Quandary Peak Research, Inc, a firm specializing in software analysis and code review for complex litigation and regulatory affairs, was recently selected by a major electronic health record (EHR) vendor to serve as a Software Quality Oversight Organization (SQOO), charged with evaluating the company’s software and internal processes, and issuing independent software audit reports designed to improve the overall quality of their product, especially its ability to aid medical providers in keeping patients safe.

Quandary Peak’s team of 8 software engineers and health informatics professionals will serve for 5 years under the Corporate Integrity Agreement (CIA) that eClinicalWorks, LLC entered into with the Office of the Inspector General (OIG) of the United States Department of Health and Human Services (HHS) on May 27, 2017. The SQOO will analyze company processes and policies surrounding software development and will review the product source code to document findings and provide recommendations. As part of their periodic assessments, the SQOO will offer evidence-based, expert insight on improving these processes and their inputs/outputs, especially as they relate to the domains of patient safety, quality, and compliance with Meaningful Use / Promoting Interoperability (MIPS, CQM) and CEHRT regulations. The Quandary Peak team will utilize their experience in a range of technologies, Standards, and best practices, ranging from software quality and risk management (ISO 9001, ISO 14971, DCB 0129), to cloud security and devOps (ISO 27001, OWASP Top-10), to Health IT and Interoperability (FHIR, EPCS, SCRIPT).

Quandary Peak Research looks forward to continuing to provide expert guidance and audit services to all participants in the Health IT space, and to making Health IT software safer, more compliant, more reliable, and more effective through the application of leading health informatics and software governance principles.