When do I need a Direct Secure Messaging account?
You need a Direct Secure Messaging account if you want to exchange electronic Protected Health Information (ePHI) to meet the HIPAA requirements for data exchange between providers, payers or any other HIPAA identified entity for purposes of treatment, payment or operations.
How do I get a Direct Secure Messaging account?
The authorized representative of your organization must complete the Participant Agreement and all associated documents (found at https://www.ak-ehealth.org/for-providers/join-our-providers/participation-agreements/) for all DSM users in your organization. Questions can be directed to the AeHN office at 866-966-9030, ext. 2.
How long does it take to get a Direct Secure Messaging account?
Alaska eHealth Network is committed to protecting and securing patient health data. In order to ensure that our participants are also meeting our high standards, a third party vendor is engaged to do background and authentication verification. The process can be completed as quickly as 48 hours or up to 2 weeks. If you have questions, please contact our help desk at email@example.com
Background Checks & the List of Excluded Individuals and Entities (LEIE)
As a best practice, you are encouraged to perform a background check on all employees (prospective and current) who may require access to electronic protected health information (EPHI). While the person may be qualified for the position, they may not be authorized to access EPHI.
The List of Excluded Individuals and Entities (LEIE) keeps track of those who are not authorized to access EPHI. These individuals have been convicted of: Medicare, Medicaid, or SCHIP fraud; patient abuse or misconduct; and/or felony convictions relating to unlawful manufacture, distribution, prescription, or dispensing of controlled substances. For more information about the LEIE, visit the Office of Inspector General.
Anyone who hires an individual or entity on the LEIE may be subject to civil monetary penalties (CMP). To see if a prospective or current employee is on the LEIE, visit http://exclusions.oig.hhs.gov – it’s free and takes only a matter of minutes to complete. AeHN advises using multiple vendors for background checks as well as your local state office.
How secure is Direct Secure Messaging?
The Direct Secure Messaging solution uses self-signed certificates for the trust and encryption of messages that conform to all of the requirements specified in the Applicability Statement for Secure Health Transport for Direct Messaging specifications. Messages cannot be sent outside of the Direct trusted environment. The content and route of the message are at the discretion of the sender. Once the message is received, the use of that message is at the discretion of the recipient.
Will Direct Secure Messaging work on a Mac?
Yes, DSM is independent of the hardware platform and runs in a browser window. However, on a Mac it can only run on Firefox.
Where can I find training materials for AeHN Direct Secure Messaging?
Training and user guides are available within the DSM software. Select Help next to your name in the upper right hand corner of your email screen.
Is there a limit on the size of my emails and Inbox?
Yes – The total size for a single message is 50 MB. This includes the message body and the attachment. There is no limit on the number of recipients for an email message.
Yes – The default inbox storage is limited to 10 GB.
Please contact firstname.lastname@example.org if you have any problems with file size.
Additional storage maybe purchased if needed. Please contact email@example.com.
Is there a retention period I’m able to view my deleted items?
Yes, the maximum number of days you are able to view items in the Trash folder is 30 days. After 30 days, the messages are automatically removed.
Can I send messages to my personal or work email account?
No, Direct Secure Messages can only be sent to valid Direct email addresses. However, you can send notifications to yourself when a new Direct Secure Message has been received. The default setting for mail delivery notification is sent to the email account you entered during the registration process.
Can I create a Contact Group?
Yes, a contact group enables you to maintain of list of email addresses in your Personal Address Book. For more information refer to the Knowledge Base by clicking the Help button next to your name.
What browser should I use to access the AeHN Direct Secure Messaging service?
The following browsers are supported: Internet Explorer (IE) 6 and higher or Firefox 10 ESR
Ask your organization DSM administrator for assistance with shared mailboxes
Why do I need to give you my home address and a notarized statement to use DSM?
ONC Implementation Guidelines on Direct Infrastructure & Security/Trust Measures for Interoperability states:
Specifically with respect to identity validation, RAs, CAs and any other entities performing RA functions should ensure that individuals and organizations are identity proofed at the medium assurance level (as specified in FBCA X.509 Certificate Policy for the Federal Bridge Certification Authority Dec. 9, 2011).
|Standard: TECHNICAL SAFEGUARDS||Sections||Implementation Specification||R/A?|
|Person or Entity Authentication||164.312(d)||R|
|HIPAA COMPLIANT SOLUTION|
|The Rule States: “Implement procedures to verify that a person or entity seeking access to electronic protected health information is the one claimed.”|