Andrew Holm-Hansen

Andrew Holm-Hansen worked in Health IT for 15 years before joining Quandary Peak Research as a Health IT Solutions Architect. He led several development teams during his career at Vanderbilt University Medical Center, with responsibilities ranging from EHR Integration to Clinical Decision Support Development and DevOps pipeline implementation, before transitioning into Enterprise Architecture.

His development work focused primarily on patient care applications and operationalizing predictive machine learning models driven by clinical and business event stream processing. As an Enterprise Architect, he distilled complex information that cut across legal, staffing, and technology boundaries, to provide decision-makers with actionable information.

Summary of Qualifications

Experience in conducting independent third party audits in the Health IT sector on behalf of the Office of National Coordinator for Health IT (ONC) and the Office of Inspector General (OIG).
Strong knowledge of enterprise development conventions and practices, specifically in the Health IT domain.
TOGAF certified Enterprise Architect responsible for documenting and designing transition plans for two large scale EHR migrations.
Excellent communicator capable of presenting complicated technical information in clear terms, suitable to the audience.
Classical computer science background.

Management, Audits, & Compliance Consulting

SQOO Project | Apr 2019–May 2022
Participated in eCW Corporate Integrity Agreement (CIA) as a member of the Software Quality Oversight Organization (SQOO) responsible for advising eClincalWorks (eCW) on creation and execution of a transition plan to reach compliance with the The Office of the National Coordinator for Health Information Technology (ONC) and Office of Inspector General (OIG).
As part of the SQOO, I advised and worked closely with the internal eCW Solution Architecture team to improve software quality with a goal of measurably reducing risk to patient safety.
Worked with eCW leadership and SQOO team members to identify gaps in strategic capability and align plans for IT procurement, hiring and resource allocation to address these gaps.
As part of the SQOO, I investigated causes of software failure and sources of patient safety risk, presenting these findings to the OIG/ONC along with recommendations for remediation. This required communicating complicated technical and patient safety risks to a non-technical audience.
In addition to the above, my work with the SQOO included:
- Evaluating risks in software architectures
- Evaluating SDLC and software risk management practices
- Evaluating compliance with ONC-certifications and recommendations for EHR software
- Evaluating code management and code deployment strategies and plans
- Evaluating the quality of software in accordance with industry standards and best practices
- Documenting the structure and behavior of complex systems
- Making recommendations for improving software safety, reliability, and maintainability based on industry best practices
Masonicare, v. Cerner | 2022–Present
Assisting with the review and discovery production of electronic health record implementation components relevant to the case and providing analysis regarding industry standards for electronic health record implementation.
Kilterly v. SolutionStream | 2021
Provided analysis of SDLC and DevOps process, and execution of those processes. Provided analysis of software quality, architecture and design.
eClinicalWorks, LLC and the Office of the Inspector General of HHS Software Quality Oversight Organization | May 2019–Present
Member of the Software Quality and Oversight Organization (SQOO) under the Corporate Integrity Agreement between eClinicalWorks LLC and the Office of the Inspector General of the United States Department of Health and Human Services dated May 30, 2017. Serving as an independent audit and oversight organization covering a technical review of EHR software and development processes as it relates to patient safety.
The project includes software process and source code review, including review of past issues, recommendations for risk and quality management systems, design controls, improvements to software development and testing processes, code review and manual and automated code quality analysis.

Litigation Experience

Aetna Inc. v. Mednax, Inc. | 2020
Provided analysis of a pediatric EHR for the client and produced material for an expert report.
Analyzed opposing expert report and wrote rebuttal arguments identifying multiple flaws and inaccuracies.
FinancialApps, LLC v. Envestnet, Inc. and Yodlee, Inc. | 2019–Present
Provided analysis of complex financial systems including analysis of software, documentation, design specifications, architecture decisions and operational processes for expert report.
WIPRO Limited, LLC v. State of Nebraska | 2019–Present
Provided analysis of a large systems integration project including analysis of software, documentation, solution and data architecture design specifications, TOGAF enterprise architecture artifacts and operational processes.

Technical Due Diligence

Acquisition Expert Consultant | 2021
- Analyzed architecture plan and implementation details of large content aggregation and comprehension system
- Performed code quality and Cyclomatic complexity analysis
- Evaluated Lambda Architecture implementation and fit for purpose
- Evaluated CI/CD process that used Ansible and Terraform in AWS

Areas of Expertise

Tools: Linux , Windows, Eclipse, Java Application Servers (Tomcat, Weblogic, OC4J, JBoss), SVN/CVS/git, Oracle, Postgres, mysql, Jenkins, Bamboo, CI, Tibco BW/BE, SOA, TOGAF, Jira, Confluence
Languages, Protocols and Formats: Java, Python, Bash, Sed/Awk, XML, HTML, Javascript, HL7, FHIR, mLLP, TCP/IP
Frameworks: Spring, JEE, J2EE, Struts, DWR, jQuery, AngularJS, Hibernate and My/IBatis, TIBCO
Methodologies: XP, Agile, BDUF, Waterfall. TOGAF. Domain Driven Development

Download Andrew’s CV