Corporate Integrity Agreements Experts

Quandary Peak was the nation's first SQOO to execute a corporate integrity agreement involving health IT software.

Business network concept. Customer support. Shaking hands.

As cases involving fraud and false claims rise, so does the need for Corporate Integrity Agreement (CIA) experts. A CIA is a type of agreement or part of a settlement between a corporation and a U.S. Government entity. Under the terms of a CIA, a company agrees to multiple obligations, including, in most cases, the engagement of an Independent Review Organization (IRO). If technology is the focus, the IRO may be a Software Quality Oversight Organization (SQOO) that evaluates the company’s progress toward software-related commitments. CIAs are often complex to implement and challenging to execute.

At Quandary Peak, we pride ourselves on being a trusted advisor who has supported the technology review needs of healthcare facilities, providers, medical device manufacturers, electronic health record (EHR) vendors, and life science organizations. We are experts in evaluating allegations of false claims related to the quality of technology for healthcare and/or corporate integrity issues. Our experts assess health IT technology against various Federal health care regulations and industry standards. In addition to being trusted consultants and advisors to multiple enterprises, we have had the unique experience of serving all participants in the health IT ecosystem, including non-profits, research institutions, and the federal government.

Quandary Peak was the nation’s first SQOO to execute a corporate integrity agreement involving health IT software. Our experts have many years of experience supporting CIAs in the health IT domain, and we have provided numerous recommendations and findings under these agreements. Our focus and passion is helping our clients improve patient safety by identifying and remediating gaps related to software development, information security/cybersecurity, and electronic prescribing.

What We Do:
  • EHR Governance & Reporting
  • Patient Safety Reportable Events
  • Software Quality Management Oversight and Training
  • Data Management (Governance, Security, Quality)
  • eMedications and Orders (e-Prescribing, Labs, DI)
  • Clinical Informatics (Human Factors, Display Standards, Alert Logging)
  • Clinical Decision Support and AI in Healthcare
  • Software Operations and SDLC Audits
  • Information Security & Cybersecurity
  • Privacy Controls (HIPAA, GDPR, CCPA)
  • Software Quality Assurance, Testing and DevOps Oversight
  • Medical Coding and Billing Standards Implementation
What We Know:
  • Corporate Integrity Agreements (CIA)
  • Software Quality Oversight Organization (SQOO)
  • Independent Verification & Validation (IVV)
  • Independent Consultative Experts (ICE)
  • Independent Review Organization (IRO)
  • Certified Health IT and Meaningful Use Requirements
  • Medical Device Software – SDLC (ISO/IEC 62304) and best-practices
  • Medical Devices – Quality Management Systems Requirements (ISO/IEC 13485)
  • Medical Devices – Application of Risk Management (ISO/IEC 14971)
  • Information Security Management (ISO/IEC 27000 Series) and best-practices
  • NIST (SP800 Series, CSF, SP1800 Series)
  • HITRUST (Common Security Framework)
  • Privacy Regulations (HIPAA, GDPR, CCPA)

Speak with a Health IT Expert today