MyRxWallet operates at the highest standards of regulatory compliance. We do not finesse rules, find loopholes, or cut corners. Every claim on this page is verifiable. We link directly to the source. If we say we filed something, you can look it up. If we say a standard is live, you can test it. We serve patients and providers with the integrity that healthcare demands.
๐๏ธ Federal Filings & Engagements
Direct submissions to federal agencies
USCDI v7 Public Comment โ Submission #703
ONC / HealthIT.gov
Filed April 11, 2026. Proposed "Patient Digital Identity Credential" as a new USCDI v7 data class โ patient-owned NFT wallet address as a healthcare interoperability identifier.
โ Filed
View USCDI Program โ
FDA DSCSA EDDS Concept Paper
FDA CDER / Drug Supply Chain Security Act
Concept paper submitted to FDA CDER proposing MyRxWallet as a patient-facing drug provenance verification layer under the DSCSA Enhanced Drug Distribution Security pilot program.
โ Submitted
View DSCSA Program โ
ONC Interoperability Engagement
HHS Office of the National Coordinator for Health IT
Direct engagement with ONC leadership regarding MyRxWallet's SMART on FHIR implementation, patient identity architecture, and USCDI alignment. Correspondence on file.
โณ In Progress
Visit HealthIT.gov โ
HSCC Cybersecurity Working Group
Health Sector Coordinating Council (HSCC)
Engagement with HSCC Cybersecurity Working Group for partnership on healthcare cybersecurity standards. Formal correspondence submitted to HSCC leadership April 2026.
โณ In Progress
Visit HSCC โ
TEFCA / QHIN Application
ONC Trusted Exchange Framework
Preparing application to participate in TEFCA (Trusted Exchange Framework and Common Agreement) as a Qualified Health Information Network participant. Patient-as-requester conduit model.
โณ Preparing
View TEFCA โ
ONC ยง170.315(g)(10) Certification
Standardized API for Patient & Population Services
SMART on FHIR OAuth 2.0 + PKCE authorization server is live. US Core FHIR R4 profiles implemented. Inferno test suite run in progress. Full ONC certification pathway active.
โณ In Progress
Inferno Test Suite โ
โ๏ธ Live Technical Standards
Implemented, deployed, and testable right now
SMART on FHIR โ OAuth 2.0 + PKCE
HL7 SMART App Launch Framework 2.0
Full OAuth 2.0 authorization server with PKCE. Discovery document live. Token introspection, revocation, and dynamic client registration all operational.
โ Live
View Discovery Document โ
FHIR R4 โ US Core Profiles
HL7 US Core Implementation Guide v6.1
Patient, Encounter, Observation, Condition, MedicationRequest, AllergyIntolerance, Immunization, Procedure, DiagnosticReport, DocumentReference, Goal, CarePlan, Practitioner, Organization, Coverage.
โ Live
View CapabilityStatement โ
SSL/TLS Certificates โ All Domains
Let's Encrypt / ISRG
All 6 domains protected with valid TLS certificates. Auto-renewing. HSTS enabled in production. Strict-Transport-Security header enforced.
โ Live
SSL Labs Test โ
Provider NPI Verification
CMS NPPES National Provider Identifier Registry
Every provider signup verified against the NPPES NPI registry in real time. Name-NPI mismatch flagged automatically. No unverified providers gain platform access.
โ Live
NPPES Registry โ
OIG LEIE Exclusion Screening
HHS Office of Inspector General
Every provider application screened against the HHS OIG List of Excluded Individuals/Entities. Excluded providers are flagged and held for admin review. Never auto-approved.
โ Live
OIG Exclusions โ
Immutable Audit Trail
SHA-256 Hash-Chained Event Log
Every data access, consent grant, and revocation is SHA-256 hashed and logged. On-chain anchoring via MyRx-Chain (proprietary Hyperledger). Tamper-evident. Regulatorily defensible.
โ Live
๐ Standards & Framework Alignment
Frameworks and standards our architecture is built against
HIPAA
Privacy & Security Rules โ conduit architecture, zero PHI custody
FHIR R4
HL7 Fast Healthcare Interoperability Resources v4.0.1
US Core v6.1
ONC-required FHIR profiles for all 15 data types
SMART App Launch
HL7 SMART on FHIR v2.0 โ OAuth 2.0 + PKCE
USCDI v3+
United States Core Data for Interoperability
DSCSA
Drug Supply Chain Security Act โ serialized drug verification
NIST AI RMF
AI Risk Management Framework โ governs Sentinel AI agent
21 CFR Part 11
FDA Electronic Records โ hash-chained audit trail compliant
TEFCA
Trusted Exchange Framework โ QHIN application in progress
GS1 Standards
2D DataMatrix barcode scanning for drug serialization
CDA R2.1
C-CDA Clinical Document Architecture โ import supported
OAuth 2.0 RFC 6749
Token revocation RFC 7009, introspection RFC 7662
๐ Privacy & Security Architecture
How our architecture protects patients by design
Zero PHI Custody โ Conduit Model
MyRxWallet is a data conduit. Patient health data is encrypted with the patient's own key before it leaves their device. We store only encrypted blobs and cryptographic hashes. We cannot read patient data even if we wanted to. A breach of our servers exposes nothing readable.
โณ Architecture in progress โ SQLite interim until MyRx-Vault live
On-Chain Consent โ MyRx-DAO
Every consent grant and revocation is recorded on MyRx-Chain (proprietary Hyperledger). Any access to patient data without a valid consent token on-chain is a provable violation by the violator โ not MyRxWallet. Liability is where it belongs: on those who act without consent.
โณ MyRx-Chain deployment in progress
Security Headers โ All Responses
X-Content-Type-Options, X-Frame-Options: DENY, X-XSS-Protection, Referrer-Policy, Permissions-Policy, and HSTS enforced on all API responses in production.
โ Live
๐ฃ Honest Disclosure
What we are, and what we are building toward
MyRxWallet is a live, deployed platform with real infrastructure serving real users. We have an EHR backend, patient and provider portals, a SMART on FHIR authorization server, US Core FHIR profiles, provider credentialing with NPI and OIG checks, and a consent access system โ all operational.
We are not yet ONC-certified. Certification requires passing the Inferno test suite and completing the ONC developer registration process โ both in progress.
We are not yet on a live blockchain. MyRx-Chain (Hyperledger Fabric) is in development. Current data is stored in a HIPAA-compliant SQLite database while the chain is built.
We operate with full transparency. Every milestone on this page is real. Every "in progress" item is honest. We do not claim what we have not built. We do not hide what we are still building.
Questions About Our Compliance?
Reach our team directly. We welcome auditors, regulators, and partners.
Contact Trinh@myrxwallet.io