More and more Medplum users are building with AI coding assistants — Cursor, Claude, Copilot, and others. We have been talking to users about what works and wrote up what we have learned in a new guide: Building on Medplum with AI Coding Assistants. This post is the short version of what is in there.
Demonstrating commitment to cybersecurity and information protection: HITRUST Certification validates the Medplum Platform is meeting rigorous cybersecurity and data protection standards through independent assessment and assurance.
San Francisco, Calif., June 1, 2026 – Medplum, a leading provider of open-source healthcare developer infrastructure, today announced its Medplum Platform residing at Amazon Web Services (AWS) has earned certified status from HITRUST for cybersecurity and information protection.
May was a heavy month for Medplum, with 100+ commits from 20+ contributors and four patch releases — v5.1.10 through v5.1.13. Scheduling was the headline: the full appointment operation suite — $find, $hold, $book, $confirm, and $cancel — landed in Alpha. The Provider App also gained medication ordering components, order set import, and operation-based claim submission. On the enterprise side, a new data warehouse export features were enabled, and the platform team shipped passwordless magic-link login, AWS GuardDuty malware protection, and a round of OAuth2 spec-compliance fixes. All of this continues to drive forward our 2026 roadmap priorities.
On September 3, 2026 Medplum is hosting our second annual developer conference PlumCon in San Francisco. The conference is by invitation, but please Register Here.
This year's agenda brings together healthcare builders working across open source infrastructure, AI-enabled operations, Stanford Biodesign, and large-scale healthcare IT.
This agenda is preliminary and subject to change.
Medplum stayed active this April, with 130+ commits from 20+ contributors amounting to three patch releases — v5.1.7, v5.1.8, and v5.1.9. The Provider app's billing and coverage workflows took a major step forward with integrated claim submission and live eligibility visibility. Scheduling added support for service line configurations on HealthcareService, aligning with R5/R6 FHIR conventions. Spaces, an AI-powered chat workspace inside the Provider App, now surfaces tool calls and responses directly in the chat so you can see exactly what the AI is doing. Clinical documentation expanded across intake, care plans, diagnostics, authentication, and integrations. All of this continues to drive forward our 2026 roadmap priorities.
March was yet another busy month for Medplum. Three patch releases — v5.1.2, v5.1.3, and v5.1.4 — arrived alongside over 100 commits from 20+ contributors, and the work underneath the surface was just as significant as the new features. Spaces gained richer AI tooling. The communications documentation received a full suite of guides covering everything from the data model to automations. Worker infrastructure got a substantial rethink, and WebSocket subscriptions were hardened across the board. All of it continues to advance our 2026 roadmap priorities.
One of the most common questions we hear from teams evaluating Medplum is: "Can it handle our scale?" We wanted to answer that question with real data. We recently ran a formal performance evaluation against a self-hosted Medplum deployment that mirrors one of our largest production clusters, and the results speak for themselves - peak throughput exceeding 46,000 requests per second for read-only traffic and nearly 7,000 requests per second for full read/write/search FHIR workflows, with zero HTTP failures across all scenarios.
February was a productive month for Medplum. We shipped four releases — v5.0.14, v5.0.15, v5.1.0, and v5.1.1, including a minor version bump reflecting the depth of new capabilities — with over 130 commits from 25+ contributors. The biggest themes this month were WebSocket subscription stability and performance improvements, AI-powered provider experiences, scheduling refinements, and revenue cycle tooling — all advancing our 2026 roadmap priorities.
Healthcare applications require careful decisions about user authentication and access control. Whether you're building an EHR, a clinical workflow tool, or a patient portal, getting identity management right from the start will save you from costly architectural mistakes down the road.
This guide breaks down the key decisions you'll face when integrating with a FHIR-based platform like Medplum, explains the tradeoffs, and recommends approaches that work well for most healthcare organizations.
January was a packed month for Medplum. We shipped three patch releases (v5.0.11, v5.0.12, v5.0.13), published the 2026 Roadmap, and landed over 100 commits from 20+ contributors. The biggest themes this month were scheduling, the Provider app, and site reliability — all directly advancing our 2026 roadmap priorities.