Most FemTech apps are not covered by HIPAA. Since Dobbs, the FTC has fined Premom, GoodRx, Flo, and BetterHelp for unauthorized health data sharing. Here is what your platform actually needs to get right.
42 CFR Part 2 enforcement began February 2026. If your behavioral health or mental health platform handles SUD records, HIPAA compliance is not enough. Here is what your architecture actually needs to pass a security review.
AI scribes are being adopted quickly across healthtech, and in most cases the product delivers. Very few deals fail at the product level. What stops them is the transition into IT and security review — where the conversation shifts from clinical value to data control, and where most vendors are underprepared.
