AMA dr2dr Secure Messaging
WHAT IS SECURE MESSAGING?
Simply put, secure messaging (SM) is a system that
enables the exchange of information in a secure fashion
 It is a web-based, secure server
approach to protect sensitive
data that is sent beyond
corporate / clinic / office
borders in compliance with
industry regulations, such as
HIA, FOIP, PIPEDA, PIPA, etc.
2
WHY DO WE NEED SECURE MESSAGING?
Physicians are limited in their ability to electronically
communicate patient information with each other in a
secure fashion
 OIPC, CPSA and Alberta Health have expressed strong concerns
regarding insecure e-communication between providers via
facsimile and text messaging
 Need to address continuity of care gaps, including those
identified in the HQCA report of Dec 19, 2013
 Desire to facilitate new modes of coordinated care, enabled by
e-communication that is compliant with current privacy
legislation and standard of care expectations
3
ARE SECURE MESSAGING AND
SECURE E-MAIL THE SAME THING?
No, secure messaging is not the same as secure e-mail
Secure messaging has several important advantages:
• No data resides outside of the central server so there is no ability to hack
into the information during transport
• Confidential and authenticated exchanges can be started immediately.
There is no need to install special software or security access devices (e.g.
key fobs or fingerprint readers)
• It provides a high degree of ‘non-repudiation’, which is proof of the
integrity and origin of data as well as highly assured authentication of the
identity of the user
4
WHY IS THE AMA INVOLVED?
 Need for a simple tool for all physicians to use that
complies with required privacy / security practices
 Driven by motion passed at the Spring 2014
Representatives Forum confirming the value of the
AMA engaging in this venture
 Belief that a secure messaging system will deliver
unique value for physicians and their patients
 Alignment with AMA business plan goals:
• Physicians are supported by an integrated health
information system
• Physicians have solutions for secure exchange of
health information to support improved access and
quality of care
5
WHAT ARE THE GOALS OF
SECURE MESSAGING?
 To provide secure, seamless, timely
sharing of medical information
between health care providers
 To reduce wait times for access to
specialists and requests for
consultation
 To maximize the coordination of care
for Albertans
6
WHAT IS THE AMA’s
SECURE MESSAGING SOLUTION?
The AMA’s secure messaging solution builds on the dr2dr
application developed by Microquest (MQ)
• AMA is working in partnership with MQ to jointly guide
updates and improvements to the application to ensure the
initial product adds the most value to Alberta physicians
• The long-term plan is to include other providers (e.g.,
pharmacists, nurse practitioners) and ultimately patients in
the secure messaging system
7
WHY SHOULD I USE IT?
 Provides a material record of referral communications
 Improves collaboration between physicians and reduces
“off the record” patient care communication
Secure
Improved Workflow
 Facilitates management of opinions around the
coordination of patient care
Reduces Risk
 Provides a central, secure mode of electronic
communication for physicians and their staff for use in
their professional activities
Collaboration
 Eliminates the telephone tag and disrupted workflow
often associated with follow-up
Protects Privacy
 Protects the physician from privacy risks associated with
the exchange of patients’ private medical information
8
WHY ELSE SHOULD I USE IT?
 Provides the basis for a common directory of system-user physicians,
including their location, services provided, referral information and clinic
contacts
 No spam. The secure messaging system is designed to provide a single,
secure, “professional account” for physicians and staff
 Costs will be offset by the ability for referring and referred-to physicians to
submit the new e-consult fee codes
 Shrinks clinic overhead associated with managing faxing and faxing costs
New e-Codes Eliminates Faxing Teamwork
Coordinated Care No telephone tag
Useful Address Book No Spam Secure
9
HOW WILL IT BE USED?
Secure messaging can be used for many clinical
purposes, but there are three primary functions
1. Rapid exchange of clinical
information
2. Requesting clinical advice
quickly and efficiently
3. Facilitating electronic
consultation and referral
Without the hassle of using
fax machine or telephone
10
WHAT ABOUT PRIVACY AND SECURITY?
Protecting privacy and safeguarding clinical information is a cornerstone
of the AMA dr2dr system and one of its highest priorities
 Only the message generator and authorized receiver(s),
have access to the messages
 Audit details are available; all users and occasions of
use will be logged by date and time

System security will be verified through a third-party security audit

Physicians and other users will be authenticated during the
onboarding process

Logging into the application will require two-factor authentication
(verification code sent via Google Authenticator or SMS/text sent to
your cellphone or via email)
11
WHAT MAKES THE DATA SECURE?
Everything is centrally stored
• All contained within the dr2dr.ca website
• No data stored on outside devices (phones,
tablets, computers)
Connections use 256-bit SSL encryption
• Bank-level encryption for all “in transit” data
• Good enough for Top Secret-level US
Government classified documents
All data at rest is also encrypted
• Including all messages and attachments
12
HOW DOES THE AMA’s
SECURE MESSAGING SYSTEM WORK?
 Web-based, accessible from anywhere
 Supports all modern browsers
 Centrally hosted website for secure physician communications
 Secure conversations with referenced patient information
 Attachments may be added to conversations
 Online storage of all messages; no need for server backup
 Hosted and maintained system-user address book
 Record of conversation can be cut and pasted into patient’s EMR
or printed for paper records
 Configurable notifications for messages by e-mail, text or both
 Choose notification frequency: instant, daily or weekly summaries
13
DOES THE SYSTEM INTEGRATE WITH EMRs?
If you have a Healthquest EMR from Microquest, the solution
is integrated. If you have a different EMR, not at the moment.
 In the short-term, a straightforward
Application Program Interface (API) is
available to integrate with other EMRs,
subject to vendor agreement
 In the long-term, the AMA is working on
a standards-based strategy to
amalgamate secure messaging solutions
across the different vendors
14
WHAT IS THIS GOING TO COST?
 Subscription-based model
• Monthly or yearly subscription
• Charged to credit card
 All-inclusive, per-physician price
• $34.99 per month
(that’s less than a Globe and
Mail subscription)
 Includes
•
•
•
•
Unlimited staff accounts *
Unlimited messaging
Unlimited access
Unlimited upgrades
* For clinic or office staff employed by the physician
(excludes staff employed by a PCN, AHS, faculty of
medicine, etc.)
15
WHAT IS THE AMA’s TIMELINE FOR
IMPLEMENTING SECURE MESSAGING?
The timeline is as follows:
 Dec 2015 – Mar 2016 – Piloting and service development
 Apr 2016 – Jun 2016 – Limited roll-out (LR)
 Jul 2016 Onwards – Full roll-out
The AMA and Microquest are currently
looking at ways to compress the schedule
For more information: Vic Taylor or Michael McDermott @albertadoctors.org
or send an email to secure.messaging@albertadoctors.org
16