An Interactive Guide to Direct Secure Messaging (DSM) & the XDM Profile
Welcome! This guide is designed to clarify a common point of confusion in health IT: the difference between Direct Secure Messaging (DSM) and the XDM profile. Your question about "controlling the XDM profile dsm transport method" highlights a key misunderstanding. They aren't different transport methods at all.
π
Think of DSM as the **armored truck**. It's the secure **transport method** responsible for getting a package from point A to point B safely. It doesn't care what's inside the package.
π¦
Think of XDM as the **standardized box** the contents are packed in. It's a specific **packaging format**βa `.zip` file with a defined structure. Some recipients require this specific box.
The Core Takeaway:
You don't choose an "XDM transport method." You choose what to **put inside** the secure DSM transport. Your application needs to decide whether to send a raw file or a file packaged in an XDM `.zip` bundle, based on your trading partner's requirements. Let's explore how this works.
Direct Secure Messaging is a national standard for securely exchanging health information. It's like a specialized, highly secure email system built only for healthcare. It provides the "pipe" or "envelope" for your data, but it's fundamentally content-agnosticβit can securely carry almost any file type. Its security is built on three key pillars.
π₯
Sender
π’
Recipient
Hover over the icons to learn about the security features.
The "control" you're looking for lies in how you package the clinical document before attaching it to a Direct message. Your trading partners (TDSOs) might require one of two common formats. Both are sent using the exact same DSM transport.
π
summary_of_care.xml
A single clinical document (like a C-CDA) is attached directly to the Direct message. The receiving system must be able to process this standalone file.
π¦
clinical_documents.zip
/IHE_XDM/SUBSET01/
π DOC01.XML
/README.TXT
/INDEX.HTM
The same clinical document is placed inside a `.zip` file that follows a specific directory structure defined by the IHE XDM profile. Click the bundle above to see its structure.
The HealthBus platform acts as your HISP, handling the secure DSM transport. The API is content-agnostic; it will send whatever file you provide. Therefore, the "control" is handled within your application's code *before* you call the API. You must determine the recipient's requirement and prepare the attachment accordingly.
Select the payload type your trading partner requires. Notice how the attachment changes, but the API endpoint remains the same.
Effective interoperability is a combination of technology and process. Here are some strategic recommendations and links to help you succeed.
The most robust solution is to maintain a simple database or configuration file that lists your trading partners and their specific payload requirements (e.g., `TDSO_A: 'XDM'`, `TDSO_B: 'XML'`). Your application can then use this directory to dynamically generate the correct attachment format for each recipient, ensuring successful data exchange every time.
Our platform offers advanced transaction reporting and a powerful rules engine. As your needs evolve, you can configure rules to automatically handle transformations and routing based on message content, reducing the need for custom code changes.