Sign up to save your podcasts
Or
Share What MedTech Startups Get Wrong About Cybersecurity Documentation
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
What MedTech Startups Get Wrong About Cybersecurity Documentation
Marc Zemel has been building Retia Medical for 15 years. The company started as two guys with slides and licensed technology. Now their data-driven hemodynamic monitoring technology for consistently accurate cardiac output measurements in high-risk surgical and critically ill patients is in 75 hospitals across 18 countries, sold by Medtronic in the U.S, and the company is preparing to launch their new product Argos Infinity, pending FDA clearance.
But getting here meant dealing with cybersecurity challenges that Marc didn't see coming. In this conversation, he talks about what actually slowed them down, what he wishes he'd done differently, and why building a proper quality system from day one would have saved him years of pain.
Retia Medical develops algorithms that monitor cardiovascular function. Their technology detects problems before blood pressure drops, which makes it valuable in operating rooms and ICUs. Nurses have gotten so attached to their monitors that they literally hug them because the devices help them do their jobs better.
Marc walks through the specific cybersecurity issues that surprised him. Like how software as a medical device comes with ongoing compliance costs that hardware doesn't have. Or how documentation requirements kept changing as the FDA updated its expectations. Or how retrofitting cybersecurity into an existing product is way more expensive than building it in from the start.
He also shares his philosophy on building companies. He doesn't focus on exits or acquisition targets. He focuses on building something people can't live without. When the product is that good, the rest takes care of itself.
If you're building a medical device startup or dealing with FDA submissions, this is a conversation worth hearing.
Episode Breakdown:
00:00 Introduction
00:32 Where everyone's calling from
02:54 Marc's background and journey into medtech
04:33 What Retia Medical does
07:00 Blood flow vs blood pressure
09:45 Software vs hardware as a medical device
12:30 Cybersecurity challenges
15:20 Documentation nightmares
18:45 Quality systems and why they matter early
22:10 FDA submissions over 15 years
25:30 The cost of retrofitting cybersecurity
28:50 Software updates and compliance
32:15 Build to be bought, not to be sold
37:32 What acquirers look for
39:02 Product market fit: Nurses hugging monitors
41:14 Wearables and future regulations
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com.
If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and Founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1
View all episodes
By Blue Goat CyberMarc Zemel has been building Retia Medical for 15 years. The company started as two guys with slides and licensed technology. Now their data-driven hemodynamic monitoring technology for consistently accurate cardiac output measurements in high-risk surgical and critically ill patients is in 75 hospitals across 18 countries, sold by Medtronic in the U.S, and the company is preparing to launch their new product Argos Infinity, pending FDA clearance.
But getting here meant dealing with cybersecurity challenges that Marc didn't see coming. In this conversation, he talks about what actually slowed them down, what he wishes he'd done differently, and why building a proper quality system from day one would have saved him years of pain.
Retia Medical develops algorithms that monitor cardiovascular function. Their technology detects problems before blood pressure drops, which makes it valuable in operating rooms and ICUs. Nurses have gotten so attached to their monitors that they literally hug them because the devices help them do their jobs better.
Marc walks through the specific cybersecurity issues that surprised him. Like how software as a medical device comes with ongoing compliance costs that hardware doesn't have. Or how documentation requirements kept changing as the FDA updated its expectations. Or how retrofitting cybersecurity into an existing product is way more expensive than building it in from the start.
He also shares his philosophy on building companies. He doesn't focus on exits or acquisition targets. He focuses on building something people can't live without. When the product is that good, the rest takes care of itself.
If you're building a medical device startup or dealing with FDA submissions, this is a conversation worth hearing.
Episode Breakdown:
00:00 Introduction
00:32 Where everyone's calling from
02:54 Marc's background and journey into medtech
04:33 What Retia Medical does
07:00 Blood flow vs blood pressure
09:45 Software vs hardware as a medical device
12:30 Cybersecurity challenges
15:20 Documentation nightmares
18:45 Quality systems and why they matter early
22:10 FDA submissions over 15 years
25:30 The cost of retrofitting cybersecurity
28:50 Software updates and compliance
32:15 Build to be bought, not to be sold
37:32 What acquirers look for
39:02 Product market fit: Nurses hugging monitors
41:14 Wearables and future regulations
The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com.
If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session
Christian Espinosa is the CEO and Founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber.
Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/
Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9
Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/
Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/
Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/
Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmation=1