• Services

    Health IT Certification

    ONC Certification

    FHIR® Testing and Certification

    Pediatric Certification

    Drummond Advisory
    Services

    ONC Health IT

    Compliance Support for 170.315(g)(10) FHIR®

    Compliance

    PCI

    HIPAA

    Assurance Services

    Security and Privacy

    Penetration Testing

    Healthcare Penetration Testing

    PCI Penetration Testing

    GDPR

    Supply Chain Security:
    B2B Interoperability

    B2B Interoperability Certification

    Testing Calendars

    Registration

    Supply Chain Security:
    Regulatory Auditing

    DEA-EPCS

    DEA-CSOS

    DSCSA EPCIS

    GS1 GDSN

    Risk Assessments

    NIST

    Comprehensive Risk Assessment–ISO

    Comprehensive Healthcare Risk Assessment

    FFIEC

    Health IT Industry
    Engagement

    Shift

    Interoperability Hub

  • Resources
  • Certified Products

    Supply Chain Security:
    B2B Interoperability

    Applicability Standards

    ebXML

    Testing Calendars

    Registration

    Supply Chain Security:
    Regulatory Auditing

    DEA-EPCS

    DEA-CSOS

    Health IT Certification

    2015 Edition Cures Health IT

    Payer and Patient Access FHIR®

    Drummond Pediatric Health IT

  • About
  • Services

    Health IT Certification

    ONC Certification

    FHIR® Testing and Certification

    Pediatric Certification

    Drummond Advisory
    Services

    ONC Health IT

    Compliance Support for 170.315(g)(10) FHIR®

    Compliance

    PCI

    HIPAA

    Assurance Services

    Security and Privacy

    Penetration Testing

    Healthcare Penetration Testing

    PCI Penetration Testing

    GDPR

    Supply Chain Security:
    B2B Interoperability

    B2B Interoperability Certification

    Testing Calendars

    Registration

    Supply Chain Security:
    Regulatory Auditing

    DEA-EPCS

    DEA-CSOS

    DSCSA EPCIS

    GS1 GDSN

    Risk Assessments

    NIST

    Comprehensive Risk Assessment–ISO

    Comprehensive Healthcare Risk Assessment

    FFIEC

    Health IT Industry
    Engagement

    Shift

    Interoperability Hub

  • Resources
  • Certified Products

    Supply Chain Security:
    B2B Interoperability

    Applicability Standards

    ebXML

    Testing Calendars

    Registration

    Supply Chain Security:
    Regulatory Auditing

    DEA-EPCS

    DEA-CSOS

    Health IT Certification

    2015 Edition Cures Health IT

    Payer and Patient Access FHIR®

    Drummond Pediatric Health IT

  • About
Contact Us
Home
Why AS2 Is Still Important

Why AS2 Is Still Important

By Aaron Gomez, Principal, Supply Chain Security

The largest retailer in the world famously led EDI adoption by embracing and mandating the use of AS2 across their retail industry and value chain. Amazon, Target, Lowe’s, Bed, Bath & Beyond and thousands of others followed suit. Today, AS2 is the de facto standard for EDI transactions but also for other business documents as AS2 is payload agnostic. Aside from retail, many other vertical industries use the AS2 protocol, including healthcare, as AS2 meets legal HIPAA requirements and is tested periodically yearly for conformance and interoperability to the AS2 RFC 4130 standard.

AS2 provides many benefits, from both business and technology vantage points. Here are the top 3 from my perspective:

1st – Security: Sensitive data is protected in AS2 through the transport layer via SSL and in the payload layer through S/MIME. AS2 uses the S/MIME protocol to wrap EDI data in a secure “envelope” and send it over the web.

2nd – Integrity: The identity of the sender and the integrity of the payload are ensured because the message is signed using digital certificates. There is also encryption to ensure only the correct party receiving the payloads in the AS2 messages can see the data, plus SSL at the transport layer provides protection against interception while being transmitted.

3rd – Non-Repudiation: The receiver of the data returns a signed message containing a Message Integrity Check (MIC) calculated over the payload, which provides proof of receipt which is necessary for legal reasons.

As a pioneer and market leader in application conformance and interoperability testing services, we offer a comprehensive suite of services to ensure critical business applications in supply chain and healthcare meet regulatory and industry standards for application conformance and interoperability.

With more than 750 software applications tested for over 400 software solution providers, our experts are ready to help you get certified across multiple industries and critical standards including AS2, AS4, and ebMS interoperability testing.

We are happy to help you do the proper research to determine which programs are right for your business.

Let us know how the People of Drummond can help you.

B2B interoperability testing keeps everyone working – together.

Register for a Test Event

More News

Drummond Advisory Services Newsletter – January 2023

As you shift to planning your 2023 projects, we want to share an update on some of our focus areas for upcoming advisory work with our EHR customers. As always, our team is available to help and has some specific initiatives underway we’ve designed to support you.

EPCS Regulations are Finalizing…

Drummond experts can help you prepare The Drug Enforcement Administration (DEA) has announced the electronic prescribing of controlled substances (EPCS) Interim Final Rule will be

Contact

sales@drummondgroup.com
(877) 437-8666
155 Fleet Street
Portsmouth, NH 03801

Privacy Policy

© 2023 Drummond Group. All rights reserved.

The People of Drummond are here to help

Let us guide you on your compliance journey.
Contact Us

Download Drummond's Guide to Integration Review of E-Prescription Module

Please fill out the form below to download the guide.

Drummond's guide to EPCS Recertification

Please fill out the form below to download the guide.

Drummond's guide to Initial EPCS Certification

Please fill out the form below to download the guide.