the Kantara concentrates on trusted credential services, the programs want to learn from each other and combine strengths, according to Lee Barrett, EHNAC executive director in an interview with HealthITSecurity.com. For Kantara and EHNAC, the memorandum of understanding (MoU) will drive planned “Tiger Team” development between the two organizations.
Kantara is specifically focused on individuals and securing information at that level vs. EHNAC, which is currently focused on entity authentication, validation and encryption from point-to-point or point-to-multipoint, etc. We will evaluate the synergies between the stakeholders – whether patients, consumers, enterprise and others– and develop a “holistic” view and approach to securing information exchange to protect for privacy, security and confidentiality, and compliance with HIPAA Omnibus and other appropriate healthcare reform legislation. We therefore intend to coordinate and solicit involvement from key stakeholders from each organization to participate and develop the set of recommendations and action items that we will then prioritize, approve and implement collaboratively.
Impact on Stage 2 Meaningful Use Direct requirements
The EHNAC and Kantara agreement also factors into Stage 2 Meaningful Use Direct requirements, as trust and accreditation are major points of contention for many organizations while they prepare for compliance, according to Barrett.
[Stage 2 Meaningful Use] is definitely a key driver, as Direct is very much an aspect of meaningful use compliance. ONC stressed the importance of accreditation and encrypting the messages with a secure messaging protocol such as the Direct trust bundle at a boot camp a few weeks ago because Stage 2 is more focused on clinical data exchange.
There’s a tremendous amount of support and interest. It’s very much a mandate from an ONC perspective to the industry to adopt Direct and be going through the accreditation model. Working with the Kantara Initiative adds to the patient side of [the evolution of the data exchange networks], whether it’s the patient, provider or consumer, and assures the stakeholders that the trust for data exchange is clearly in place.
Allan Foster, president of the Kantara Initiative Board of Trustees, said he hopes the relationship will help define how healthcare organizations and the industry get value from “mutual accreditation body recognition, which in turn aid trusted information sharing and identity systems toward broad scale deployment.”