N S W E
Secure Nomad
Healthcare Cybersecurity & HIPAA Compliance

Your patients trust you.
Who's protecting that trust?

vCISO & Trusted Advisor for Small Healthcare Providers

Small providers face the same threats as large health systems — with none of the security staff. I exist to close that gap.

Book a Free Consult View Services
Scroll
20+ Years in Cybersecurity
CISSP CCSP · CISM · GCP
4 Languages Spoken
3 Continents Served
$0 Cost of a Consult
The Reality Nobody Talks About

Large health systems have armies.
You have a prayer.

Enterprise health systems employ full security departments, spend millions on tools, and still make the news when something goes wrong. Small providers — community clinics, behavioral health practices, independent surgery centers — have a part-time IT person, a cloud fax number, and hope.

Threat actors know this. OCR knows this. The entire cybersecurity industry markets to the enterprise and ignores the gap. That gap is where breaches happen.

That is also where I operate.

"Small providers are MORE at risk than large health systems — and almost nobody in the industry is talking about it."
— Ricky Martin, CISSP · Founder, Secure Nomad
What We Do

Enterprise-grade security,
built for your scale.

HIPAA Security Risk Assessments
Plain-language risk analysis that tells you exactly where you stand, what the real exposure is, and what to fix first — without the fear-mongering.
Compliance
vCISO Retainer Services
A seasoned CISO in your corner — without the full-time salary. Strategic guidance, policy oversight, and a trusted advisor who picks up the phone.
Advisory
AI Security & Governance Assessments
Before you let an AI vendor touch your PHI, understand exactly what you're agreeing to. A 6-phase assessment built specifically for healthcare organizations.
AI Risk
Cloud Security Advisory
The cloud offers real benefits for small providers. It also introduces real risk. I help you get the former without the latter — in language that makes sense.
Cloud
Security Maturity Assessments
Tiered, accessible, and designed for organizations without a dedicated security team. Know where you are. Know where you need to be. Build a realistic path.
Assessment
Multi-Jurisdiction Compliance
HIPAA in Boston. GDPR in Barcelona. LGPD in São Paulo. If your practice or your patients cross borders, your compliance strategy needs to as well.
International
Who This Is For

You care deeply
about your patients.
Cybersecurity feels like a foreign language.

  • Community clinics, behavioral health practices, independent surgery centers, and specialty providers without dedicated IT staff
  • Practice managers who genuinely don't know the current status of their HIPAA compliance — and know they should
  • Healthcare organizations onboarding AI tools and unsure what questions to ask vendors before signing
  • Providers who just received a breach notification and need an expert, not a vendor sales pitch
  • EU and South American healthcare organizations navigating GDPR or LGPD without a security partner
Typical Client Profile
Sarah, Practice Manager
12-Provider Behavioral Health Group · Manchester, NH
"I knew we needed to do something about HIPAA. I just didn't know where to start — and every vendor I talked to made me feel stupid for asking."
✦ Full SRA completed in 6 weeks. Remediation roadmap. No jargon. No scare tactics.
International Client Profile
Dr. Marcos, Medical Director
Private Healthcare Group · Málaga, Spain
"We needed someone who understood both healthcare security and the GDPR compliance landscape — and could communicate clearly across languages."
✦ GDPR gap assessment + cross-border advisory. English & Spanish.
RM
Founder & Principal Consultant
Secure Nomad
CISSP CCSP CISM GCP Arch AWS EN · FR · ES · IT
About

An engineer with
a personality.

My name is Ricky Martin. I have spent 20+ years in cybersecurity and cloud security — with stops at McKesson, Cigna, Kaiser, and plenty of organizations in between. I have seen what happens when large systems get it wrong. I have also seen the devastation a breach or OCR violation can cause for a small provider who never had a fighting chance.

That is why Secure Nomad exists. Not to sell you tools. Not to scare you into a retainer. To be the expert in the room who actually explains what is happening, what is at risk, and what to do about it — in plain language.

"Living la vida loca in cloud and cybersecurity."

Secure Nomad operates from New England with active expansion across the EU and South America. I speak English, French, Spanish, and Italian — which means the gap between enterprise security and small providers is a problem I can address on three continents.

Work With Me
Content & Expertise

Topics I own.

01
HIPAA Compliance for Small Providers
Practical, plain-language guidance. Real requirements, real consequences, real fixes. No fear-mongering. Parallels to GDPR and LGPD for international audiences.
Core
02
AI Vendor Risk in Healthcare
What questions to ask before a vendor touches your PHI. What red flags look like. Why small providers are especially exposed. Globally relevant.
AI Risk
03
vCISO as a Service
Demystifying the fractional model. Making enterprise-grade security accessible. The virtual CISO approach is gaining global traction — Secure Nomad is ahead of that curve.
Advisory
04
Cloud Security for Small Providers
The real benefits and the real tradeoffs, explained for non-technical audiences. Cloud is borderless — and so are the threats.
Cloud
05
Breach & Enforcement Intelligence
Real OCR cases. Real breach stories. Real lessons — not theoretical. EU enforcement and GDPR fines when relevant to broaden international resonance.
Intel
06
International Expansion & Location-Independent Practice
Building a global security practice. Multi-jurisdiction compliance. What EU and South American healthcare security actually looks like on the ground.
Global
Get In Touch

Let's talk about
what you actually need.

No sales pitch. No jargon. Whether you are navigating HIPAA in Boston or GDPR in Barcelona — reach out. The first conversation is free, and it should tell you immediately whether this is a fit.

Website securenomad.ai Email ricky@securenomad.ai in LinkedIn linkedin.com/in/rickymartinthesecurityguy Instagram @securenomad.ai

New England · EU · South America · Wherever you need us