Who is DirectTrust?
A pioneer in offering technical trust and confidence in the secure exchange of health information, DirectTrust is committed to advancing trust in health data exchange. As a non-profit trade alliance, DirectTrust operates not only as a membership organization and community convener, but also as an ANSI-accredited standards body, an accreditor for numerous healthcare policies, frameworks, and programs, and a provider of trust services like Trust Frameworks, Directories, and more.
Our Goal
The goal of DirectTrust is to develop, promote, and, as necessary, help enforce the rules and best practices necessary to maintain privacy, security, and trust for stakeholders across and beyond healthcare. In addition, DirectTrust is committed to fostering widespread public confidence in the interoperable exchange of health information while promoting quality service, innovation, cooperation, and open competition in healthcare.
Our Vision
A community confidently exchanging and using digital health information in a secure and trusted manner for the betterment of health and care.
Our Four Focus Areas
DirectTrust™ is a 501c(6) non-profit, vendor-neutral alliance dedicated to instilling trust in the exchange of health data through four primary focus areas. First, the organization serves as a forum for a consensus-driven community focused on health communication. Second, as an American National Standards Institute (ANSI) standards development organization, DirectTrust develops Standards that support trust in healthcare. Third, DirectTrust operates an accreditation and certification body through EHNAC (the Electronic Healthcare Network Accreditation Commission). Finally, DirectTrust offers trust services like trust frameworks and supportive services such as certificate issuance and directories for secure information exchange like Direct Secure Messaging and trusted, compliant document submission.
History
DirectTrust was born out of The Direct Project, which began in 2010 as a grass-roots public/private partnership focused on creating a simple and low-cost mechanism for healthcare interoperability. The goal was to enable both secure health data exchange and reliable communication among EHRs and other systems. This effort resulted in the Direct Standard® for exchange, which was included in the government incentive program referred to as “Meaningful Use”.
As a result of the development and early deployment activities of the Direct Standard® in 2011, consensus developed that an organization would be required to establish and grow a “trust community” which could establish “Rules of the Road” for the new technology to scale. By the end of 2011, the first meeting of DirectTrust was held with the mission of providing policy and governance for the new trust framework. In April of 2012 the organization was incorporated as a trade association with the goal of developing, promoting and as necessary, enforcing the rules and practices needed to maintain security and promote confidence in a federated, national scale exchange community.
In 2013 and 2014 DirectTrust received support through an ONC Cooperative Agreement to advance the work of the trust framework. As a part of Stage 2 Meaningful Use and the ONC Certification Program, every certified EHR system incorporated Direct Secure Messaging into their products.
In 2019, we reached the landmark milestone of one billion messages exchanged , because of the technical investments made by the healthcare industry and the trust fabric established by DirectTrust. Additionally, DirectTrust became recognized as an American National Standards Institute (ANSI) Standards Development Organization, promptly convening several Standards Consensus Bodies.
In 2022, we celebrated our 10 year anniversary, including a decade of growth and evolution, but an everlasting commitment to trusted exchange, trust-in-identity, and community.
On January 5, 2023, the Electronic Healthcare Network Accreditation Commission (EHNAC) merged with and into DirectTrust with the intention of becoming the primary DirectTrust accreditation body. Founded in 1995 and with an origin story related to HIPAA, EHNAC has its own unique and storied history. Today, we are excited to operate as one organization, focusing on instilling trust in exchange through community and membership, standards development, accreditation, and other trust services.
To learn more about the DirectTrust origin story, read our blog, Celebrating the Origins of DirectTrust.
Key Moments in Our History
March 1, 2010
ONC Kick Off of Direct Project
April 5, 2012
Incorporation of DirectTrust
March 26, 2013
DirectTrust awarded Cooperative Agreement from the ONC
Q1 2013
Message exchange tracking begins, first patient/consumer addresses
April 1, 2015
Formation of the Accredited Trust Anchor Bundle
September 1, 2018
New President and CEO Scott Stuewe begins
Q2 2019
One billion messages exchanged
March 26, 2019
DirectTrust becomes an ANSI Standards development Organization
June 10-11, 2019
First DirectTrust Summit in Atlanta, Georgia
January 6, 2020
New DirectTrust logo and brand refresh deploys
May 13, 2021
The Direct Standard® becomes an ANSI standard
Q4 2020
Two billion messages exchanged
September 9, 2021
Trusted Instant Messaging Plus (TIM+) becomes an ANSI Standard
Q2 2022
Three billion messages exchanged
May 13, 2022
Event Notifications via the Direct StandardⓇ becomes an ANSI Standard
April 5, 2022
DirectTrust celebrates 10th anniversary
Q1 2023
Four billion messages exchanged
January 4, 2023
EHNAC merges into DirectTrust
How Direct Works With DirectTrust
Direct Secure Messaging, commonly referred to as Direct, is a secure communication transport mechanism for sensitive information over the open internet. While appearing like email, Direct utilizes digital certificates and Public Key Infrastructure (PKI) to encrypt the contents of a message, meaning only the intended recipient can decrypt the message.
DirectTrust itself does not issue Direct addresses or provide Direct Secure Messaging services. Rather, DirectTrust maintains a secure communication network for exchange between trusted partners. DirectTrust federates that trust by accrediting the Health Information Service Providers, or HISPs, that operate as part of the network in what’s referred to as a trust bundle, eliminating the need for point-to-point agreements between each HISP. Accredited HISPs can issue identity-proofed Direct Addresses for communication in accordance with DirectTrust policies.
In addition to accrediting network operators and providing network trust infrastructure, DirectTrust also acts as a governance body, using member consensus to update and enforce policy.
