Who is DirectTrust?
A pioneer in offering technical trust and confidence in the secure exchange of health information, DirectTrust is committed to advancing trust in health data exchange. As a non-profit trade alliance, DirectTrust operates not only as a membership organization and community convener, but also as an ANSI-accredited standards body, an accreditor for numerous healthcare policies, frameworks, and programs, and a provider of trust services like Trust Frameworks, Directories, and more.
Our Mission
DirectTrust builds trust in a connected world through consensus-driven standards, best practices, and governance, especially for health care. We enable confidence via rigorous accreditation and certification programs with stringent criteria and regulatory compliance requirements. We advance capabilities needed for a secure, trusted, interoperable digital ecosystem.
Our Vision
A digital ecosystem designed to ensure trust, transparency, security, and useability of data to empower individuals and organizations in health care and related sectors to easily connect to, share, and rely on sensitive information.
Our Four Focus Areas
DirectTrust® is a 501c(6) non-profit, vendor-neutral alliance dedicated to instilling trust in the exchange of health data through four primary focus areas. First, the organization serves as a forum for a consensus-driven community focused on health communication. Second, as an American National Standards Institute (ANSI) standards development organization, DirectTrust develops Standards that support trust in healthcare. Third, DirectTrust operates an accreditation and certification body through EHNAC (the Electronic Healthcare Network Accreditation Commission). Finally, DirectTrust offers trust services like trust frameworks and supportive services such as certificate issuance and directories for secure information exchange like Direct Secure Messaging and trusted, compliant document submission.
DirectTrust was born out of The Direct Project, which began in 2010 as a grass-roots public/private partnership focused on creating a simple and low-cost mechanism for healthcare interoperability. The goal was to enable both secure health data exchange and reliable communication among EHRs and other systems. This effort resulted in the Direct Standard® for exchange, which was included in the government incentive program referred to as “Meaningful Use”.
As a result of the development and early deployment activities of the Direct Standard® in 2011, consensus developed that an organization would be required to establish and grow a “trust community” which could establish “Rules of the Road” for the new technology to scale. By the end of 2011, the first meeting of DirectTrust was held with the mission of providing policy and governance for the new trust framework. In April of 2012 the organization was incorporated as a trade association with the goal of developing, promoting and as necessary, enforcing the rules and practices needed to maintain security and promote confidence in a federated, national scale exchange community.
In 2013 and 2014 DirectTrust received support through an ONC Cooperative Agreement to advance the work of the trust framework. As a part of Stage 2 Meaningful Use and the ONC Certification Program, every certified EHR system incorporated Direct Secure Messaging into their products.
In 2019, we reached the landmark milestone of one billion messages exchanged , because of the technical investments made by the healthcare industry and the trust fabric established by DirectTrust. Additionally, DirectTrust became recognized as an American National Standards Institute (ANSI) Standards Development Organization, promptly convening several Standards Consensus Bodies.
In 2022, we celebrated our 10 year anniversary, including a decade of growth and evolution, but an everlasting commitment to trusted exchange, trust-in-identity, and community.
On January 5, 2023, the Electronic Healthcare Network Accreditation Commission (EHNAC) merged with and into DirectTrust with the intention of becoming the primary DirectTrust accreditation body. Founded in 1995 and with an origin story related to HIPAA, EHNAC has its own unique and storied history. Today, we are excited to operate as one organization, focusing on instilling trust in exchange through community and membership, standards development, accreditation, and other trust services.
To learn more about the DirectTrust origin story, read our blog, Celebrating the Origins of DirectTrust.
Key Moments in Our History
How Direct Works With DirectTrust
Direct Secure Messaging, commonly referred to as Direct, is a secure communication transport mechanism for sensitive information over the open internet. While appearing like email, Direct utilizes digital certificates and Public Key Infrastructure (PKI) to encrypt the contents of a message, meaning only the intended recipient can decrypt the message.
DirectTrust itself does not issue Direct addresses or provide Direct Secure Messaging services. Rather, DirectTrust maintains a secure communication network for exchange between trusted partners. DirectTrust federates that trust by accrediting the Health Information Service Providers, or HISPs, that operate as part of the network in what’s referred to as a trust bundle, eliminating the need for point-to-point agreements between each HISP. Accredited HISPs can issue identity-proofed Direct Addresses for communication in accordance with DirectTrust policies.
In addition to accrediting network operators and providing network trust infrastructure, DirectTrust also acts as a governance body, using member consensus to update and enforce policy.