Part of the Direct protocol's security is the need to explicitly "trust" other organizations or individuals before being able to message them. With so many provider organizations out there, this can become a massive job to establish one-to-one trust for many providers.

Direct allows for the use of a "trust bundle" whereby every member of the bundle is trusted by every other. This makes large scale trust easier, but brings with it policy questions - "how can I trust everyone in the bundle?". has a mission to address these an other issues. They have created trust bundles requiring best practices be adhered to by all members. Nitor is a member of DirectTrust and a fully accredited member of the bundle.

Nitor is also a fully accredited EHNAC DTAAP HISP. Nitor applies the highest standards in the operations of our products.

The Direct protocol is secured by an encrypted PKI infrastructure, requiring digital certificates at both ends (sender and receiver).

Nitor Group goes beyond the protocols required, ensuring security of PHI data. Our HISPDirect(TM) product is the only EHNAC accredited HISP to be hosted in a fully accredited EHNAC hosting facility -- Sidus BioData. From highly secure facilities, to accredited operations -- your data is safe with Nitor.