ONC revealed the "Secure API Server Showdown Challenge" in an Oct. 10 agency blog post by Steven Posnack, director of the ONC's Office of Standards and Technology.
The challenge invites health IT stakeholders to build secure servers based on the FHIR, or Fast Healthcare Interoperability Resources, framework. Since the FHIR framework does not define security protocols, developers must pair it with appropriate standards.
"Ultimately, the challenge aims to identify unknown security vulnerabilities in the way open source FHIR servers are implemented, and will result in a hardened code base from which all stakeholders can benefit as they deploy FHIR servers in the future," Mr. Posnack wrote.
In the first stage of the challenge, participants will build a secured FHIR server. Three selected servers will advance to the second stage, in which security experts will attempt to detect vulnerabilities in the servers. The winning servers' source code will be made publicly available, along with confirmed vulnerabilities.
The second phase of the challenge will include three prizes, totaling $7,500, $5,000 and $2,500, respectively. There will also be two $2,500 bonus prizes available.
Click here to view the blog post.