Business network concept. Customer support. Shaking hands.

As cases involving fraud and false claims rise, so does the need for Corporate Integrity Agreement (CIA) experts. A CIA is a type of agreement or part of a settlement between a corporation and the Office of Inspector General (OIG) of the United States Department of Health and Human Services (HHS) investigating Federal healthcare programs. CIA’s typically result in the engagement of either an Independent Review Organization (IRO) or an Independent Monitor. The key distinguishing features include: [1]

Independent Review Organization (IRO)

  • selected by organization and approved by government entity
  • billing review and oversight
  • oversight of legal/financial arrangements

Independent Monitor

  • selected by the OIG, paid by the organization
  • conducts quality reviews or other specific reviews
  • has broad access and independent authority to conduct pertinent investigations

At Quandary Peak Research, we pride ourselves on being a trusted advisor who has supported the technology and clinical needs of many clients in multiple healthcare sectors. Our clients include healthcare facilities, providers, medical device manufacturers, electronic health record (EHR) vendors, pharmacy technology vendors, and life science organizations. We are experts in evaluating allegations of false claims related to the quality of technology for healthcare and/or corporate integrity issues. Our experts assess Health IT technology against various Federal health care regulations and industry standards. In addition to being trusted consultants and advisors to multiple enterprises, we have had the unique experience of serving all participants in the Health IT ecosystem, including non-profits, research institutions, and the Federal Government.

Quandary Peak Research recently served as an independent Software Quality Oversight Organization (SQOO) under the Corporate Integrity Agreement between eClinicalWorks, LLC and the Office of the Inspector General of the United States Department of Health and Human Services – a first of kind 5-year Corporate Integrity Agreement administered jointly by the Office of the National Coordinator for Health IT (ONC) and the Office of the Inspector General (OIG) of the U.S. Department of Health and Human Services. Our focus and passion is to help our clients improve patient safety and ensure regulatory compliance by proactively identifying and remediating gaps related to Health IT. Our Health IT expertise includes Software Development Lifecycle, Software Quality, Health IT Standards, Electronic Prescribing and e-Medication workflows, Human Factors Engineering and Usability, Patient Safety Risk Compliance and Best Practices, Regulatory affairs, Interoperability, and Cybersecurity.

What We Do:
  • EHR Governance & Reporting
  • Patient Safety Reportable Events
  • Software Quality Management Oversight and Training
  • Data Management (Governance, Security, Quality)
  • e-Medications and Orders (e-Prescribing, Labs, DI)
  • Clinical Informatics (Human Factors, Display Standards, Alert Logging)
  • Clinical Decision Support and AI in Healthcare
  • Software Operations and SDLC Audits
  • Information Security & Cybersecurity
  • Privacy Controls (HIPAA, GDPR, CCPA)
  • Software Quality Assurance, Testing and DevOps Oversight
  • Medical Coding and Billing Standards Implementation


What We Know:
  • Corporate Integrity Agreements (CIA)
  • Software Quality Oversight Organization (SQOO)
  • Independent Verification & Validation (IVV)
  • Independent Consultative Experts (ICE)
  • Independent Review Organization (IRO)
  • Certified Health IT and Meaningful Use Requirements
  • Medical Device Software – SDLC (ISO/IEC 62304) and best-practices
  • Medical Devices – Quality Management Systems Requirements (ISO/IEC 13485)
  • Medical Devices – Application of Risk Management (ISO/IEC 14971)
  • Information Security Management (ISO/IEC 27000 Series) and best-practices
  • NIST (SP800 Series, CSF, SP1800 Series)
  • HITRUST (Common Security Framework)
  • Privacy Regulations (HIPAA, GDPR, CCPA)

Speak with a Health IT Expert today