The Trusted Dynamic Registration and Authentication Accreditation Program

From EHNAC and

EHNAC and logos

CAQH has partnered exclusively with EHNAC to provide incentives for CAQH Endpoint Directory participants and client applications to become accredited through the Trusted Dynamic Registration and Authorization Accreditation Program (TDRAAP). Developed jointly by EHNAC and, TDRAAP is designed to help healthcare organizations and application developers demonstrate their ability to use trusted digital certificates for endpoint identity, registration, authentication, and attribute discovery for electronic healthcare transactions in real-time.


The program supports an organization’s continued focus on interoperability – a foundational component of the Office of the National Coordinator’s (ONC’s) Cures Act Final Rule and related CMS Interoperability and Patient Access Final Rule. TDRAAP combines technical certification with third-party review of privacy and security while enabling trust and transparency for organizational and individual access to data.


Choose from two TDRAAP program options:

EHNAC Certified TDRAAP-Basic offers privacy and security self-attestation with targeted validation while the included Unified Data Access Profiles (UDAP) technical framework certification demonstrates that an entity’s end-to-end API can be trusted by patients and other industry stakeholders. The Basic program is designed specifically for developers of consumer-facing apps, also referred to as a patient’s “App of their Choice,” using individual sign-on for access to one patient’s FHIR data at a time within ONC-certified Health IT, payer systems, or other Health IT with the patient’s own credentials.
EHNAC Certified

TDRAAP-Comprehensive is designed for organizations wanting to demonstrate full HIPAA/HITECH Privacy and Security compliance and validation of all UDAP technical Workflows they support, including privileged client app or provider access to data. For example, FHIR Bulk Data requests, broadcast or targeted queries, authorization code flow in patient-directed or cross-organizational queries, or any setting in which multiple services deployed by the organization enable UDAP workflows. 


Follow the TDRAAP Star Level Glide Path to increase interoperability for your organization. The Star Level Glide Path offers a consistent methodology for the industry to follow during the collective move from basic use of OAuth 2.0 to the more scalable and efficient UDAP framework. The Star Level Glide Path offers levels of authentication on a one through five-star scale. Organizations are encouraged to advance along the Glide Path, progressively incorporating UDAP functionality, until they ultimately reach level five, which promotes the broadest scalability, greatest security and the best cost savings for clients, servers, identity services and patients.


Learn More


FHIR® is the registered trademark of HL7 and is used with the permission of HL7.