Direct Project HISP


Direct Project

You are probably aware that the Direct Protocol is required for Meaningful Use Stage 2. Direct is an internet-based tool that can replace mail and fax transmissions of patient data with secure and efficient electronic health information exchange.

Dynamic Health IT has partnered with MaxMD to provide complete turnkey solutions, including:

  • Direct mail server
  • HISP with Certifcate creation, certificate issuance, certificate discovery, Direct encryption and decryption
  • SendAnywhere™ encryption and decryption, XDR/SMTP translation, cross-certification with other HISPS, etc. Customers can retrieve messages from Direct mdEmail® on their smartphone, tablet or desktop.

Vendors and “Self-certifiers”: DHIT has development resources to incorporate direct into your application. We were the first vendor to receive HITECH 2014 Edition certification on the Direct Protocol – 170.314(b)(1), 170.314(b)((2), and 170.314 (e)(1). Our ConnectEHR® Stage 2 bolt-on software and our Patient Portal have built-in hooks to MaxMD.

Providers: Through MaxMD, we can offer turnkey solutions for any needs involving transmission and receipt of Direct messages, documents and mail.

The Direct Protocol is a set of standards and specifications for secure messaging and transmission of healthcare information. For 2014 Edition modules 170.314(b)(1), 170.314(b)(2), and 170.314(e)(1), the Direct Protocol is the required transport standard.

The ONC Final Rule document refers to this Standard as '§ 170.202 Transport standards. (a) Standard. ONC Applicability Statement for Secure Health Transport (incorporated by reference in § 170.299)'.

The ONC Final Rule also names these optional transport standards:

§ 170.202(b) Standard. ONC XDR and XDM for Direct Messaging Specification (incorporated by reference in § 170.299).

§ 170.202(c) Standard. ONC Transport and Security Specification (incorporated by reference in § 170.299).

Dynamic Health IT was the first vendor certified on the 2014 Edition Direct modules and can assist in or lead your Direct Protocol implementation and configuration. You can use our unique experience of implementing, configuring and certifying on these modules to your 2014 Edition certification team's advantage.

About Direct:

  • Content is packaged using MIME and, optionally, XDM.
  • Confidentiality and integrity of the content is handled through S/MIME encryption and signatures.
  • Authenticity of the Sender and Receiver is established with X.509 digital certificates.
  • Routing of messages is handled through SMTP.


How We Help:

  • Setup Direct Reference Implementation
  • DNS CERT Hosting
  • Domain and address bound certificates
  • Trust anchors


Sending Process Overview:

  • Vendor system triggers the creation of CCDA document.
  • Clinician or patient uses ConnectEHR® to choose a recipient and clicks send.
  • ConnectEHR® sends the document to the Direct Reference Implementation.
  • The recipient's certificate is discovered using Domain and Address bound certificate discovery
  • The document is encrypted and sent to the recipient.


Receiving Messages:

  • Sending system discovers certificates using DNS CERT records hosted by the Reference Implementation.
  • Direct Implementation receives the messages and decrypts it
  • ConnectEHR® decodes the attachments and forwards to the correct clinician