Matthew Fisher

Privacy and Direct to Consumer

By Matt Fisher – What is the state of privacy in direct to consumer solutions in healthcare? It is an important question to ask because expectations and reality do not necessarily align. For example, users (patients to a degree) will see a healthcare solution and expect that standard protections will apply.

Read More

Take Care in Healthcare Marketing

By Matt Fisher – The Office for Civil Rights recently provided new lessons when it comes to mixing healthcare marketing and HIPAA. In this case, marketing is being looked at broadly to include not just communications or interactions about an organization subject to HIPAA, but also limits on the use of patient information outside the bounds of the organization.


HIPAA’s Role in Setting Good Security

By Matt Fisher – The Office for Civil Rights is promoting HIPAA as being able to prevent or substantially mitigate the impacts of a cyber attack. It is a bold statement from OCR and one that bears unpacking. Why is OCR asserting that HIPAA can prevent or substantially mitigate a cyber attack?


COVID Waivers: Preparing for the End

By Matt Fisher – How many people remember how healthcare fully operated prior to the onset of the COVID-19 driven pandemic? The question is only somewhat facetious as the delivery of care and running of organizations along with so many other components of the healthcare industry have changed to a large degree.



Power in Data: Value Against Privacy

By Matt Fisher – Data are the new currency. That saying has become entrenched as a primary cliche describing the way of the world nowadays. The value of data has become especially true in healthcare. So many see opportunities to be extracted, but what about considerations of privacy and the impact on individuals?


New Loop: Data Breach to Lawsuit

By Matt Fisher – A recurring pattern has developed when it comes to data breaches. The first part of the pattern is that healthcare is under constant cyber attacks that challenge security measures while aiming to get access to private and sensitive information within the systems.