Fractional CISO · Digital Health Security
What I Do
I work alongside your engineering and compliance teams as a senior security leader — without the cost of a full-time hire.
Security Program Design
Build a security and privacy program tailored to your stage — from foundational policies to enterprise-grade controls that satisfy hospital and health system buyers.
HIPAA & HITrust Certification
Navigate HIPAA compliance, BAA negotiation, and HITrust CSF or e1 certification with a guide who has run dozens of these engagements — not a generalist firm learning on your dime.
Vendor Risk Management
Evaluate third-party risk across your entire health data supply chain — from EHR integrations and cloud infrastructure to sub-processors handling PHI.
Board-Level Advisory
Communicate security posture to your board, investors, and enterprise prospects. I translate technical risk into the business narrative that builds confidence at the highest levels.
Why Bordeaux Group
Deep Healthcare Expertise
We work exclusively with digital health vendors, EHR integrators, and health data companies. HIPAA and HITrust aren’t frameworks we learned from a book — they’re what we navigate every day.
Director-Level Experience
Bordeaux Group is led by a Director of IT Security and Compliance with hands-on experience building security programs and achieving HITrust alignment in regulated healthcare environments.
A Partner, Not a Vendor
We stay until the job is done. From your first risk assessment to your enterprise contract signature, we operate as an extension of your team — not a firm sending you invoices for emails.
Book a 30-minute discovery call. No commitment — just a focused conversation about where your company is and what it takes to get to enterprise-ready.
Book a Discovery Call
Get in Touch
Tell me a bit about your company and where you are in your compliance journey. I read every message and reply within one business day.