Skip to main content
All CollectionsGetting Started
Why do I need to ID proof to use this Application?
Why do I need to ID proof to use this Application?

How ID verification creates a trusted network to safely share PHI

Kristy Koyle avatar
Written by Kristy Koyle
Updated over 3 years ago

To utilize a Direct Messaging network to exchange confidential patient information with other providers, participants on the network are required under HIPAA to confirm the validity and confidence of user identities within the organization. 

Consensus requires an IAL2 (Identity Assurance Level 2), as defined by the OMB (Federal Office of Management and Budget) and NIST (National Institute of Standards & Technology). Level 2 attestation requires the identity verification and validation of an individual approved to represent the entire healthcare organization. Identity proofing is required for activation of a Consensus instance and before any activity can be conducted within the application. We utilize Equifax® as our identity proofing vendor. For more information on Equifax, please visit www.equifax.com.

The following third-party resources (neutral) also demonstrate the HIPAA requirements for Level 3 Assertion/Identity Verification. This requirement is for the protection of ALL users of Direct messaging, as it requires any technology solution provider exchanging health information online to properly vet their end users.  Ultimately, identity proofing allows a nationwide "trust" to be established. 

Third-Party Resources 

HealthIT.gov provides resources regarding ID proofing for Direct messaging: 

Certificate Issuance and Assurance in Direct Messaging (page 6, Identity Proofing for Healthcare Providers) 

Did this answer your question?