Security Controls Don’t Migrate Themselves
What Is NIST 800-53 and Why Are Financial Institutions Using It? NIST Special Publication 800-53 is a catalog of security and privacy controls published by the National Institute of Standards
Traditional QA Is Reaching Its Limits in FHIR Ecosystem Testing
The strategic case for continuous FHIR validation is well established, but the technical case for how to execute it is not. Health IT organizations understand that point-in-time certification was never
From Third-Party Integration to Native EPCS Certification
When your team first integrated a third-party e-prescribing module, the decision made sense. You had an EHR to build, a market window to hit, and a DEA compliance requirement that
Preparing for Certification with Drummond
For many health IT developers, ONC certification is a major milestone, confirming that a product meets federal Health IT Certification Program requirements. What often surprises teams is how structured the
How the HTI-5 Proposed Rule Affects ONC Certification
In December 2025, the U.S. Department of Health and Human Services released the Health Data, Technology, and Interoperability: commonly referred to as HTI-5. The proposal represents one of the most
The Hidden Costs of Fast Compliance
The compliance community has been paying close attention to a recent article detailing allegations that a platform offering a fast, low-cost path to SOC 2 and HIPAA readiness may have
ONC Certification Explained: Who Does What and Why It Matters
Here is something that surprises many health IT developers: The Office of the National Coordinator for Health Information Technology (ONC) does not actually certify your product. It does not test
SCRIPT 2023 and EPCS Certification FAQs
NCPDP SCRIPT Standard Implementation Guide Version 2023011 (SCRIPT 2023) has been on the radar for a while. Most teams working in e-prescribing know it is coming, know the January 1,
Don’t Be the Next Cautionary Tale in Healthcare Security
Researchers at mobile security firm Oversecured scanned ten Android mental health apps with a combined 14.7 million downloads on Google Play. What they found should make any HIT developer uncomfortable: