Oshri Cohen.
Industries · HealthTech

Fractional & AI-native CTO
for HealthTech.

Former CTO of a healthcare EMR platform. SOC 2 Type I & II and HIPAA-grade compliance delivered across HealthTech, without slowing the roadmap.

Email OshriSee services
EMR platform CTOSOC 2 I & IIHIPAA-gradePHI security
Oshri Cohen, fractional CTO for HealthTech
Oshri CohenFractional & Interim CTO
Where HealthTech breaks

Compliance is the gate.

And the roadmap can't stop while you clear it.

HIPAA & SOC 2 for sales

Enterprise and hospital sales stall without SOC 2 and HIPAA-grade controls. Getting there without freezing the roadmap is the real trick.

Legacy EMR & integration

Healthcare runs on legacy EMR and a thicket of integrations. Modernizing without breaking clinical workflows takes someone who's done it.

PHI security

Protected health information raises the stakes on every architectural decision, storage, access, audit, vendors. Mistakes here are existential.

AI in clinical workflows

AI can speed documentation, triage and decision support, but a human has to stay accountable for anything that touches care.

What I do here

Compliance and velocity, together.

SOC 2 & HIPAA programs

Compliance programs that pass audits and unlock enterprise and hospital sales, built into delivery, not bolted on at the end.

EMR & integration

Modernize legacy EMR and integration layers without breaking the clinical workflows people depend on.

Responsible clinical AI

Bring AI into documentation, triage and decision support with PHI protected and a clinician accountable at the end.

Common questions

What HealthTech founders ask.

Can you get us SOC 2 and HIPAA-ready?

Yes. I've delivered SOC 2 Type I & II across HealthTech and adjacent regulated industries and led teams under HIPAA protocols. The aim is to build compliance into how the team ships so it unlocks enterprise and hospital sales without freezing the roadmap.

Do you have healthcare platform experience?

Yes, I served as CTO of a healthcare EMR platform, modernizing an integrated care system and meeting its compliance obligations. I know EMR, integration and PHI from the inside, not from a deck.

How do you use AI safely with patient data?

By keeping PHI tightly controlled, using AI where it clearly helps, documentation, triage, decision support, and keeping a clinician accountable for anything that affects care. Evaluation, observability and access controls are built in, not assumed.

Building in HealthTech?

If compliance is blocking sales or legacy EMR is slowing you down, I've cleared both before.

Email OshriTechnical due diligence
hello@oshricohen.me(514) 777-3883Canada · USA · Remote