FBCA Certificates
& Direct Messaging

Gain the ability to transfer records to federal agencies and fortify 
your entire network for Direct messaging exchange.

Request Pricing

What are FBCA Cross-Signed Certificates?

Any organization exchanging healthcare information with a federal agency must use certificates cross-signed by the Federal Bridge Certification Authority (FBCA). All of our FBCA certificates are trusted by federal agencies and guarantee interoperability, allowing you to safely exchange messages.

Increase Identity Assurance
with FBCA or NIST LoA 3 Certificates

Meet compliance standards to correspond with U.S. federal agencies
and gain the ability to issue Electronic Prescriptions of Controlled Substances (EPCS).

Both FBCA and NIST LoA 3 are established standards. Digital signatures in these types of certificates show an end-user that the identity of the individual named in the certificate is verified and is trustworthy. We can help you with multiple levels of assurance, including FBCA Basic, FBCA Medium, and NIST LoA 3.

What is Direct Messaging for Healthcare?

Direct messaging is the national encryption standard for sending healthcare records over the internet. It allows Health Information Service Providers (HISPs) across the U.S. to exchange patient records securely and mitigate risks that come from transferring records over unprotected channels, like traditional email.

Stronger security for patient data
Guards PHI
Streamlined standards for providers
Improves workflows
Enhances communication

Compare Direct Certificates

Whether you need to a protect an entire environment or a group of patients, DigiCert Direct Certificates meet all a healthcare organization’s needs.

Allows you to secure one endpoint used only for health information exchange and can be a personal inbox, a task, a workflow, a data repository, or a registry. It’s formatted like an email address and bound to a specific Direct Address with the organization in the certificate.

Bound to a domain that is part of a Direct certificate and tied to the organization—not necessarily an individual—exchanging information using Direct. Organization Certificates can be associated with multiple Direct Addresses within an organization.

A Device Certificate allows you to secure a device, like a router, server, or other similar equipment used for transmitting Direct messages. The certificate is bound to the device, as well as to a domain that is part of a Direct Address and tied to an organization exchanging information using Direct.

A Patient Certificate is formatted like an address certificate, is issued by a HISP, and is bound to a specific patient.

DigiCert Direct Cert Portal

Secure your healthcare endpoints, automate certificate issuance using REST APIs, and enable Direct exchange—all from one cloud-based platform.

Direct Cert Portal allows you to handle every step of the certificate lifecycle and saves time by consolidating certificate tasks such as ordering, issuing, revoking, and reissuing. HISPs and Healthcare Organizations (HCOs) can instantly issue DirectTrust-compliant certificates to their domains, devices, and users, and begin secure healthcare information exchange after validation.


Why Use the Direct Cert Portal™?

Assign and manage roles for all users for an ISSO or HCO. Permission levels can be assigned for each user as Administrators, Requestors, or Observers.

Manage as many HCOs and individual providers as you need with just one Direct Cert Portal account.

Automate the management of your DigiCert Direct Certificates with a customized API using the REST protocol.

The Portal streamlines certificate management for the account administrator, giving you more control and insight over every stage of the certificate lifecycle. New certificate requests are also processed in real-time.

New certificate requests can be processed in real-time because of domain pre-approvals. Our support team works 24/7 to make certificate issuance the fastest in the industry.

From certificates to a management platform, DigiCert offers healthcare providers everything they need to effectively manage and securely transmit healthcare information while complying with today’s stringent standards.


DirectTrust Accredited

As an established Certificate Authority, we are part of the Accredited Trust Community. DigiCert is a member of the DirectTrust Accredited Trust Anchor Bundle, as well as the DirectTrust Governmental Trust Anchor Bundle. This guarantees interoperability with other fully accredited HISPs. Learn More


Get More Information

If you want to learn more about about FBCA or Direct Certificates
or get a quote, fill out the form below.

Do you agree to receive communications from DigiCert about available offers and services?

 Yes please, I’d like to hear about offers and services.

By clicking Submit you agree to DigiCert, Inc. or its affiliates processing your data in accordance with DigCert’s Privacy Policy.