To Bob and Travis,
Ummm.. You guys do not get it.
The United States Government started the Internet by bringing up a core
network and then giving access to that core to academia and industry.
Eventually this morphed into the Internet. This was the transition from the
Arpanet -> Internet.
Based on that model, the Us Govt is starting a core health information
exchange network called the NHIN, or National Health Information Network. As
before they will allow private citizens to connect to this core network. The
data of every veteran treated in the VA, (which is the largest single health
data system in the United States) will be available from the NHIN. This will
incent others to hook up and begin exchanging health information.
Obviously, this new network will simply be a secured network running over
the regular Internet.
What makes this a "new" network is that it will run on two different
protocols, one is IHE is an is too complex to even get into here, the other
is a secure SMTP standard developed with the NHIN Direct project. The -only-
parts of the NHIN Exchange (the running network) Will either be the NHIN
CONNECT (an open source implementation of IHE) compatible IHE -or- a secure
SMTP configuration compatible with two open source prototypes that the NHIN
Direct project (where I am a contributor).
ARRA, the massive stimulus fund to encourage EHR adoption eventually
requires that doctors exhchange information and only via the SMTP in NHIN
Direct or the IHE in NHIN CONNECT.
In a few years, most doctors and thousands of other healthcare workers in
the United States will be using the secure emails. From the perspective of
ONC, this is the official replacement of the fax machine.
So it is not a question of "if you can use the SMTP system in a HIPPA
compliant way?" the only question will be "Is Djigzo a NHIN Direct
compatible Secure SMTP implementation?" if it is then I would expect that it
would be a very popular product. I am willing to help make it that way, but
I do not want to waste my time... which is why I am so pleased by what
Martjin is saying....
On Fri, Jul 30, 2010 at 12:41 PM, Bob Radvanovsky <rsradvan(a)unixworks.net>wrote;wrote:
We are already utilizing this to send encrypted
messages for sensitive
information to federal government facilities. It works, and complies with
federal FISMA regulations, which works with us and our clients in
As we also perform work for a client within the Healthcare sector, I
checked with their information security department, and the verbiage states
"reasonable security measures be taken" under the provisioning of HIPAA.
Essentially, you *could* utilize this program for ePHI file/data transfers,
but I would *not* recommend it, due to the legal implications of ePHI being
leaked or intercepted during transmission.
Just my thoughts...
Bob Radvanovsky, CIFI, CISM, REM, CIPS
Infracritical, Inc. - "Your Infrastructure, Their Future"
rsradvan(a)unixworks.net | rsradvan(a)infracritical.com |
(630) 673-7740 | (412) 774-0373 (facsimile)
----- Original Message -----
From: "Masonis, Travis M" [mailto:email@example.com]
Subject: Re: [Djigzo users] Regarding NHIN Direct
This subject is relevant to my interests and uses
for the product also.
I think there is enormous potential for this product in the healthcare
CCNA, CCDA, MCSE, CEH, Security+
Director, IT Infrastructure
Noyes Memorial Hospital
Users mailing list