for HHS under ONC that provides high-level testing services for software developers in the healthcare space, as well as in other industries. Through our test offerings—auditing, quality assurance, conformance testing, customer software test lab services, software certification, web services tests, interoperability testing, and more—we give your EHR, Practice Management system, point-of-sale software, and other platforms the credibility they need to sell.
Drummond Group is
an accredited lab and certification body
- Quality Assurance
- Conformance Testing
- Customer Software
- Software Certification
- Web Services Tests
- Interoperability Testing
The Faces You’ve Been Waiting For
Meet our Management Team
He has a strong understanding of the business value of interoperable standards and independent certification and has actively contributed within the standards community for nearly 30 years. Brian joined the Drummond Group in 2016 after developing and managing the market leading Business-to-Business integration and Managed File Transfer software portfolios at Sterling Commerce and then with the IBM Corporation. During this period, he also led the Standards and Certification function ensuring product interoperability through close interactions with Drummond Group since 1999.
In 2003, he was instrumental in overseeing the software design, development, and project management of Rik Drummond’s vision of InSitu®, Drummond Group’s patented Interoperability Test Automation System which has been in use for AS1, AS2, and AS3 Interoperability testing since 2004. In the health sector area, he was the primary lead in launching Drummond Group’s Controlled Substance Ordering Systems (CSOS) and electronic prescription of controlled substances (EPCS) Certification programs and continues to lead them. Gomez also leads the technical research activities and new opportunities to form the basis for strategic decisions alongside Brian Gibb.
He is just as comfortable at the Governance level with Enterprise Risk Management (ERM), security policies, standards and operations, and a variety of compliance areas including HIPAA, HIPAA HITRUST, DEA EPCS, FERPA, FFIEC, GLBA, ISO 27001, ISO 27002, SAS 70, SSAE 16, PCI DSS and SOX. Ken is also skilled in the areas of penetration testing and computer forensics.
Ken received his received his Masters in Technology Management from the University of Phoenix, and his Bachelors in Computer Information Systems from Arizona State University. Ken holds the following degrees and certifications: MBA, CISSP, CISA, CISM, CRMA, MCSE, MCT, CIPP, and HITRUST CCSFP.
Peter’s strengths include:
• Developing viable enterprise risk management and information security programs, strategies, policies, procedures, standards, and guidance
• Planning, designing and directing the implementation of complex security architectures
• Reviewing enterprise privacy controls, developing privacy strategies, and implementing supporting infrastructures
• Analyzing enterprise security control systems and collaborating with cross-functional business teams to determine, communicate, and plan for business continuity needs
• Assessing risks and vulnerabilities associated with organizational architecture and design and assigning appropriate mitigation strategies
Peter earned a Bachelors of Science degree in Communications from Ithaca College and a Master of Science degree in Telecommunications and Network Management from Syracuse University.
Additionally, Peter co-authored the Thales eSecurity Limited Edition book, PCI Compliance & Data Protection for Dummies. He has also authored multiple articles featured in such publications as CMSWire, BankInfoSecurity.com and SC Magazine Online.
Peter further served as President of the ISACA Western New York Chapter 2009-2012 and Certification Director of the Atlanta Chapter 2013-2014. He also served as an Adjunct Instructor at the University of Maryland University College 2011-2014 where he instructed courses including: Information Systems in Organizations, Ethics in Information Technology, and Foundations of Information Security.
Areas of Specialty
• Risk Management
• Information Assurance
• Security Strategy
• Data Protection
• Vulnerability Management
• Application Security
• Security Awareness
• Business Continuity Planning
• Change Management
• Identity Management
Want to work for us?
We’re currently looking for a few new team members – If you’re a passionate worker and think you have what it takes, send your resume and details to email@example.com for all opportunities.