Connect Drives HIE Standards

The federal government's Connect initiative is a driving force behind the effort to create standards for health information exchanges. Connect was launched three years ago by 20 federal agencies to address their need to share health data among themselves, with other parts of government, and the private sector.

Connect now provides open source software that supports the exchange of healthcare data. It includes a core services gateway; enterprise service components such as tools for indexing patient identities, maintaining patient records, and implementing business rules; and a universal client framework that lets developers create an edge server and applications using the enterprise service components.

Connect provides the tools needed to plug into the Nationwide Health Information Network (NHIN), a framework the federal goverment is developing that provides standards, services, and policies to enable secure sharing of health data over the Internet. This lets HIEs and healthcare providers exchange data with agencies and other providers that comply with NHIN standards. Connect also can be used to build HIEs.

The software is available free. The intent is to set a standard everyone can follow, with the weight of the federal government behind it.

The latest release, Connect 3.1, came out in June. It provides a more flexible architecture than previous releases, to facilitate easier integration with diverse environments.

To address security concerns, Connect relies on federal standards and requirements, including Data Use and Reciprocal Support Agreement, a legal agreement for the exchange of health data on the NHIN. DURSA covers areas such as the reasons for requesting data, obligations to respond to requests, and future data use.

Connect relies on National Institute of Standards and Technology cryptography guidelines and standards and the Federal Information Security Management Act. Federal agencies must follow FISMA's framework for ensuring that systems manage information security at acceptable levels of risk.

Connect also uses security standards from the Organization for the Advancement of Structured Information Standards, a consortium that produces open source standards. Among the OASIS standards Connect uses is Web Services Security, which provides trusted Web services for SOAP messages. John Sankovich heads the Federal Healthcare IT practice at Truestone, an IT consultancy.