Firely Server Cures Act Certified Solution 

170.315(g)(10) – Standardized API for Patient and Population Services Certification Criteria 

21st Century Cures Act Solution

21st Century Cures Act

As of December 31, 2022, all EHR’s need to meet requirements for patient and population services criterion §170.315(g)(10) – 2015 Edition Cures Update and get certified by ONC-Authorized Testing Labs.

Firely provides a turn-key FHIR Server, certified under the Office of the National Coordinator for Health Information Technology’s (ONC) Health IT Certification Program.

Certification details

HIT Vendor: Firely B.V
Address: Westerdok 442, 1013BH Amsterdam, the Netherlands
Phone number: 0031202461241
Date Certified: 02/08/2023
Product: Firely Server 5
Certification number:

Firely Server is certified for the below criteria of the Cures Act. 

170.315(d)(1) Authentication, Access Control, Authorization 
170.315(d)(9) Trusted Connection 
170.315(d)(10)Auditing Actions on Health Information (Cures Update)
170.315(d)(12) Encrypt Authentication Credentials (Cures Update)
170.315(d)(13) Multi-Factor Authentication (Cures Update)
170.315(g)(4) Quality Management System 
170.315(g)(5) Accessibility-Center Design 
170.315(g)(10) Standardized API for Patient and Population Services (Cures Update)

This Health IT Module is 2015 Edition compliant and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services.

The certified endpoint of Firely Server is available for testing purposes only. The OpenAPI Swagger documentation is available here.

Price transparency 

The pricing of Firely Server consists of an annual license fee and depends on the Tier (Starter or Premium) and the number of production instances:

  • The Starter Tier includes a single production instance. The Premium Tier includes advanced features and scaling capabilities.
  • Development and test instances are included in the license. 
  • Additional fees apply for extending Firely Server with Bulk Data Export, Firely Server Ingest, Firely Validator and/or Firely Auth. 
  • The SMART on FHIR plugin is included in the Firely Server license fee.
  • Fees are yearly, and inclusive of support and maintenance.  
  • Fees are not dependent on data volumes, or the number or resources, API calls, connected apps, patients, care providers or users, or infrastructure or hardware – subject to the following: additional production instances may be required for scaling, fail-over or on-premise installations on multiple sites. 

Technical Documentation 

All technical documentation required for evaluating, implementing and hosting Firely Server are available on the documentation site.

Trial Edition 

The fully-featured, (g)(10) compliant Trial Edition of Firely Server can be downloaded here.

Please read the eBook How to Test Firely Server on Inferno to learn about testing your own instance of Firely Server against the ONC Inferno environment. 


There are two ways in which you can use Firely Server to meet the (g)(10) certification criteria: 

  1. Use certified software: you can use the Firely certification CHPL ID to add Firely as a module to meet the Cures Act requirements. In this scenario, Firely Auth is required. 
  2. Become certified yourself: you can use Firely Server to meet the technical requirements for the FHIR APIs in order to obtain certification. In this scenario, you can use your own Identity Provider for authentication and authorization in combination with the SMART on FHIR plugin (included in Firely Server). 

Both scenarios require the Bulk Data Export plugin.

Firely Server FHIR Endpoints  

Here you can find the endpoints of Firely Server installations using the Firely certification CHPL ID.


The below conditions apply. 

  • No limitations or restrictions apply for using Firely Server, other than defined in the license for scaling. 
  • Firely will not maintain any relationship with end-users, e.g. customers or users of our customers, patients or third-party app developers, of the Firely Server API.  
  • In accessing data, there are no limitations or restrictions set by Firely.  
  • Firely does not have access to any PHI. Hosting and infrastructure are handled by the customer. 
  • Our customers are free to market, offer, and distribute products and services related to Firely Server within the scope of the license (the number of production instances). 
  • Firely guarantees the required support, maintenance, documentation to enable the implementation, deployment and use of Firely Server.  
  • The terms and conditions of Firely products apply. In addition to these terms and conditions, the all provisions on this page are part of the license agreement between Firely and customers who use Firely Server for the ONC Cures Act certification.