Thursday, December 19, 2013

HealthVault - Psst, it's free!

If you are a patient desiring to keep track of your of health care electronically, Microsoft HealthVault is there to help. Once you sign up for free, HealthVault will give you a Direct Exchange address. You can give this address to your providers and, if they are Direct enabled, they will be able to send you results electronically to your HealthVault account.  By the way, you can sign in to Microsoft HealthVault with your FaceBook account. 

Here is an example of a letter HealthVault offers you to give to your doctor:

Microsoft HealthVault
Patient Name: Your Name
Direct address:

Please send my medical information from your medical records system directly to my personal HealthVault record using the Direct address listed above. I’m taking an active role in my health and wellness by keeping a personal health record in HealthVault. By sending my medical information directly to HealthVault, you can help me manage the information about my health care. Thank you. 

More information If you are using an electronic health record (EHR) system that is certified for Meaningful Use Stage 2, then your software may be able to generate a CCDA and send it to me using the Direct protocol. (As you may know, Direct is a security-enhanced health messaging protocol designed to help protect health information when it is sent from one computer system to another). Your EHR software vendor should be able to provide instructions.

If you can’t yet send information via Direct, can you give electronic records another way, such as a disc? (My plug: or suggest the provider contacts Infomedtrix for a provider Direct account) HealthVault accepts structured information in CCDA, CCD, CCR, and BlueButton formats, as well as information in unstructured files as images, PDFs, and text. You can find more information about HealthVault and how it supports Meaningful Use Stage 2 at

Sunday, November 10, 2013

Infomedtrix Achieves Accreditation

Direct Trusted Agent accreditation ensures adherence to data processing standards and compliance with security infrastructure, integrity and trusted identity requirements 

Chattanooga, TN – Nov 5, 2013 – Infomedtrix LLC announced today it has achieved full accreditation with the Direct Trusted Agent Accreditation Program (DTAAP) for HISP, CA or RA from and the Electronic Healthcare Network Accreditation Commission (EHNAC). Direct Trusted Agent accreditation recognizes excellence in health data processing and transactions, and ensures compliance with industry-established standards, HIPAA regulations and the Direct Project.

Through the consultative review process, EHNAC evaluated Infomedtrix LLC in areas of privacy, security and confidentiality; technical performance; business practices and organizational resources as it relates to Directed exchange participants. In addition, EHNAC reviewed the organization’s process of managing and transferring protected health information and determined that the organization meets or exceeds all EHNAC criteria and industry standards. Through completion of the rigorous accreditation process, the organization demonstrates to its constituents, adherence to strict standards and participation in the comprehensive, objective evaluation of its business.

“Endorsed by the Office of the National Coordinator for Health Information Technology (ONC), the Direct Trusted Agent Accreditation Program ensures that organizations like Infomedtrix LLC establish and uphold a superior level of trust for their stakeholders,” says Lee Barrett, executive director of EHNAC. “The need in the marketplace for guidance and accountability in health information exchange is undeniable, and we applaud Infomedtrix’ commitment to the highest standards in privacy, security and confidentiality.

About is a non-profit, competitively neutral, self-regulatory entity created by and for participants in the Direct community, including HISPs, CAs and RAs, doctors, patients, and vendors, and supports both provider-to-provider as well as patient-to-provider Direct exchange. The goal of is to develop, promote and, as necessary, help enforce the rules and best practices necessary to maintain security and trust within the Direct community, consistent with the HITECH Act and the governance rules for the NwHIN established by ONC. is committed to fostering widespread public confidence in the Direct exchange of health information. To learn more, visit

The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include electronic health networks, payers, financial services firms, health information exchanges, medical billers, outsourced services, e-prescribing solution providers and direct trusted agents. 
EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare. To learn more, visit or contact Connect with EHNAC on Twitter, YouTube, LinkedIn and Facebook.

Sunday, September 29, 2013

When to automate manual tasks

Today I was trying to automate some of the manual tasks involved in keeping our infrastructure running smoothly.  Whenever I do this, it means writing programs, scripts, macros, etc, so I can speed things up.  However, the automation process takes effort.  

So, when does automation save you time?  This table I found here  offers a good indication:

Tuesday, September 17, 2013

Our friends: Bob and Alice

Our BeDirect secure messaging sytem uses various encryption systems. Some of them are asymmetric and based on the Rivest-Shamir-Adleman algorithm also known as RSA. 

Today I ran across this lecture on RSA and really enjoyed it. It is given in English by a German professor at Ruhr University in Bochum. 

Bob & Alice? They are the characters employed in the majority of cryptography demonstrations. They come to the professor's rescue as well :-).


Thursday, September 12, 2013

HIPAA Omnibus - Sep 23, 2013

On September 23 2013, HIPAA Omnibus becomes enforceable.  The practices we have helped get ready for this deadline have found the requirements pretty straight forward.  Here are the main areas addressed by the new rule:

- Revisions to the Notice of Privacy Practices
- Revisions to the Business Associate Agreements
- Prohibitions on sale of protected health information
- The right to restrict disclosures to a health plan when services are paid for out-of-pocket
- The new breach risk assessment provisions
- Patients' ability to request a copy of their electronic medical record in electronic format

The Office for Civil Rights (OCR) has published a YouTube video summarizing the requirements for HIPAA Omnibus rule.

Friday, January 4, 2013

Participating in an HHS solicitation for NwHIN Direct HISP

In September 2012,  the Centers for Disease Control and Prevention (CDC) published solicitation 2012-Q-49852.   This was a requirement for Health Information Service Provider (HISP) Services and implementation of the Nationwide Health Information Network (NwHIN) Direct Transport Protocol for the National Healthcare Safety Network (NHSN).   

We decided to bid for the design of this HISP.  The HISP we proposed was designed to allow CDC/NHSN to communicate with around 400 hospitals around the country using the Direct protocol.

We worked hard putting the proposal together for this solicitation.   We felt that the experience we had gathered running large messaging systems and deploying BeDirect, a HISP based on NwHIN Direct specifications, would help in the successful implementation of HISP services for NHSN.

There were more than 18 interested entities that applied for this HHS award.

Although we did not win the award, it was encouraging to know that the highest score was 98 and ours was 91 … or as the CDC contract coordinator put it , we were "the 3rd highest" in the nation. 

This experience was very positive and it allowed us to sharpen our design for our current HISP.  

Year 2012 in review

This is how 2012 went for us:

- Finished a large EHR implementation at a cardiology practice.  We chose eClinicalWorks and went live with the clinical and billing part in August.  We deployed several interfaces: a hospital interface with Parkridge Hospital, and equipment interfaces with CardiacScience devices.

- Helped six providers attest for using their EHR meaningfully (

- Launched -  BeDirect (  the first NwHIN Direct HISP in Chattanooga and for that matter in the South East Tennessee.  

- Participated in several Direct Connect-a-thons (

2012 was a very busy year with very little time to write :-).