Medplum Monthly Update - June 2026
The headline this month: Medplum achieved HITRUST certification, a validation of our security and compliance program. June was also another busy month of shipping, with 200+ commits from 25+ contributors and nine patch releases — v5.1.14 through v5.1.22.
Scheduling saw a lot of activity. The Provider App gained a reusable inbox shell, and operation-based claim submission. SMART Health Cards and Links arrived with a QR code scanner, the Enterprise data warehouse export was released, and the AI workspace added configurable model routing. The platform also gained email-based multi-factor authentication, enforceable per project.
All of this continues to drive forward our 2026 roadmap priorities.
Features
Scheduling
Building on May's operation suite, June moved scheduling to a Beta release and tightened the rules around how appointments are booked:
- Scheduling API Beta — The appointment operation suite is now a Beta release, and the older Slot-based alpha implementations have been removed in favor of the appointment-based flow
$bookalignment enforcement — Booking now enforces scheduling alignment, and$findsupports nondivisible alignment times so slots respect configured intervals- Planning horizon constraints — Scheduling operations are now constrained by
Schedule.planningHorizon, and scheduling parameters can be inherited from theHealthcareService - Availability defaults — Availability now defaults to "always" when unset, with the requested time slot included in availability error messages for clearer feedback (Rohith Vangalla)
- Provider scheduling flow — The Provider App streamlines encounter creation, links
Appointment.slot, adds an Appointment confirm button, and moves to FullCalendar v7 - Cancelled-appointment slots — The schedule view now hides slots tied to cancelled appointments, so a cancellation frees the time back up instead of leaving a stale block
Provider App
The Provider App gained reusable building blocks and revenue-cycle improvements:
- ResourceBoard inbox shell — A new React shell that encapsulates inbox logic, providing a reusable foundation for task and worklist views
- Performing practitioner in care teams — Care team fields now support a performing practitioner, improving attribution in clinical workflows
- Operation-based claim submission — Claim submission now uses a server-side FHIR operation, and the app creates or updates the
Claimduring export or submit, simplifying the billing integration - Patient documents tab — A dedicated documents tab on the patient view, with inbound faxes now stored as
DocumentReferenceresources so they land in the chart alongside other records - Medications in the patient summary —
MedicationStatementresources appear in thePatientSummarycomponent, and bothMedicationStatementandDocumentReferencenow resolve to readable display strings (Cody Ebberson) - Self-service registration — A Register page for the Provider App lets new users sign up directly, with the reCAPTCHA widget hidden in the app shell (Cody Ebberson)
- Navigation polish — Navbar visual tweaks and a HeaderDropdown refactor (Kevin Shaw), plus fixes to the back button after fax loading and to autoscrolling (Noah Silas)
AI
David Yanez and
Maddy Li
AI work centered on the Spaces workspace — the in-app AI assistant in the Provider App — and real-time documentation:
- Configurable model routing — Spaces now supports a configurable base URL and a dynamic model list, so deployments can route AI requests through their own gateway to control cost and security
- AI real-time questionnaire form and real-time voice — A real-time questionnaire form plus voice input improvements that keep the socket active during a session
- Spaces UX — Prompt composer UI updates and grouping of each FHIR request with its corresponding response for clearer traceability
The Spaces documentation covers setup, the agent loop, and how to author the system prompts that drive its behavior. Here is a short walkthrough:
Identity, Sharing, and Documents
- Multi-factor authentication — A new email-based MFA method, plus a project-level
mfaRequiredsetting that enforces MFA for every member, with documentation for enabling it (Derrick Farris) - External token exchange across project memberships — Token exchange now works across project memberships, for users who span multiple projects
- Attachment handling — Inline attachments in
Patient/$everything, base64 data support in<AttachmentDisplay>, and cursor pagination across patient-everything and multi-type searches - Patient invite with RelatedPerson — The user invite endpoint accepts a
Patientto support RelatedPerson, enabling caregiver and proxy access (Maddy Li)
Enterprise: Data Warehouse and Reliability
Enterprise scale and infrastructure work made the analytics export production-ready and hardened the data layer:
- Data warehouse export controls — Configuration for which tables to sync, include/exclude filters, restored
ORDER BY, and DuckDB lifecycle cleanup give data teams precise control over what reaches their lakehouse - Transaction-scoped repositories — Repository connections are now transaction-scoped, with idle-in-transaction time tracked, improving reliability under load
- FHIRPath Patch — A FHIRPath Patch utility wired into the server for targeted resource updates (Matt Willer)
- Project-level SMTP — Projects can now configure their own SMTP settings for sending email (Darren Eam)
Agent and Connectivity
The on-premise Agent — Medplum's connectivity service for legacy healthcare systems and HL7 interfaces — saw a concentrated round of reliability work this month:
- Durable HL7 message queue — The Agent now persists inbound HL7 messages to a durable queue, so messages survive restarts and transient outages instead of living only in memory
- Resilient
Agent/$upgrade— A batch of fixes to the Agent upgrade flow: no more duplicated messages during an upgrade, a guard that checks for the upgrade artifact before unlinking it, and a documented upgrade bugfix, alongside a newAgent/$upgradedocumentation page - Reconnection hardening — The Agent now reconnects across a range of error states, records the acknowledgement before returning in acknowledgement-only mode, and triggers a clean shutdown before awaiting channel start
Agent/$reload-config— A documented operation to reload a deployed Agent's configuration without a full restart- WebSocket subscription reliability — A series of fixes recreate WebSocket subscriptions on reconnect, tear down the Redis listener cleanly on shutdown, bind the message listener before subscribing, and send a handshake on connection establishment
Compliance
Cody Ebberson and
Reshma Khilnani
Medplum achieved HITRUST certification this month — the headline of our compliance track. HITRUST is one of the most rigorous, prescriptive security frameworks in healthcare, and certification gives customers third-party assurance of Medplum's security and compliance program for their own vendor reviews. Several other pieces of the track also moved:
- HITRUST documentation — Published HITRUST documentation alongside the certification, and pointed compliance references at the Medplum Trust Center (with an updated Vanta Trust Center link)
- SMART Health Cards and Links — Support for SMART Health Cards and Links, including a QR code scanner and updates for the CMS "Keep the Card" (KTC) program, giving patients a verifiable, portable record
Patient/$matchwith CMS criteria — The patient match operation now follows CMS matching criteria, aligning identity resolution with federal guidance- Patient data access fixes — Corrected
Patient/$everythingpagination links and normalized C-CDA address handling, keeping patient-record exchange complete and standards-conformant (Joshua Kelly) - Electronic prior authorization — Continued progress on electronic prior authorization toward the HTI-4 requirements ahead of the January 2027 enforcement date
Documentation
- Self-hosting fixes — Corrections across the Azure, GCP, and Kubernetes self-hosting guides, a Debian package fix that preserves local edits on upgrade and restores the DuckDB native dependency, and production Docker base images pinned to Node 24.18 (Karl Pietrzak)
Provider App and platform
- Shared Projects — New documentation on shared projects (Finn Bergquist)
- Multi-lingual FHIR support — Docs and a demo app for multi-lingual FHIR support (Ian Plunkett)
- Agentic engineering guide — A new agentic engineering guide and companion blog post (Everett Williams)
- AI real-time docs and Alpha/Beta feature expectations — Documentation for the AI real-time operation and a guide to what Alpha and Beta feature labels mean (Andy Stoneman, Noah Silas)
Integrations
- Electronic prescribing — Expanded e-prescribe documentation, including prescriber profile setup and staging NPI creation (Andy Stoneman, Maddy Li)
- Lab orders — Public docs for lab account number updates (Andy Stoneman)
- Clearinghouse claim submission — Claim submission documentation for clearinghouse connectivity (Finn Bergquist)
Bug Fixes
FHIR and billing
- Render CMS-1500 Box 24E diagnosis pointers correctly (contributed by Andrew Wong)
- Prevent duplicate resources in
convertToTransactionBundle(contributed by Steven Matthiesen) - Normalize address part text nodes in C-CDA
mapAddresses(contributed by Joshua Kelly)
Server and async
- Stop polling a cancelled
AsyncJobby returning 200 from the status endpoint, and addAccept-Encoding: identityto token exchange (contributed by Raphael Malikian) - Bound the 401 retry in
MedplumClientto prevent infinite retry loops (contributed by Joshua Kelly) - Paginate AWS Textract results via
NextToken(contributed by Jake Diaz-Iglesias) - Recreate WebSocket subscriptions on reconnect (contributed by Drew McDonald)
- Record the authenticating
ClientApplicationonAuditEvent.agent[](contributed by Jesse Carter)
From the Blog
Longer-form writing published this month:
Medplum Achieves HITRUST e1 Certification by Reshma Khilnani — The certification announcement and what it means for customers
Medplum Scheduling API: Beta Release by Noah Silas — A deeper look at the appointment operation suite now in Beta
Large Patient Charts by Cody Ebberson — Handling patients with very large charts at scale
Vibe Coding on Medplum by Everett Williams — Building on Medplum with AI coding assistants, the companion to the agentic engineering guide
From BLE to FHIR: Streaming Clinical-Grade Biosignals with AnyBio + Medplum by Stephen Saine — Streaming device biosignals into FHIR
Releases
- v5.1.14 — June 1
- v5.1.15 — June 3
- v5.1.16 — June 8
- v5.1.17 — June 9
- v5.1.18 — June 15
- v5.1.19 — June 20
- v5.1.20 — June 20
- v5.1.21 — June 20
- v5.1.22 — June 24
Looking Ahead
June brought scheduling to Beta, made the Enterprise data warehouse export production-ready with selectable table sync, and added configurable model routing to the AI workspace. SMART Health Cards and Links, operation-based claim submission, and a reusable inbox shell round out a month focused on Provider App depth and platform reliability.
Join us on Discord to share feedback or follow along on GitHub.