What to Consider When Choosing a PCI Qualified Security Assessor (QSA)
PCI compliance is not a one-time task; it’s an ongoing commitment that requires copious knowledge on the intricate and dynamic topic of cybersecurity. Herein lies the importance of a Qualified Security Assessor (QSA). A QSA serves as a PCI guide, entrusted with evaluating and ensuring adherence to PCI compliance so that your organization’s focus and attention can remain fixed on its business goals.
The Critical Role of Proactive Threat Identification in Healthcare Security
The healthcare technology industry is facing an increasingly complex array of cybersecurity threats. Protecting sensitive health information has become an all-consuming requirement driven by the rise in cyber threats and stringent regulatory requirements. For EHR developers and their users, implementing comprehensive risk assessments and proactive threat identification strategies is essential to ensure the integrity and security of patient data.
Embracing Healthcare’s Digital Transformation with FHIRplace
The insights shared in this blog originate from a ViVE presentation by John Valutkevich, Director of Programs at Drummond, where he explored the complex state of app development and integration within the FHIR marketplace. What follows is a summary of his case study, capturing the analysis and perspectives discussed during the presentation:.
Overcoming Barriers in FHIR Application Development
The insights shared in this blog originate from a ViVE presentation by John Valutkevich, Director of Programs at Drummond, where he explored the complex state of app development and integration within the FHIR marketplace. What follows is a summary of his case study, capturing the analysis and perspectives discussed during the presentation:.
How to Avoid Costly HIPAA Violations and Protect Patient Data
The increased utilization of digital data sharing has also given more opportunities for cyberhackers to steal personal medical information—healthcare has seen an 256% rise in significant hacking-related breaches over the last five years as reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR).
What ASTP/ONC’s 2025 Enforcement Discretion Means for Health IT Developers
In March 2025, the Assistant Secretary for Technology Policy (ASTP) and the Office of the National Coordinator for Health Information Technology (ONC) (collectively, ASTP/ONC), issued
Drummond’s Innovative Contribution Shapes the Future of Pediatric EHR Systems
Recently, seven industry experts (including three from Drummond) published an article, “Defining Electronic Health Record Standards for Child Health: A State-of-the-Art Review,” The article outlines the milestones in developing the new child health EHR standard and describes the salient features of this contemporary standard.
Intro to the FTC Safeguards Rule
The Federal Trade Commission (FTC) Safeguards Rule is a set of security guidelines that promotes the robust protection of private customer information from the evolving threats of cyberattacks and security breaches.
Introducing FHIRplace: Accelerating the Promise of FHIR
Self-testing has been shown to be an essential testing practice when it comes to establishing a proving ground for standards and implementation guide development. However, with the increased use and support of Health Level Seven (HL7®) Fast Healthcare Interoperability Resources (FHIR®), the question remains “Is self-testing enough to prepare vendors and users for rapid and meaningful adoption of the upcoming complex multi-party FHIR based use cases like Payer to Payer (P2P) data exchange or electronic Prior Authorization (ePA)?”