What is phiMail?
The phiMail® messaging platform enables users to exchange information by Direct messaging, a secure email standard designed for healthcare. Doctors, hospitals, labs, nursing stations, patients, or anyone needing to share health information, is assigned a unique Direct Address, such as firstname.lastname@example.org or 3West@direct.yourhospital.com. Although it looks like a regular email address, Direct messaging software enables an environment in which all messages sent from and received by that address can be protected and processed in accordance with HIPAA.
phiMail Web users can send or receive patient care summaries, order requests, general communications, referrals, other patient data, transition of care documents, test results, billing information, or any other type of electronic file attachment. Unlike a fax, data is transmitted digitally so there is no loss in data quality.
How can I get phiMail?
phiMail service is built in to many EHR systems, and is available directly from EMR Direct for XDR- or SMTP-capable EHRs such as Epic and MEDITECH, or as a standalone web-based service. Register for a Direct Address.
Who can I send to and receive from?
Direct messaging is a security and email protocol that is designed
for exchange of Protected Health Information over the Internet,
and to allow interoperability between different Direct
As a phiMail platform user, your Direct Address is designed
to send to or receive from any other trusted address following Direct
Project protocols, whether that address is assigned by EMR
Direct or any other health information service provider (HISP).
EMR Direct's nationwide network currently reaches over 1,800,000 endpoints. We also offer our customers the ability to customize their exchange to trust communities of their choice, including the DirectTrust Network and the Mass HIway.
EMR Direct and Cerner were the first two HISPs admitted to the DirectTrust Accredited Trust Anchor Bundle, and we perform ongoing testing with every other participant, so exchange is easily enabled with the DirectTrust network. In addition, we offer the option of interoperability with the Nate Blue Button for Consumers (NBB4C) bundle and other Personal Health Record Services. Trust can be configured on a customer-by-customer basis for just about any Direct-compliant service with whom a customer chooses to exchange, and we also offer Directory services to help identify provider Direct addresses.
phiQuery Application Access APIs for FHIR
For use cases beyond message push, FHIR services can be easily integrated into EMRs using the phiQuery API, much like the way the phiMail API is used to enable Direct Messaging. Application Access is required in ONC 2015 Edition Certification, and is also useful for patient portals or where there is need for a custom interface. Application Access APIs criteria intend for 3rd party developers to be able to write custom data views, elevating the use of health information beyond its native EMR and portal. EMR Direct’s HealthToGo® client application is one such custom data view. 3rd party developers access a partner’s certified Open API documentation in order to develop their software. Users access FHIR resources using credentials issued by the data holder and the client application of their choice.
What sets phiMail apart?
phiMail is designed to allow our customers maximum control
over PHI (Protected Health Information), achieved using their own
custom workflow and our easy-integration API.
Data is decrypted only as needed, and is
only transmitted or stored in an encrypted manner.
We offer several different integration approaches, and a migration path
from web-based to integrated if you don’t have your own Direct interface
now but would like to build one into your own software down the road.
Our provisioning platform lets you choose whether to onboard using
paper-based forms an administrator can print and sign, or through an entirely
electronic approach with online identity verification.
As a developer of proprietary software for Direct messaging and FHIR, EMR Direct has in-house expertise on the technology and has a track record for bringing in-demand functionality to the marketplace early on. Examples of this are our API, sophisticated and flexible trust policy enforcement functionality, and support for multi-factor authentication and separate signing and encryption certificates when needed.Above all else, phiMail is developed with the goal of achieving the greatest possible interoperability, at the lowest possible cost--because we believe that electronic healthcare information exchange should be accessible to anyone who requires it.
Can I use phiMail and phiQuery as part of MU/MACRA/ACI/PI?
Yes! Hundreds of Health IT vendors have used our API to build phiMail Direct messaging right into their products, and, so far, over 125 of these vendors have certified EHR products using EMR Direct as their relied upon Direct partner, meaning that users of those products can already use our HISP services for Meaningful Use purposes. Additionally, the software that powers our HISP is independently certified as an EHR Module for both the 2014 and 2015 Edition certification criteria, so our HISP services can also be used together with many other EHR systems for Meaningful Use purposes, even if those vendors did not specifically list our software as part of their certification. phiQuery can be used to enable HL7 FHIR services and the HealthToGo and phiMail clients used along with it to enable patient portal functionality.
Do I need an NPI to apply for an account?
Direct messaging is intended for use with healthcare data. We offer Direct Addresses to Covered Entities, Business Associates, other qualified Healthcare-related enterprises, and patients, however we only offer Direct security credentials with the "Covered Entity" designation to individuals and organizations associated with a National Provider Identifier. The National Provider Identifier is a publicly available number provided by the United States Department of Health and Human Services to identify medical professionals across the United States. We use this number to associate every phiMail "Covered Entity" address with an individual or organization in the healthcare industry.
Our accredited HISP service requires minimal setup by your IT department, allowing for rapid deployment of Direct service. Our webmail service requires browser software supporting HTML5. phiMail easy-integration libraries run on most software configurations with an Internet connection including Java®, .NET, PHP, Ruby, and Node.js.
What does phiMail cost?
phiMail pricing for standalone web-based service begins at $149/year per provider plus a $300 one-time setup fee per organization. This includes a Level of Assurance (LoA) 3 equivalent certificate issued by our Certificate Authority, a Direct Address, and listing in our provider directory. Annual fees for integrated service begin at $300 for small hospitals and $129 per provider for ambulatory settings. We also offer a variety of patient address packages. Volume discount pricing information is available to registered developers or by requesting a quote.
Customers of EHRs with integrated phiMail service should contact their EHR vendor for pricing, enrollment information, and Direct-related support. Other package options are available upon request. Prices are subject to change at any time. A complimentary developer sandbox is also available to software vendors.
For large organizations & system integrators
EMR Direct offers volume discounts on services and certificates, as well as preferred pricing for developers who integrate phiMail service into their software. We offer integration options ranging from fully-custom integration to a private-label version of our own user interface. Please contact us for more information on volume pricing or on integration options for EHR vendors, large IT departments, or other healthcare IT applications. Or, register as a phiMail Developer to get started right away with complimentary test credentials and sandbox server access.
For more information on EMR Direct's services, please see the EMR Direct brochure, and our white papers on Exchanging Health Information between Multiple Healthcare Organizations and the Direct Project and phiMail.
We offer step-by-step guidance on certification testing with phiMail to registered developers. Our developer tools automatically return the server log documentation and exception handling needed to successfully demonstrate certification criteria, so Direct-related testing goes smoothly and predictably every time. Should you run into any questions from proctors or need a hand, our advanced telephone-based technical support is available at no charge on your proctored test date.
We’ve spent a great deal of time streamlining the onboarding process because health care providers have much more important things to focus on. With the help of EMR Direct’s Customer Care team, submitting the necessary Application form and verifying the identity of the person who signs the form is a breeze. Once a Direct address request has been initiated on our administrative portal, our knowledgeable staff will work with you to get your account set up without any project management effort on your side.
If you're ready to get your own Direct Address, register for phiMail today, and experience our workflow-friendly software for yourself.
Trademark Notice: phiMail and HealthToGo are registered trademarks of EMR Direct. phiQuery and phiCert are trademarks of EMR Direct. Microsoft and HealthVault are trademarks for the Microsoft group of companies. Java is a registered trademark of Oracle and/or its affiliates. HL7 and FHIR are registered trademarks of Health Level Seven International. Other names may be trademarks of their respective owners.