Brian Robinson reports in Government Health IT:
When sharing health information, government agencies must abide by rules established under the Health Insurance Portability and Accountability Act (HIPAA), which does not allow such information to be transmitted unprotected via public networks.
That seems like a simple rule, but schemes that provide secure sharing, such as public-key infrastructure and Pretty Good Privacy, are complex to create and maintain, and they require the use of trusted third parties to provide the necessary keys.
If the chain that includes those keys is lost, the whole process must be redone.
Even direct encryption can be complicated. All potential senders and recipients of the information must have special software on their computers.
Furthermore, direct encryption is good for one-to-one communication, but it doesn’t work well in the kinds of highly collaborative environments that exist at government agencies.
Officials in Virginia Beach, Va., faced those issues when they started exploring secure ways to exchange health information with their partners.
Their solution is the appropriately named Secure Messaging Application (SMA), which was developed in summer 2007.
Read more on Government Health IT