Who is DirectTrust?

Established 2012

A pioneer in offering technical trust and confidence in the secure exchange of health information, DirectTrust is committed to collaboration for advancing secure communication. As a non-profit trade alliance, DirectTrust operates not only as a membership organization, but also as an ANSI-accredited standards body, a trust framework supported by policy, and an accreditor for reliable and trusted exchange across the DirectTrust network.

Mission Statement

The Mission of DirectTrust is to support health information exchange that is secure, interoperable, affordable, ubiquitous and usable by diverse end-users. The Mission is pursued in the interest of the public good, as a non-profit, competitively neutral, membership ‘learning organization’ for voluntary self-governance of health information exchange.

Vision Statement

A community confidently exchanging and using digital health information in a secure and trusted manner for the betterment of health and care.


Learn about the benefits and the process to become Accredited with DirectTrust.

Learn More About Accreditation

Why is Direct Important?

The timely and secure exchange of health information is critical to patient care, and Direct Secure Messaging provides for that exchange across organizational boundaries. Utilizing the consensus-based Direct Standard®, Direct exchange is simple, secure, and scalable. Available through certified EHRs, Direct is readily available for providers to share data with other providers, eliminating redundancy of diagnostic testing, reducing the cost of care and easing inconvenience on patients and providers alike. Through utilization of Direct, patients will receive better coordinated care, leading to improved outcomes, and ultimately culminating in increased patient and provider satisfaction.


DirectTrust was born out of The Direct Project, which began in 2010 as a grass-roots public/private partnership focused on creating a simple and low-cost mechanism for healthcare interoperability. The goal was to enable both secure health data exchange and reliable communication among EHRs and other systems. This effort resulted in the Direct Standard® for exchange, which was included in the government incentive program referred to as “Meaningful Use”.

As a result of the development and early deployment activities of the Direct Standard® in 2011, consensus developed that an organization would be required to establish and grow a “trust community” which could establish “Rules of the Road” for the new technology to scale. By the end of 2011, the first meeting of DirectTrust was held with the mission of providing policy and governance for the new trust framework. In April of 2012 the organization was incorporated as a trade association with the goal of developing, promoting and as necessary, enforcing the rules and practices needed to maintain security and promote confidence in a federated, national scale exchange community.

In 2013 and 2014 DirectTrust received support through an ONC Cooperative Agreement to advance the work of the trust framework. As a part of Stage 2 Meaningful Use and the ONC Certification Program, every certified EHR system incorporated Direct Secure Messaging into their products.

Today, a robust and growing network exists, reaching the milestone in 2019 of one billion messages exchanged, because of the technical investments made by the healthcare industry and the trust fabric established by DirectTrust.


How Direct Works With DirectTrust

Direct Secure Messaging, commonly referred to as Direct, is a secure communication transport mechanism for sensitive information over the open internet. While appearing like email, Direct utilizes digital certificates and a Public Key Infrastructure (PKI) to encrypt the contents of a message, meaning only the intended recipient can decrypt the message.

DirectTrust maintains a secure communication network for exchange between trusted partners. DirectTrust federates that trust by accrediting the Health Information Service Providers, or HISPs, that operate as part of the network in what’s referred to as a trust bundle, eliminating the need for point-to-point agreements between each HISP. Accredited HISPs can issue identity-proofed Direct Addresses for communication in accordance with DirectTrust policies. DirectTrust also acts as a governance body, using member consensus to update and enforce policy.


Find your accredited HISPs

Member List

Why is the accreditation of HISPs, CAs, and RAs Necessary?

Establishes Trust within Network

Promotes Interoperability

Demonstrates Policy Adherence

Ensures Uniform Security Compliance

Mitigates Risk of PHI Exchange

Verifies HIPAA and Privacy Compliance

Business Process Oversight

Illustrates Best Practices

Learn More About Accreditation

Frequently Asked Questions

Get Your Answers to Common Questions

Meet Our Leadership

Learn More About Our Leaders