Trust Framework
Secure and trusted health information exchange is fueled by the Direct Standard™ and our robust national network
About Trust Frameworks
Trust Frameworks provide a common set of agreed upon standards for disparate entities to establish trust. Ensuring all organizations meet the same agreements and requirements allows for forgoing additional legal contracts or peer-to-peer agreements. This is often referred to as “scalable” trust, because each new connection between organizations and their users/clients grows the network of exchange participants at an exponential, rather than linear, rate.
DirectTrust’s Trust-In-Identity Belief
Our organization’s lifeblood is trust. As a non-profit that instills trust-in-identity, we enable secure health data exchange between millions of providers and provider organizations. The DirectTrust network, built with privacy and security in mind, starts by identity-proofing participants in health information exchange – even when those participants are patients.
A sender must have confidence that a receiver is known and trusted for secure health information exchange to occur. Our PKI framework ensures the security of encrypted messages – only the intended recipient can decrypt the message. As the market moves toward FHIR, trust-in-identity and security is still essential and DirectTrust is working to fill the trust gap in the new ecosystem.
As patients/consumers get access to apps that can connect to their healthcare data, a national fabric for identity is valuable. We’re eager to work with others in healthcare to use our knowledge to advance approaches that can work, scale, and enhance security and privacy, not undermine it.
Benefits of DirectTrust Trust Framework
Risk Mitigation
DirectTrust anchor certificates assert a “gold standard” of accreditation for privacy, security and trust-in-identity has been met by HISPs, CAs, and RAs included in DirectTrust bundles. DirectTrust bundles openly and transparently define a community of service providers who are trustworthy and can be relied up to meet and uphold a high level of security and identity controls.
Convenience and Cost Savings
DirectTrust takes the cost, worry, and hassle out of managing certificate additions, refreshes, and revocation for participating HISPs and CAs. Centralized and secure “one stop” access to current, up-to-date anchor certificates mitigates the time and cost HISPs would otherwise expend gathering each other’s certificates. Having these certificates available “on demand” at all times means that HISPs can update their trust certificate stores whenever it suits them and without depending on counterparties or their schedules.
Insurance Against Service Delays and Interruptions for Customers
Meticulous attention to detail in reviewing trust anchor certificates will avoid “downstream” errors, delays, and interruptions in Direct exchange between HISPs’ and their subscribers.
Network Benefits
DirectTrust anchor certificate bundles define a “network of networks” over which Direct Secure Messages can flow without impediment or barriers. HISPs that display the DirectTrust Accredited HISP mark and have been accepted into a DirectTrust anchor bundle don’t have to worry about additional one-off connections or contracts to establish interoperability.