DirectTrust Acquires SAFE Identity
On Aug. 31, Washington, D.C.-based DirectTrust, a non-profit healthcare industry alliance that supports secure, identity-verified electronic exchanges of protected health information (PHI) between provider organizations and providers and patients, announced via a press release its acquisition of the assets of Reston, Va.-based SAFE Identity, including its Trust Framework.
According to the release, “The acquisition substantially extends DirectTrust’s capabilities and services and is expected to enable new and expanded interoperability use cases. SAFE Identity (SAFE) is an industry consortium and certification body supporting identity assurance and cryptography in healthcare.”
Further, “DirectTrust has created DirectTrust Identity, a new division, to house the SAFE Trust Framework. New and current members of both organizations will be able to rely on DirectTrust to manage policies and infrastructure supporting a community that issues secure and identity-assured credentials for electronic transactions in healthcare. SAFE Policy Management Authority (PMA) members will participate as members of DirectTrust Identity, which will operate the SAFE infrastructure used by multiple large pharmaceutical companies to securely interact with federal agencies (in accordance with 21 CFR Part 11) and business partners in the U.S. and globally.”
Scott Stuewe, president and CEO of DirectTrust, was quoted in the release saying that “SAFE Identity and DirectTrust are like-minded organizations with memberships that share common goals. Since our inception, DirectTrust has focused on instilling trust in electronic health communication with the goal of improving health for individuals and populations. Both the DirectTrust and SAFE Identity trust framework communities seek to enable safe and secure transactions through the use of identity-assured credentials backed by a public key infrastructure and consensus-based policies.”
“Further, the newly expanded DirectTrust ecosystem will extend the breadth of healthcare stakeholders it serves and enable additional capabilities, as well as exciting new use cases where the two groups of stakeholders connect,” Stuewe added. “For example, members will be able to interact with federal agencies for signing documents and authenticating to systems. Potential new use cases could include universally trusted healthcare credentials for consumers; identity assurance and security for the pharmaceutical supply chain (DSCSA), possibly all the way to clinical pharmacy; as well as medical device security and identification.”
The press release concludes that “DirectTrust, most recognized for Direct Secure Messaging and the Direct Standard™ it supports and promotes, came into existence with backing from the ONC as a public key infrastructure (PKI)-based trust framework to enable healthcare interoperability to scale. SAFE-BioPharma (predecessor to SAFE Identity) came into being when the FDA and pharmaceutical companies sought a secure and scalable mechanism to submit digitized reports to the agency. In response to a growing need for high assurance digital signatures, several large pharma companies established SAFE as a legal framework to facilitate trust and interoperability of digital identities with government bodies, including the FDA, DEA, and the European Medicines Agency. While SAFE Identity and DirectTrust have branched out to other missions since their beginnings, both credit their initial existence to collaborations with federal agencies, and retain important relationships and roles with the federal agencies.”