Confidentiality, Privacy and Security

ICYMI: DirectTrust Announced Draft of Industry-First Trusted Instant Messaging Standard

  • 1.  ICYMI: DirectTrust Announced Draft of Industry-First Trusted Instant Messaging Standard

    Posted 08-19-2020 23:34
      |   view attached
    ICYMI:  DirectTrust appears to be trying to implement a HIPAA-compliant text standard for the industry, called Trusted Instant Messaging+ (TIM+); the draft for which is now available for testing (more information and link below -- information from DirectTrust).  Wanted to share for those who might not have seen!
    DirectTrust Logo 2020.jpg

    DirectTrust Announces Draft of Industry-First Trusted Instant Messaging Standard Now Available for Testing

    Consensus Body for TIM+ standard to host Connectathon to garner input on implementations, workflows, and interoperability

    Source: DirectTrust

    July 30, 2020 DirectTrust today announced the draft of its Trusted Instant Messaging+ (TIM+) standard is now available for testing. TIM+ is the industry-first standard to enable real-time healthcare communication that incorporates trust network concepts to ensure secure transmissions between known, trusted entities within and across enterprises. DirectTrust is a non-profit healthcare industry alliance created to support secure, identity-verified electronic exchanges of protected health information (PHI) between provider organizations, and between providers and patients, for the purpose of improved coordination of care.

    The benefits of the TIM+ standard include, but are not limited to:

    • Integrated Workflow: The TIM+ standard will bridge the communication gap between technology providers while keeping all participants within their native workflows and technology provider choices to maximize efficiency.
    • Cross Enterprise and Technology Communication: TIM+ users will be able to communicate both within a given enterprise messaging implementation and across multiple technology providers using a common standard.
    • Common Security and Trust Framework

    The TIM+ standard has implemented the following high-level functional capabilities thus far:

    • Determines the availability or presence of trusted endpoints, with near real-time changes in availability status and endpoint authorization control of viewing status
    • Supports text-based communication, including one-on-one messaging, group or "room"-based messaging and feedback notification of message status
    • Supports file transfers
    • Lays the groundwork for audio and video communication in further releases

    To access the draft TIM+ standard for testing, click here. (
    (Draft Standards are not approved standards under the DirectTrust Standards Operating Procedures. This draft is being published for the sole purpose of allowing for testing and initial feedback from companies who wish to test the technical requirements listed in the DRAFT STANDARD.)

    DirectTrust will host a Connectathon for TIM+ on November 11, 2020. The Connectathon will provide participants with the opportunity to share feedback on the draft Applicability Statement, test reference implementations, suggest use cases and workflows, and provide input regarding policy. To register and learn more, visit

    TIM+ is the second initiative of DirectTrust Standards, a division of DirectTrust.  Participation in DirectTrust Standards initiatives is open to any person or company that has a direct and material interest within the respective scope of the work of standards development. DirectTrust membership includes eligibility for participation in DirectTrust Standards activities. Non-members interested in participation can visit to complete an application.

    About DirectTrust
    DirectTrust™ is a non-profit, vendor-neutral alliance initially created by and for participants in the Direct community, including Health Information Service Providers (HISPs), Certificate Authorities (CAs), Registration Authorities (RAs), healthcare providers, consumers/patients, and Health IT vendors. DirectTrust serves as a governance forum, trust community, standards organization, and accreditation body for persons and entities engaged in exchange utilizing the Direct Standard™, supported by DirectTrust's robust security and trust framework. The goal of DirectTrust is to develop, promote, and, as necessary, help enforce the rules and best practices necessary to maintain security and trust within the Direct Secure Messaging community. DirectTrust is committed to fostering widespread public confidence in the interoperable exchange of health information. To learn more, visit

    A. Andrews Dean, CPHIMS, CHPS, CHDA, CPHI, CPPM, CPC
    AHIMA-Approved Data Analytics Trainer / AHIP PAHM & PHIAS
    Health IT Regulatory Affairs & Healthcare Compliance Consultant