Due to the networks Kno2 connects with, including Direct Messaging, to exchange confidential patient information with other providers, participants on the network are required under HIPAA to confirm the validity and confidence of user identities within the organization.
Kno2 requires an IAL2 (Identity Assurance Level 2), as defined by the OMB (Federal Office of Management and Budget) and NIST (National Institute of Standards & Technology). Level 2 attestation requires the identity verification and validation of an individual approved to represent the entire healthcare organization. Identity proofing is required for activation of a Kno2 instance and before any activity can be conducted within the application. At Kno2, we utilize Equifax® as our identity proofing vendor. For more information on Equifax, please visit www.equifax.com.
The following third-party resources (neutral) also demonstrate the HIPAA requirements for Level 3 Assertion/Identity Verification. This requirement is for the protection of ALL users of Direct messaging, as it requires any technology solution provider exchanging health information online to properly vet their end users. Ultimately, identity proofing allows a nationwide "trust" to be established.
Third-Party Resources
HealthIT.gov provides resources regarding ID proofing for Direct messaging:
Certificate Issuance and Assurance in Direct Messaging (page 6, Identity Proofing for Healthcare Providers)
Direct Implementation Guidelines (Page 3, Item 6)