CAQH AND VERISIGN PILOT INDUSTRY SOLUTION FOR SECURE DATA EXCHANGE
Health Plans and Providers to Evolve Electronic Transactions Authentication
CAQH®, a non-profit alliance of health plans and trade associations working to simplify healthcare administration, is joining with VeriSign, Inc. (NASDAQ: VRSN) to conduct a pilot program demonstrating the secure authentication that is essential to the national agenda for health IT interoperability.
The six-month pilot will build upon the set of operating rules created by the CAQH Committee on Operating Rules for Information Exchange (CORE®). The CORE Phase II rules include the requirement to use digital certificates to access patient data. CORE will use the VeriSign® Public Key Infrastructure (PKI) to create a prototype community that identifies best practices and tests data encryption operating rules to safely transmit patient administrative information between providers, payers and healthcare vendors.
Pilot findings will be assessed to develop industry operating rules on vendor-agnostic approaches to:
- Conduct secure and authenticated transactions among payers, providers and patients
- Protect physician and patient identities
- Maximize transaction privacy and security
- Reduce the cost and complexity of secure data exchange
Pilot participants include Beth Israel Deaconess Medical Center as well as other provider and vendor members of the New England Healthcare Exchange Network (NEHEN). Participants also include nationally recognized CORE-certified health plans, such as Harvard Pilgrim Health Care. The pilot will also encompass PKI vendor-partners of the principal participating organizations.
“As a CORE-certified plan and founding member of NEHEN, Harvard Pilgrim has a long-standing, active interest in streamlining the exchange of information between health plans and providers,” said John Kelly, Director eBusiness Architecture at Harvard Pilgrim Health Care. “By leveraging the collaborative successes to date by payers and providers, this pilot program will be invaluable in demonstrating how to systematically incorporate authentication into healthcare in the most efficient and secure manner.”
The collaboration between CAQH and VeriSign will test a secure PKI tool to support health information exchanges, and the rapidly growing number of connections between healthcare stakeholders. A PKI platform binds public keys with specific user identities via a third party. VeriSign will issue digital certificates that can be authenticated through its and other PKI solutions.
The use of authenticated digital certificates is to ensure that patient administrative information is shared only between legitimate, authorized parties. The pilot will inform and accelerate operating rules on security and authentication within CORE, which is working with over 115 leading industry stakeholders to streamline electronic administrative transactions.
“Defining roles and responsibilities for standardized security and authentication processes is an essential component of data exchange, and further findings are needed to guide industry implementation,” said John D. Halamka, MD, MS, Chief Information Officer of Harvard Medical School, Chair of the U.S. Healthcare Information Technology Standards Panel (HITSP), and practicing emergency physician. “Adoption of these tools is an evolutionary process. The learnings from this CAQH pilot will add to the industry efforts to determine a phased, milestone-driven approach to create a system that works for all healthcare participants, particularly as we integrate clinical and administrative transactions.”
In the next few years, it is estimated that more than 700,000 physicians and more than 185 million consumers will go online to exchange sensitive health information. Providing the means to connect, locate and identify these parties, while maintaining the highest levels of privacy and security, will require a phased and milestone-driven approach that can be expanded nationwide.
“Creating a more efficient healthcare system is a strategic necessity for patients, providers and health plans. Securely exchanging both administrative and clinical data is vital to that effort,” said Jeff Barnett, director of healthcare solutions at VeriSign. “We look forward to working with the foundation that CAQH has established to develop a data exchange approach for healthcare that participants can apply industrywide.”