What is DirectTrust?
DirectTrust is a non-profit health care industry alliance that establishes and maintains rules, standards, and policies associated with the operation of the security and trust-in-identity layer for Direct exchange.
Security is the key component that distinguishes Direct messaging from regular email. In order to exchange Direct messages both parties must swap security certificates and be assured all the parties are “who they say they are”.
Security and trust are musts when transmitting healthcare information!
DirectTrust is also a nationwide network of accredited Health Information Service Providers (HISPs). These accredited HISPs enable hundreds of thousands of users (doctors, nurses, and administrative staff) across the country to freely exchange health information with each other without having to establish a point-to-point security relationship.
To become an accredited member of DirectTrust, a HISP must meet a stringent set of security requirements and procedures which are verified through a 3rd party auditing firm called EHNAC (Electronic Healthcare Network Accreditation Commission).
Individuals become a part of this network after completing the DirectTrust Activation (identity verification) process and receiving their Direct address.
The DirectTrust Activation process is part of the initial implementation of your Direct messaging application and only takes a few minutes.
Most often, only one provider at the medical practice (the representative) needs to go through this process. That person, in turn, is responsible to ensure anyone given a Direct address at the practice is “who they say they are”. Typically, a person’s identity is verified during the hiring process so no further action is needed by the representative (e.g. I9 Employment form, copy of passport or driver’s license). However, some EHR vendors prefer to have each person go through the DirectTrust identity verification process to establish an even higher level of security.