Beyond Compliance: Why Trust is Health Tech's Most Critical Asset

September 23, 2025

We are in the golden age of health innovation. From AI-driven diagnostics to personalized wellness platforms, our work is fundamentally reshaping the future of care. This progress is fueled by an unprecedented flow of data. Yet, a critical vulnerability exists at the core of our industry: the growing deficit between our technological capabilities and the trust of the patients we serve.


The prevailing model of opaque data collection and secondary monetization is not just a reputational risk; it is an unsustainable business strategy. The next generation of market leaders will not be defined by the cleverness of their algorithms alone, but by the robustness of their trust architecture.


The HIPAA Paradox and the Coming Regulatory Storm: As an industry, we navigate our data strategies around HIPAA (in the US, GDPR and others around the world). We treat it as the definitive rulebook for patient privacy. But this perspective is dangerously narrow. HIPAA is a floor, not a ceiling, and it was built for a world that no longer exists. It governs covered entities, leaving a vast, unregulated ecosystem of wellness apps, wearables, and direct-to-consumer platforms in a compliance gray area. This regulatory gap is well-documented by the Department of Health and Human Services, which clarifies that data shared with many third-party apps falls outside HIPAA's protections.

This regulatory gap is closing. With state-level privacy laws like the California Consumer Privacy Act (CCPA) setting new precedents and the FTC signaling more aggressive enforcement via its Health Breach Notification Rule, the era of regulatory ambiguity is ending. Relying on a minimalist, check-the-box approach to compliance is a strategy with a rapidly expiring shelf life. The question is no longer if a stricter regulatory framework will arrive, but when. The smart play is not to wait for it, but to build for it proactively.


Deconstructing the Flawed Value Exchange: The current unspoken contract with the user is often a lopsided one. We offer a service, and in exchange, we capture data whose downstream value far exceeds the immediate benefit provided to the user. This data flows into a complex secondary market of data brokers and aggregators, a market projected to be worth hundreds of billions of dollars, fueling everything from pharmaceutical research to targeted advertising.

While the process of "de-identification" provides a layer of legal and ethical cover, we know its limitations. The increasing sophistication of analytical techniques means that re-identifying individuals from de-identified data is often possible by cross-referencing datasets. More importantly, this model creates a fundamental misalignment. When users discover how their data is being leveraged, trust is broken, often irreparably. This leads to increased churn, negative brand perception, and a user base that is increasingly unwilling to share the very data our innovations depend on. It is a house of cards.


Trust as a Competitive Moat - An Architectural Blueprint: In a crowded market, the most defensible competitive advantage is not a feature or a price point; it is trust. Companies that treat trust as a core business metric rather than a legal hurdle will attract more engaged users, command greater pricing power, and build more resilient brands. Research consistently shows that a lack of trust is a significant barrier to the adoption of digital health technologies. (Hey, my book talks all about this!) Here is a blueprint for moving beyond compliance to build a foundation of trust:


  1. Frame Transparency as a Brand Pillar. Your data policy should not be a document crafted by lawyers to minimize liability. It should be a manifesto, written in plain language, that your marketing team can proudly feature. Use your onboarding, UI, and communications to be radically transparent about what you collect, why you collect it, and the value it creates.

  2. Engineer an Equitable Value Exchange. For every data point requested, you must clearly articulate the direct, tangible benefit the user receives. Move away from implicit collection and toward explicit, granular consent. If the value exchange is strong enough, users will willingly opt in. If it is not, the problem is with your value proposition, not the user's reluctance. This is why we allllllll share our data with Google maps for example. We get immense value from up to date directions, and precise placement of where all the construction delays are. Take my data!

  3. Build for User-Centric Governance. Empowering the user means more than a settings page. It means building intuitive privacy dashboards, enabling effortless data portability, and providing a simple, verifiable process for data deletion. The future is user-owned health records, and the platforms that embrace this will render closed-silo competitors obsolete.

  4. Champion Data Stewardship. The ultimate evolution is to shift the corporate mindset from being a data processor to a data steward. This means accepting a 'fiduciary-like' responsibility to act in the best interest of your users and their data. This is not altruism; it is a long-term strategy for building enterprise value.

  5. A Strategic Call to Action: The conversation about data needs to move from the legal department to the C-suite and the product roadmap. It is a fundamental strategic issue that will define the winners and losers of the next decade in health tech.


This week, ask these questions within your organization:


How clearly do we articulate our data value exchange in the first 60 seconds of a new user's experience?


Could a non-technical user read our privacy policy and feel empowered rather than confused? (cough cough, the answer today is probably no!)


How would our business model be impacted if our users could instantly port their data to a competitor?


The future of healthcare innovation depends on a foundation of trust. It is our collective responsibility to build it.....and it's good business for the future.


#StayCrispy

-Dr. Matt


Dr. Matt believes technology can erase the borders that limit access to care. This vision is the heart of her book, The Borderless Healthcare Revolution. Join her in building this future by visiting drsarahmatt.com to learn more and get your copy.

Beyond Compliance: Why Trust is Health Tech's Most Critical Asset

The End of Reactive Care? How Digital Twins Are Predicting Autoimmune Flares

September 30, 2025
For years, the conversation around remote patient monitoring has been anchored in familiar territory: tracking vitals post-discharge or, more recently, using wearables to detect acute infections. While valuable, this narrative barely scratches the surface of what’s now possible. The true revolution is not just identifying a binary event like an infection; it’s about decoding the subtle, chaotic signals of chronic disease, a challenge that represents one of the largest drivers of cost and suffering in our healthcare system today. Consider the landscape: more than 24 million Americans live with an autoimmune disease, and the collective cost of managing these 'unpredictable', inflammatory conditions runs well into the hundreds of billions annually. For this population, the greatest challenge is the unpredictable nature of a flare-up. These events, which can strike with little warning, are the primary driver of emergency room visits, hospitalizations, and the use of high-cost biologic drugs. While those with access to specialty care are on protocols ato reduce flares, our system remains very reactive, treating the crisis more often than preventing it. That is beginning to change. The next wave of healthtech is moving beyond simple anomaly detection and toward the creation of Physiological Digital Twins : dynamic, machine-learning-powered models of an individual's unique biological baseline. This is not just a marketing buzzword. It represents a fundamental shift from the threshold-based alerts of traditional RPM (for example, a blood pressure reading over 140/90) to a sophisticated, pattern-based intelligence. Instead of just looking for a single metric to cross a line, a digital twin synthesizes multi-modal data streams from consumer wearables. It analyzes heart rate variability (HRV), sleep architecture and fragmentation, activity patterns, and respiratory rate to understand the intricate interplay of a person's autonomic nervous system. By learning an individual's unique "rhythm of wellness," the model can detect the faint, complex patterns that signal a brewing inflammatory cascade, long before the patient feels the debilitating symptoms. The clinical evidence for this advanced approach is now emerging. A groundbreaking study on Inflammatory Bowel Disease (IBD) demonstrated that passive data collection from a consumer smartwatch could. Researchers found that a drop in HRV was a persistent signal in the week leading up to a confirmed flare. This is a crucial insight: while an infection causes a sudden, noisy alarm in your vitals, an impending autoimmune flare presents as a quieter, more sustained deviation that only a sophisticated, continuously learning model can reliably detect. The Data-to-Action Pipeline: An Operational Framework Bringing this concept to life requires an operational framework that bridges raw data with clinical action. For leaders and builders, the "Data-to-Action Pipeline" provides a roadmap for implementation. 1. Data Ingestion & Harmonization: The first challenge is the messy reality of the consumer device market. A platform must be able to ingest data from a variety of sources, like an Apple Watch, Oura Ring, or Garmin device, and harmonize it into a standardized format. This is the foundational layer for any scalable solution. 2. The Digital Twin Engine: This is the core intellectual property. Once data is harmonized, the AI engine establishes a highly personalized, multi-variant baseline for each user. It then runs continuously, using pattern recognition algorithms to identify deviations from that baseline that correlate with a specific adverse event, like an IBD flare. 3. The Clinical Intelligence Layer: A statistical probability from the AI engine is not a clinical action. This crucial layer translates the model's output ("78% probability of flare within 72 hours") into a specific, clinically relevant recommendation ("Patient may be entering an inflammatory cycle. Suggest initiating prescribed anti-inflammatory protocol and schedule a telehealth check-in."). 4. The Intervention & Feedback Loop: The final step is delivering the intervention, whether it's an automated notification to the patient, a task sent to a care manager's dashboard, or an alert within the EHR. The patient’s outcome and subsequent data are then fed back into the Digital Twin Engine, creating a closed loop that allows the model to become progressively smarter and more personalized over time. A New Strategic Imperative This capability creates a new strategic imperative for leaders and builders across the healthcare ecosystem. For Health Delivery Leaders: The focus must shift from episodic RPM to continuous, predictive chronic care management. Resource Allocation: This model allows for the targeted deployment of care managers and expensive therapies to the highest-risk patients before a crisis, preventing costly ER visits and improving outcomes. Value-Based Care: It provides the objective, longitudinal data needed to succeed in value-based arrangements by demonstrating a reduction in acute events and lowering the total cost of care. Clinician Well-being: By automating surveillance and filtering out the noise, this approach allows clinicians to practice at the top of their license, focusing their expertise on the patients who need them most and reducing the burnout associated with managing overwhelming data streams. For Healthtech Builders: The opportunity is to build the platforms that create and manage these digital twins at scale. A new report on the future of digital therapeutics highlights the growing demand for AI-driven disease management platforms that go beyond simple tracking. Algorithmic Differentiation: The competitive advantage is no longer the sensor, but the sophistication of the AI. Companies that can build and validate algorithms for specific conditions will own the market. New Business Models: This opens the door to outcomes-based pricing. Instead of a simple SaaS fee, companies can share in the savings generated by successfully predicting and preventing a costly adverse event, aligning their incentives directly with the health system and the patient. We are at an inflection point. The conversation around wearables must evolve from the novelty of detecting a virus to the profound impact of managing a lifetime of chronic illness. By embracing the complexity of Physiological Digital Twins and building the operational pipelines to support them, we can move beyond the reactive sick-care model of the past and begin building the proactive, predictive, and truly personalized healthcare system of the future. While the technology is soaring, now we must collectively consider the next step....how to bring this kind of chronic care management to the masses. #StayCrispy -Dr. Matt  Dr. Matt believes technology can erase the borders that limit access to care. This vision is the heart of her book, The Borderless Healthcare Revolution . Join her in building this future by visiting drsarahmatt.com to learn more and get your copy.

Cracking the US Healthcare Code: A Quick & Dirty Playbook for Founders

September 16, 2025
Last night, I gave a workshop to a group of international founders about the US healthcare landscape and what they need to know to break in. But as I gave my talk, I realized something important. Even though this advice might sound basic or obvious to some, every founder, whether you're from abroad or based right here in the US, needs to hear this again. These are the foundational questions that determine success or failure. For every health tech founder, the US healthcare market is the ultimate prize: a glittering, multi-trillion-dollar opportunity. But for those entering from abroad, it’s a labyrinth of misaligned incentives and hidden rules. (For those already here, it’s an equally complex home turf!) No matter your origin, you need a playbook. Here is the 5-minute briefing every founder needs before launching in the US. And whether you've been working your startup for a day, a week, a month or a year, make sure to go through the checklist at the end and behonest about your true readiness. The Paradox: Your Biggest Obstacle is Your Biggest Opportunity First, the scale is staggering. The U.S. spends over $4.5 trillion annually on healthcare , representing nearly 18% of its economy. But here’s the paradox: that historic spending buys some of the developed world's worst health outcomes. A 2023 Commonwealth Fund report shows the U.S. lags in life expectancy and has the highest rates of avoidable deaths. The reason is massive inefficiency and waste. For you, the founder, this isn't a bug; it's a feature. Your company's value will be measured by how effectively you solve the friction that costs the system a trillion dollars a year. The Gatekeepers: The Cast of Characters You Must Convince As a founder, you are not selling into a single "system." You are selling to a handful of competing stakeholders who all ask different questions: The Payer (e.g., UnitedHealth): "Show me the 3-year ROI." The Provider (e.g., a hospital): "Will my doctors use it and will it slow them down?" The Regulator (e.g., the FDA): "Where is your clinical data?" The Patient: "Is it easy and does my insurance cover it?" Historically, money flowed through a Fee-for-Service model, rewarding volume. The entire system is now shifting toward Value-Based Care , (at a snail's pace, forever!) where payment is tied to patient outcomes. This shift is your single greatest tailwind. Models like Accountable Care Organizations (ACOs) are hungry for technology that improves quality and reduces costs. The Four Pillars of Your Go-to-Market Plan Whether you are coming from Seoul or Silicon Valley, your strategy must answer four critical questions. Get these right, and you have a foundation for success. Your Clinical Strategy: What is the absolute minimum clinical evidence you need to convince your first customer? The gold standard is a Randomized Controlled Trial (RCT), but pragmatic Real-World Evidence (RWE) is increasingly accepted for digital health. Your Reimbursement Strategy: How, specifically, will you get paid? Is it through an existing CPT code? By enabling a hospital to succeed in a value-based contract? Or a simple SaaS license? "We’ll figure out reimbursement later" is a fatal mistake for a founder. Your Commercial Strategy: Who is your ideal first customer: a research-focused academic center or a profit-driven hospital system? How will you integrate with their Electronic Medical Record (EMR)? Without a clear path into Epic or Cerner, your product is dead on arrival. Your Compliance Strategy: Do you know your FDA classification for Software as a Medical Device (SaMD) ? Are you prepared for the legal and security requirements of HIPAA ? These are not afterthoughts; they are foundational. Entering the US market is a test of strategic clarity. It's not the best technology that wins, but the best technology with a credible answer to the market's unique and complex questions. The tech, is the easy part. Founders Checklist: Key Questions & Action Items Market Understanding ☐ Have we clearly defined how our solution solves the friction and waste in the US system?☐ Do we have a crisp answer for each of the four gatekeepers (Payer, Provider, Regulator, Patient)?☐ Is our strategy aligned with the shift from Fee-for-Service to Value-Based Care? Clinical Strategy ☐ Have we defined the minimum level of clinical evidence required to win our first customer?☐ Have we decided between an RCT, RWE, or a hybrid evidence-generation approach?☐ Have we budgeted for a Health Economics and Outcomes Research (HEOR) study to prove financial value? Reimbursement Strategy ☐ Have we identified the specific mechanism for payment (e.g., existing CPT code, SaaS license)?☐ If pursuing a new CPT code, have we mapped out the multi-year timeline and budget?☐ Can we clearly articulate our value proposition for a value-based care model (e.g., an ACO or bundled payment)? Commercial Strategy ☐ Have we identified our ideal first customer profile (e.g., Academic Medical Center, IDN)?☐ Do we have a detailed, 12-18 month plan for EMR integration with Epic or Cerner?☐ Have we mapped the key decision-makers at a target health system (Clinical Champion, CMIO, CISO, CFO)? Compliance/Regulatory Strategy ☐ Have we determined our product's FDA classification as Software as a Medical Device (SaMD)?☐ Have we budgeted for the legal and technical requirements of HIPAA compliance?☐ Have we signed a Business Associate Agreement (BAA) with all partners who will handle patient data? Start with one specific problem, find US-based partners early, and remember: in American healthcare, evidence is the only currency that matters. Keep innovating, and #StayCrispy! -Dr. Matt