About Erik

 

Erik Surwill

Erik Surwill is an IT Director and technology executive with more than twenty years of experience designing, modernizing, and governing mission-critical IT environments in regulated healthcare settings.

He began his career in hands-on IT consulting and support, building a strong technical foundation in networking, security architecture, voice systems, and Microsoft 365 platforms. Over the past decade, Erik has advanced into executive IT leadership, where he oversees enterprise infrastructure, compliance programs, vendor governance, and strategic technology planning for a leading children’s mental health organization in Los Angeles.

In addition to his operational leadership, Erik provides Fractional CIO and CISO advisory services to healthcare organizations seeking to modernize infrastructure while strengthening compliance posture. His work focuses on aligning business processes with technology architecture through structured Business Process and Technology Infrastructure Analysis engagements. He approaches IT as a service delivery framework—ensuring infrastructure investments directly support organizational mission, regulatory requirements, and long-term resilience.

Erik specializes in regulated healthcare environments and has deep expertise in HIPAA, HITECH, the 21st Century Cures Act, and California privacy regulations. He is particularly experienced in LA County and public sector contractual alignment, translating complex exhibit language and compliance obligations into practical technical controls and operational workflows.

A core strength of Erik’s leadership is his ability to design comprehensive risk assessment and control mapping methodologies that crosswalk SOC 2 Trust Services Criteria, NIST frameworks, and HIPAA Security Rule requirements into unified governance programs. He builds audit-ready environments that integrate policy, process, and technical safeguards into measurable control systems.

His executive portfolio includes:

  • SOC 2 / NIST / HIPAA crosswalk and control implementation

  • Vendor governance and contract negotiation leadership

  • Enterprise risk assessment and compliance program design

  • Cloud modernization and SASE architecture leadership

  • EHR platform strategy and regulatory integration oversight

  • ITIL-aligned service management development

Erik is known for translating technical complexity into strategic clarity for executive leadership and boards. He believes technology must deliver measurable utility, regulatory assurance, and operational value; Not just infrastructure.