Press Release

EMR Direct Achieves Full Re-Accreditation from EHNAC, including TEFCA-focused Program

Accreditation ensures compliance with HIPAA Privacy and Security requirements, TEFCA requirements of QHINs, and is a prerequisite for participation in the DirectTrust network

SAN DIEGO, Calif., February 11, 2022 -- EMR Direct, a leading developer of software for secure health information exchange and provider of Direct Messaging, HL7® FHIR®, IHE Query, and Identity Services, announced today it has achieved full re-accreditation from the Electronic Healthcare Network Accreditation Commission (EHNAC) for DirectTrust Privacy & Security, and EHNAC’s relatively new Trusted Network-Qualified Health Information Network (QHIN) program (TNAP), for organizations who wish to be acknowledged by the Recognized Coordinating Entity (RCE) as a Qualified Health Information Network.

EMR Direct’s platform allows developers to easily add Direct Messaging, HL7 FHIR, or IHE query-based exchange services into their products, enabling more effective use of health information across the care continuum, while meeting industry requirements for privacy and security, and without special effort by customers or pairwise legal agreements. “EMR Direct has lowered barriers to entry for those wishing to adopt sophisticated technology that enables secure health information exchange. Re-accreditation of our Privacy and Security practices and Trusted Exchange services signals to the industry that our maturing product suite continues to include a level of compliance that brings confidence to exchanges leveraging our systems. Securing healthcare transactions at scale and improving care delivery at an affordable cost is at the core of our mission,” said Julie Maas, CEO of EMR Direct.

Through EHNAC’s comprehensive third-party review, EMR Direct’s practices were evaluated and found to be fully in compliance with HIPAA regulations, industry standards, and the requirements of QHIN service providers. Participation in this program is critical to the business of a health IT service provider, since the vendor selection process or ongoing relationship often entails a customer-specific security risk assessment; EHNAC Privacy & Security addresses all the same criteria as part of their third-party review of a participant’s attestations and includes a site visit component, as well as contractual terms that trigger re-review, when appropriate. EHNAC’s programs evaluate privacy, security and confidentiality; technical performance; business practices; and organizational resources as relate to Direct Messaging and QHIN participation. In addition, EHNAC reviewed EMR Direct’s processes of managing and transferring Protected Health Information and determined that the organization meets or exceeds all EHNAC criteria and industry standards.

The Trusted Network Accreditation Program (TNAP) leverages existing industry-wide identity verification, authentication, and privacy/security frameworks, directly aligns with the publication of the 21st Century Cures Act and related Trusted Exchange Framework and Common Agreement (TEFCA), and promotes interoperability, assuring the security and privacy of trusted networks, and the use of enabling technologies in the healthcare ecosystem.

EMR Direct was an early implementer of FHIR and is a FHIR Foundation member. EMR Direct first received EHNAC accreditation back in 2014 when EHNAC’s Direct-related programs were initially launched. The company is also a DirectTrust-accredited Health Information Service Provider (HISP), Registration Authority, and Certification Authority. With new capabilities made available in EMR Direct Interoperability Engine 2021, vendors are able to easily meet the requirements of the Office of the National Coordinator (ONC) 2015 Edition Cures Update Health Information Technology certification criteria before the December 31st, 2022 deadline. This allows software developers to rapidly deploy the public HL7 FHIR Application Programming Interfaces (APIs) required to certify, and enables patient access to their electronic health data as well as business-to-business use cases. The EMR Direct FHIR platform also includes services to support and manage third-party application developers and native support for SMART and UDAP, to increase the scalability and security of health information exchange as required in ONC FAST solutions, Carequality and CommonWell FHIR frameworks, and the ONC’s FHIR® Roadmap for TEFCA Exchange.

About EMR Direct

EMR Direct is headquartered in San Diego, California, and provides interoperability services, including HL7 FHIR, OAuth, Direct Messaging, IHE query, Identity Services, companion APIs for workflow integration and data accessibility, and, through its phiCert Certification Authority, the supporting public key infrastructure (PKI) required for secure health information exchange. With the goal of simplifying interoperability and enabling custom workflows, EMR Direct's software is easy to deploy and does not require expensive, one-off, peer-to-peer interfaces. EMR Direct sponsors work within, HL7 and IHE to improve the security and scalability of query-based information exchange nationwide, and our FHIR services include native support for UDAP. EMR Direct is committed to protecting patient privacy, improving the quality and coordination of care, increasing productivity, and reducing costs. The Interoperability Engine platform is ONC 2015 Edition Certified, ready to support partners in Cures Update certification, and integrates seamlessly into other applications. Hundreds of healthcare IT developers and thousands of healthcare organizations use EMR Direct services to power health information exchange services integrated into their products. Today, our network reaches over 2.8 million healthcare endpoints across the nation, and continues to grow.


The Electronic Healthcare Network Accreditation Commission (EHNAC) is a voluntary, self-governing standards development organization (SDO) established to develop standard criteria and accredit organizations that electronically exchange healthcare data. These entities include accountable care organizations, data registries, electronic health networks, EPCS vendors, e-prescribing solution providers, financial services firms, health information exchanges, health information service providers, management service organizations, medical billers, outsourced service providers, payers, practice management system vendors, third-party administrators and trusted networks. The Commission is an authorized HITRUST External Assessor, making it the only organization able to provide both EHNAC accreditation as well as to conduct HITRUST CSF assessment services.

EHNAC was founded in 1993 and is a tax-exempt 501(c)(6) nonprofit organization. Guided by peer evaluation, the EHNAC accreditation process promotes quality service, innovation, cooperation and open competition in healthcare.

Trademark notice: phiMail is a registered trademark of EMR Direct. HL7 and FHIR are registered trademarks of Health Level Seven International. IHE is a trademark of the Healthcare Information Management Systems Society.