Secure Messaging

Reliable, secure provider-to-provider communication is a key component of digitally enabled integrated and coordinated care across the Australian health sector. Secure messaging is a core foundational capability required to enable interoperability and safe, seamless, secure, and confidential information sharing across all healthcare providers and consumers.

While there are significant pockets of secure messaging in use, for example, supporting pathology communications and discharge summaries from certain hospitals, there continues to be the lack of a consistent approach to secure messaging and information exchange across Australian healthcare. This has led to significant challenges across the sector.

What is Secure Message Delivery?

Secure Message Delivery (SMD) is a set of specifications that was developed collaboratively by the digital health community including NEHTA (which transitioned to the Australian Digital Health Agency from 1 July 2016), Standards Australia, desktop software vendors and secure messaging service providers. This set of specifications defines an approach to digital health communication using widely supported IT industry standards.

The SMD specifications support the secure delivery of messages containing clinical documents and/or other information between healthcare organisations, either directly or through one or more messaging service providers. A typical example is shown in the diagram below.

Historically, only healthcare organisations using the same secure messaging provider have been able to exchange messages securely. While a number of secure messaging providers have connected their networks and are interoperable, interconnectivity still remains a problem today. You can check the register of SMD-compliant products here, or your messaging service provider can advise you of progress.

In addition to having a secure messaging connection, sending and receiving clinical systems need to be conformant to message format standards. The Agency has defined Clinical Document Architecture (CDA™) standards for eReferrals, specialist letters and discharge summaries. This allows the exchange of these document types using secure messaging.

If your clinical system product does not support SMD-based secure messaging and CDA document formats, check with your supplier for their plans to support these initiatives.

The benefits of Secure Message Delivery to providers may include:

  • Secure exchange of clinical information and documents such as eReferrals and discharge summaries, preventing unauthorised interception of the message content.
  • Reduced use of paper correspondence – less time chasing clinical information and investigations, resending or chasing referrals, scanning, printing, filing and posting.
  • Confidential patient correspondence only seen by treating clinicians (no scanning necessary).
  • System notification of successful message delivery, so that sending organisations know that a message has been received and decrypted by the intended receiving organisation.
  • Potential to improve the timeliness of receipt of clinical information, and therefore the quality of care provided.
  • Over time, as software developers enhance their digital health functionality, patient data contained in CDA documents, such as pathology results, will be able to be imported directly into the relevant fields in your patient's record. This will help consolidate the information in your clinical software rather than you needing to click into separate tabs to find scans and reports.

Secure Messaging Program

The Agency's Secure Messaging Program aims to work collaboratively with industry and suppliers of secure messaging solutions and clinical software to reduce existing barriers to adoption and provide implementable solutions. Several key areas have been identified as barriers for implementation and form the core of the immediate technical work program:

  • Simplifying the message structure and standardising content formats;
  • Assessing the use of commercial security certificates;
  • Improving consistency of message acknowledgments;
  • Assessing the use of proprietary provider identifiers; and
  • Improving access to reliable provider address information.

The Agency has established a Technical Working Group, with members from industry, to co-design solutions going forward. In addition, proof of concept projects are being established to validate solution approaches and capability. These initial implementation projects are underpinned by scenarios that cover:

  • Discharge summaries from hospital to general practitioners or other providers;
  • Referrals from general practitioners to specialists and/or allied health; and
  • Reports from allied health to general practitioners, specialists or other providers.

Early proof of concept projects completed in late 2018, comprising secure messaging suppliers and clinical information system developers, focused on developing standardised payloads and a FHIR©-based API supporting the federated look up of healthcare provider details when addressing electronic communications.

On the success of the proof of concept projects, early in 2019, the Agency announced a Secure Messaging Industry offer to accelerate clinical software adoption of developed specifications. The successful developers will deliver enhanced secure messaging capability, including the FHIR© Provider Directory and standardised payloads into their systems by May 2020. The developers that have completed the Secure Messaging Industry offer to date can be found here.

Building on the outcomes of the proof of concept projects in 2018, the Agency is undertaking a further proof of concept. The objective is to enable healthcare and related organisations to maintain an authoritative version of their service offering(s) and practitioner details in external services such as: secure messaging provider directories, clinical pathway directories, referral directories, the National Health Service Directory (NHSD) and other health services directories. This will improve the consistency and accuracy of the information held within these directories as well as providing common identifiers for matching and linking.

In parallel with early co-development and implementation activity, the program is also developing a secure messaging strategy and roadmap to support the needs of Australia’s healthcare system going forward.

The program is led by Bettina McMahon, Chief Operating Officer at the Agency, who is responsible for driving industry adoption and usability of digital health. A key clinical sponsor is Dr Nathan Pinskier, GP in Melbourne and immediate past Chair of the RACGP Expert Committee eHealth & Practice Systems. Dr Pinskier was recognised for his work and awarded the annual Jon Hilton award for excellence in primary care informatics at the HIC conference in Melbourne in August his year.

Please send your questions, comments, suggestions and ideas about secure messaging issues or this program to the Secure Messaging Program Manager, [email protected].

Additional Resources and Fact Sheets

Additional secure messaging delivery resources and fact sheets for allied health providers, general practitioners, practice managers and specialist users can be accessed through the links below.