Your Data Health
YOURDATA.HEALTH

Automated FHIR Compliance Tools You Own and Operate

info@yourdata.health

Healthcare Compliance Checklists

Four self-assessment checklists, one per buyer segment. Run through the one that matches your role to see where you stand against the rule. When you're ready for a citation-level audit, book a call and we'll scope it.

Which one applies to me?

  • Payer (Medicare Advantage, Medicaid Managed Care, CHIP, ACA Exchange issuer): CMS-0057 + CMS-9115
  • PBM: CMS-9115 (Patient Access surface; Pharmacy Directory)
  • Utilization Management organization: CMS-0057 Part 1 (Prior Auth workflow)
  • Health system / Provider: HTI-1 / USCDI Provider
  • EHR vendor / CHPL-certified Health IT module: HTI-1 / USCDI Provider
  • Digital-health startup raising or selling into either side: start with Payer-Ready, then layer in the relevant CMS or HTI-1 checklist
General Technical Due Diligence

Payer-Ready Checklist

For HealthTech startups seeking Payer or Provider contracts

Technical due-diligence items across FHIR, USCDI, HTI-1 readiness, MHMDA privacy posture, BAAs, architecture documentation, and end-to-end test coverage. Best as a first pass before deeper rule-specific checklists.

13 items · 4 sections

Open checklist →
CMS-0057-F · All 3 Parts

CMS-0057 Interoperability + Prior Auth

For Payers, PBMs, and Utilization Management organizations

Prior Authorization API (DaVinci PAS) + decision-timeline SLAs (7-day standard, 72-hour expedited) + denial reason structure. Patient / Provider / Payer-to-Payer API expansions. Public reporting metrics with first report due 2026-03-31.

36 items · 3 parts

Open checklist →
CMS-9115-F

CMS-9115 Patient Access + Provider Directory

For Payers (MA, Medicaid MC, CHIP, ACA Exchange)

Patient Access API (CARIN Blue Button), Provider Directory API (DaVinci PDex Plan-Net STU 2), original Payer-to-Payer with migration flag for CMS-0057 expansion, hospital ADT notifications, and information-blocking posture.

29 items · 5 sections

Open checklist →
ONC HTI-1 + USCDI v3 / v4

HTI-1 / USCDI Provider Checklist

For health systems, EHR vendors, and CHPL-certified Health IT

ONC HTI-1 certification criteria, USCDI v3 / v4 data classes including SDOH and SOGI, (b)(11) Decision Support Intervention transparency, (g)(10) FHIR APIs, information blocking, Real-World Testing, Inferno conformance, and CHPL surveillance recovery.

40 items · 8 sections

Open checklist →

Ready for a citation-level audit?

The checklists are the warm-up. TAP is the audit engine: live FHIR endpoint probes, citation-level findings mapped to specific CFR sections, quantified penalty exposure, and a prioritized remediation roadmap. Days, not months.

Starter Audit Guarantee: if TAP Starter finds zero critical or high-severity findings on your endpoint within 48 hours, we refund the engagement fee.

Book a Call

Free 15-minute scoping call · signed NDA on request · BAA when PHI is involved