DirectTrust Initiative to Develop Industry-First Standard for Trusted Instant Messaging

Goal of Trusted Instant Messaging+ (TIM+) is to enable secure real-time electronic transmission of healthcare information

DirectTrust (@DirectTrustorg) announced the development of Trusted Instant Messaging+ (TIM+), the industry-first standard to enable real-time communication of health information that incorporates trust network concepts to ensure secure transmissions between known, trusted entities within and across enterprises. DirectTrust is a non-profit healthcare industry alliance created to advance the electronic sharing of protected health information (PHI) between provider organizations, and between providers and patients, for the purpose of improved transitions of care, care efficiency and coordination, patient satisfaction and reducing healthcare cost.

“While unsecured messaging may occur via text message, iMessage, products like Slack and others, there currently is no standard for secure instant messaging in healthcare, especially between disparate systems. Furthermore, use of unsecured messaging poses great risk that HIPAA and other privacy regulations may be violated,” stated Scott Stuewe, DirectTrust President and CEO.

“The goal of the TIM+ standard is to create a secure and protected instant messaging standard for providers to communicate with each other, as well as with patients and other care team members. This is critical to eliminating the risk of violating HIPAA and other privacy regulations, and for the storing and sharing of protected health information,” Stuewe continued.

The benefits of the TIM+ standard include, but are not limited to:

  • Integrated Workflow: The TIM+ standard will bridge the communication gap between technology providers while keeping all participants within their native workflows and technology provider choices to maximize efficiency.
  • Cross Enterprise and Technology Communication: TIM+ users will be able to communicate both within a given enterprise messaging implementation and across multiple technology providers using a common standard.
  • Common Security and Trust Framework

The TIM+ standard implements the following high-level function capabilities:

  • Determines the availability or presence of trusted endpoints, with near real-time changes in availability status and endpoint authorization control of viewing status
  • Supports text-based communication, including one-on-one messaging, group or “room”-based messaging, and feedback notification of message status
  • Supports file transfers

“Instant communication and collaboration tools are becoming essential equipment in today’s modern healthcare setting. Frequently, the continuum of care crosses multiple institutions and organizations, where communication is hobbled by technical, security, privacy, and policy constraints. The TIM+ initiative aims to create a standards-based secure and trusted instant communication network that can easily grow dynamically and at scale, both within and across organizational boundaries, and can overcome the security and privacy challenges of today’s digital healthcare environment,” said Greg Meyer, Director and Distinguished Engineer at Cerner Corporation, a provider of health information technology solutions and DirectTrust Member.

DirectTrust also issued a “call for participation” for the TIM+ Consensus Body, a group of industry stakeholders that will help finalize development of the TIM+ standard, finalize policies regarding TIM+ use, and assist with its ongoing maintenance. Participation in DirectTrust Standards initiatives is open to any person or company that has a direct and material interest within the respective scope of the work of standards development. DirectTrust membership includes eligibility for participation in DirectTrust Standards activities. Non-members interested in participation can visit DirectTrust to complete an application.

TIM+ is the second initiative of DirectTrust Standards, a division of DirectTrust. DirectTrust received accreditation from the American National Standards Institute (ANSI) in March 2019. DirectTrust Standard’s goal is to develop standards and specifications that enable and enhance healthcare interoperability and identity. See more information about DirectTrust Standards through selection of the Standards menu.

About DirectTrust
DirectTrust is a non-profit, vendor-neutral alliance initially created by and for participants in the Direct community, including Health Information Service Providers (HISPs), Certificate Authorities (CAs), Registration Authorities (RAs), doctors, consumers/patients, and vendors. DirectTrust serves as a forum, governance, and accreditation body for persons and entities engaged in exchange utilizing the Direct Standard™, supported by DirectTrust’s robust security and trust framework. The goal of DirectTrust is to develop, promote, and, as necessary, help enforce the rules and best practices necessary to maintain security and trust within the Direct Secure Messaging community. DirectTrust is committed to fostering widespread public confidence in the interoperable exchange of health information.