Field notes

Commentary, reviews, and real numbers.

Notes from sixteen years of clinical safety, defect prevention, and healthcare data engineering. ONC, CMS, HIPAA, MHMDA, FHIR. What the enforcement record actually shows, what the engineering bar actually is, and why patient data ownership is not optional.

How to prove HTI-1 readiness (most teams can't)

Most healthcare teams assume HTI-1 compliance instead of proving it. A "200 OK" is not conformance. Here is how to pressure-test your readiness against the actual implementation guides before an audit or a breach finds the gaps.

Read more →

The call that never comes

The best surveillance result is the one you already knew was coming. How upstream conformance testing and a 15-year zero-defect record keep Friday quiet.

Read more →

Why we cite our sources

Our rule: never use a number we cannot link to its source. ONC, HHS OCR, and CMS already maintain the public record. We cite it and treat the buyer like a peer.

Read more →

More posts coming. Subscribe via LinkedIn for cross-posted versions.