Yes.  Our infrastructure is fully certified and accredited in the industry.  We are completely HIPAA compliant, but go well beyond the basic requirements of HIPAA, to provide a safe, secure, and private cloud-based messaging and exchange platform that has trust and security built-in from the ground up.  Below is a list of our certifications and accreditations.


HISPDirect is a modularly certified EHR for 2014 Meaningful Use.  This includes the all objectives dealing with Direct messaging.  

Nitor Group's HISPDirect V2.2.1 was certified to the following criteria for Modular EHR certification:

Certification Date:
April 15, 2015
Certification Numbers:

06042015-0253-3 (Ambulatory),

06042015-0252-3 (Inpatient)

Modules Tested:
170.314 (g)(4); (h)(1,2,3)
Additional Software Required:
Cost and Limitations:

HISPDirect V2.2.1 does not have any additional costs associated with meeting meaningful use objectives or measures.



HISPDirect and the RosettaHealth HISP infrastructure have been accredited by EHNAC to be a DTAP accredited HISP, which means that all our policies and procedures have been audited by EHNAC and found in compliance with HIPAA, HITECH and

For more information on EHNAC's accreditation scope and requirements, please see the link below:

     EHNAC DTAAP Accreditation Program (DTAP) Trusted Agent is the largest trust community within Health IT, encompassing most EHRs and HISP vendors.  In order to be a trusted agent HISP in good standing with, you must be EHNAC accredited, as well as pass interoperability testing with other agents.  The policies and procedures required are quite significant and cover handling of PHI, encryption, digital certificates, authentication, intrusion detection and other areas of security and privacy.  For more information about our security, please visit the knowledge base article on security.

Additionally, our policies and procedures with regards to security and privacy are available upon request.



RosettaHealth's infrastructure is hosted in a highly-secure cloud hosting facility designed for health and biodata applications: BYTEGRID.  BYTEGRID's security goes well beyond HIPAA-compliance -- they are one of only a few datacenter's that have achieved EHNAC's OSAP Accreditation.