EZ 2000 Manual - Direct Standard

Direct Messaging

Direct messaging is a standard, secure method of sending and receiving authenticated, encrypted health information directly to trusted and known recipients over the internet. It is developed by the Direct Project, http://www.directproject.org, in support of participants of the EHR program. 

Using Direct messaging, EHR providers can securely send patient information to other providers as required for Meaningful Use.  This includes sending Summary of Care documents. The receiving provider must also be using a certified EHR software to read the encrypted documents.

To use Direct messaging:
- You must use EZ2000 Plus Dental version 2 or greater.
- You must have a security certificate installed on the computer you send and receive e-mails on.  If you do not, when you will receive notification messages when you attempt to encrypt and send an email from EZ2000 Plus Dental, or open an e-mail that has been sent to you.
- You must have an e-mail address associated with a domain name you own, and it must also be associated to the security certificate.

EHR users have two options. 

Option 1 - Contract with a Health Information Service Provider (HISP).
An HISP performs authentication, encryption and trust verification on your behalf.  Set the e-mail address associated with your HISP account as the default E-mail Address in EZ2000 Plus Dental.  EZ2000 Plus Dental will then download your e-mail messages from the HISP. The downside to this option is that you may have to get a new e-mail address supplied by the HISP.  This option is also more expensive.

Option 2 - Purchase or create a security certificate. 
We recommend contacting GoDaddy support (www.godaddy.com) to purchase an SSL certificate, as it is a certificate authority. The security certificate must be associated with the default e-mail address set in EZ2000 Plus Dental for the E-mail Inbox.  Install the private certificate on your computer, and install the public certificate on your hosting server. 

You can also create a self-signed certificate for free, though these certificates are unlikely to be trusted by a third party.  In order to send or receive a message with a self-signed certificate, both parties must have the certificate added to their internal list of trusted certificates.  See your Windows documentation for instructions.

You must have one certificate per each Direct e-mail address. 

Install a Security Certificate
Once you have purchased a certificate and downloaded it to your computer, install the certificate on each computer that receives the Direct e-mail. 

1. Click Start and run mmc.exe (Microsoft Management Console).
2. Click File, Add/Remove Snap In.
3. Double click on Certificates.
4. Select Computer Account and click Next.
5. Click Finish, then OK.  Certificate folders will be visible in tree view.
6. In the NHIND Private folder, right click on Certificates and select All Tasks, Import.  Browse for the certificate file on your computer and complete the Wizard to install the certificate.

There are three folders of interest:

• NHIND Anchors: Certificates that you "trust".
• NNHIND External:   Certificates with public keys that you have sent to before.  Every time you send to a new public certificate, it will be added to this list, or if expired, it will be replaced.
• NHIND Private - Your private key certificates.

See Direct Messaging vs Standard Encrypted E-mail