Original suite of three Registration Authority Programs will now offer two program options; Industry feedback desired during 60-day public review period through August 21


WASHINGTON, DC – June 27, 2023 – DirectTrust™, a non-profit healthcare industry alliance focused on furthering trust in healthcare data exchange through standards, accreditation, and other services, today announced a 60-day public comment and review period of the draft criteria for its updated suite of Registration Authority accreditation programs.

Following the initial 60-day public review and comment period of three Registration Authority programs, the Criteria Council and Commission approved combining two of the programs into a single Registration Authority Accreditation Program with two available criteria paths. Moving forward, RA – For CA (for those Registration Authorities that support Certificate Authorities) V1 will be merged with the RA – For IdP (for those Registration Authorities that support Identity Providers) accreditation criteria into a single Registration Authority Accreditation Program, but RA – For CA and RA – For IdP will remain separate criteria paths. Candidates will be asked to specify which services they offer when enrolling in the program to ensure the appropriate criteria paths are applied for their accreditation.

“During the initial public comment period, which ended in late April, DirectTrust received valuable feedback from industry stakeholders which included thoughtful recommendations to merge what was previously offered as two sperate Registration Authority accreditation programs,” said Scott Stuewe, DirectTrust President and CEO. “This newly combined Registration Authority program demonstrates our commitment to collaborating with our industry to develop programs that directly align with TEFCA as we help facilitate the acceleration of interoperability across healthcare.”

The Registration Authority (RA) Federal PKI will remain as the separate and second Registration Authority accreditation program. No additional comments are sought for the RA – Federal PKI program at this time.

DirectTrust’s accreditation and certification programs are governed by the organization’s Electronic Healthcare Network Accreditation Commission (EHNAC). The DirectTrust criteria for each of its accreditation programs sets the foundational requirements for assessing an organization’s ability to meet/align with federal and state healthcare reform mandates such as HIPAA/HITECH, 21st Century Cures Act, TEFCA and other mandates and best practices like NIST SP 800-63, for healthcare organizations focusing on the areas of trust, privacy, security, cybersecurity, breach handling, confidentiality, best practices, procedures, and assets.

During the 60-day public review period, all interested stakeholders are encouraged to provide DirectTrust with opinions, comments and suggestions that will prove helpful in determining the necessity, appropriateness and workability of the criteria versions proposed for adoption after being reviewed and approved by the Commission.

Visit www.EHNAC.org for more details or visit the Commission’s criteria page to review the latest criteria and submit feedback during this comment period.

About DirectTrust
DirectTrust™ is a non-profit, vendor-neutral alliance dedicated to instilling trust in the exchange of health data. The organization serves as a forum for a consensus-driven community focused on health communication, an American National Standards Institute (ANSI) standards development organization, an accreditation and certification body through EHNAC (the Electronic Healthcare Network Accreditation Commission), and a developer of trust frameworks and supportive services for secure information exchange like Direct Secure Messaging and trusted, compliant document submission.

The goal of DirectTrust is to develop, promote, and, as necessary, help enforce the rules and best practices necessary to maintain privacy, security, and trust for stakeholders across and beyond healthcare. In addition, DirectTrust is committed to fostering widespread public confidence in the interoperable exchange of health information while promoting quality service, innovation, cooperation, and open competition in healthcare. To learn more, visit: DirectTrust.org.