Specializing in HITRUST, ONC Certification & AI Governance

With over 13 years supporting 100+ healthcare technology clients and running ~200 test events and assessments, I bring unique expertise in navigating the intersection of HITRUST, ONC certification, and emerging AI compliance requirements. As a recognized contributor to the Coalition of Health AI Privacy and Cybersecurity Profile, I help organizations build robust compliance programs that address today’s requirements while preparing for tomorrow’s challenges.

Distinctive Expertise

  • HITRUST Implementation: Certified CSF Practitioner with 5+ years conducting risk-based assessments
  • ONC Certification: 13+ years supporting 100+ clients as part of an ONC-Authorized Test Lab and Certification Body
  • AI Governance: Credited collaboator of healthcare AI privacy and security frameworks, expert in ONC HTI-1 (b)(11) requirements for predictive decision support
  • Cloud Security: Deep experience with AWS healthcare implementations and shared responsibility models

Comprehensive Compliance Support

I help healthcare technology organizations:

  • Conduct HITRUST internal readiness and assessment functions
  • Navigate ONC certification requirements
  • Implement AI governance frameworks
  • Develop integrated compliance strategies across HITRUST, ONC, and AI domains

Why Choose Me?

  • Proven Track Record

    • Led cybersecurity assessments for diverse healthcare environments
    • Consistently recognized for launching new service lines
    • Expert in healthcare data governance and security controls

  • Forward-Looking Expertise

    • Member of CHAI and NIST AI Safety Consortium work groups
    • Experience with AI verification frameworks, LLM benchmarking, and AI Red Teaming tools
    • Developer of NIST AI RMF and ISO 42001 compliant governance policy templates

  • Deep Healthcare Technology Understanding

    • Technical reviewer for major EHR vendor quarterly attestations
    • Expert in FHIR Client API requirements
    • Comprehensive knowledge of healthcare regulatory compliance frameworks

Services Tailored to Digital Health Innovation

  • HITRUST internal assessment function development
  • ONC certification readiness evaluation
  • AI governance program implementation
  • Integrated compliance strategy development
  • Cloud security architecture review
  • Third-party risk assessment optimization

Ready to Transform Your Compliance Program?

Let’s discuss how my unique blend of HITRUST, ONC, and AI governance expertise can help your organization build a future-ready compliance program.