- Summits
- Sponsorship
- Media Opportunities
- News
- About
Medtech startups face a unique challenge: how to bring complex, regulated products to market under tight timelines and even tighter budgets. Success isn’t just about breakthrough innovation—it’s about navigating product development, regulatory approval, cybersecurity, reimbursement, and investor readiness, all at once.
At a recent panel titled “From Regulatory to Revenue: Building with the End in Mind,” four industry leaders came together to unpack exactly how early-stage companies can plan smarter, move faster, and avoid the common pitfalls that derail so many promising ventures.
Moderated by Mridul Mittal, Cofounder and CMO, Mittal Consulting, the panel featured:
What followed was a candid, practical discussion full of lessons medtech founders can act on today.
Product development is usually the first service medtech startups interact with. According to Mariel Fabro, that relationship should begin “as early as possible.” She emphasised the importance of identifying team gaps and investing in product development that centralizes effort and cost in a lean, effective way. Best practices include laying down a quality management system (QMS) from day one and involving regulatory strategists early to ensure alignment across all functions—from market fit to commercialization.
“Start by getting your QMS in place,” she advised. “Then apply design principles to something that actually addresses an unmet need—and make sure that need is thought through from start to finish.”
In the age of AI-powered medical devices, cybersecurity has become a critical concern. Christian Espinosa, whose firm Blue Goat Cyber specializes in helping medtech manufacturers meet regulatory cybersecurity requirements, warned that too many companies consider security as an afterthought.
“Cybersecurity needs to be part of your product from the beginning,” he said. “Ask yourself—is this a cyber device? If it has software and any kind of connectivity—USB, NFC, even HDMI—it probably is.”
Espinosa highlighted that cybersecurity testing can be quick if issues are minimal. However, if companies wait until the last 60 days before submission, they often discover thousands of vulnerabilities. “We had one client with 2,500 issues. It took them eight months to fix,” he shared. “Early planning saves time, money, and a lot of frustration.”
With the FDA’s final cybersecurity guidance now in effect, medtech startups must demonstrate security considerations throughout the product lifecycle—not just at the point of submission. That includes secure patching, safe disposal of protected health information (PHI), and development in a secure environment.
Kristen Mittal, whose firm specializes in regulatory strategy for startups, stressed that one of the most common pitfalls is failing to explore the full suite of available regulatory pathways. “You might actually have more options than you think,” she said. “And your choice may be different from your competitors’ based on your specific resources and market strategy.”
She also warned against treating regulatory planning as a one-time effort. “Your strategy will likely change. CPT codes change, competitors enter the market, investor expectations shift—so make sure your service providers are in sync and communicating.”
In fact, Mittal often finds herself playing the role of integrator—bringing different stakeholders to the table to solve challenges collectively.
Gary Gershony, a seasoned investor and two-time medtech founder, brought a grounded perspective: too many startups begin with a technology and then search for a problem to solve.
“The best medical device companies start with identifying a ‘must-have’ clinical need—not a ‘nice-to-have’ one,” he said. “If there’s no sizable market, there will be no investment.”
He also highlighted the importance of a strong founding team: “They need to have depth, passion, and the ability to surround themselves with people who complement their weaknesses.”
Design is where it all comes together—and can fall apart if not handled thoughtfully. “Product design and engineering design go hand in hand,” explained Fabro. “Start with product-market fit, then translate that into rigorous engineering verification and validation. It’s a hierarchy.”
The design also impacts whether the product aligns with existing reimbursement and regulatory frameworks. If there’s no precedent for a digital device, for example, developers may need to explore creative pathways, including value-based care models instead of traditional fee-for-service reimbursement.
For novel or complex devices, Mittal pointed to the FDA’s pilot programs—Breakthrough, STEP, and TAP—as powerful tools for early-stage companies. These programs prioritize review, accelerate communication, and even help with introductions to stakeholders ranging from patient advocacy groups to investors.
“We’ve had companies get connected with investors through the FDA via TAP,” she said. “It’s free support—why not take it?”
However, these programs have specific application windows, so early eligibility assessments are crucial.
When it comes to pitching to investors, Gershony didn’t mince words. “Get to the point. What problem are you solving, why does it matter, and how big is it?”
He stressed the importance of the CEO being able to clearly and concisely present the full business—not just their technical niche. “Don’t bring in five different team members for a 10-minute pitch. Keep it simple, visual, and practiced.”
Christian Espinosa added that cybersecurity is still missing from most pitch decks—and it shouldn’t be. “I’ve never seen it on a roadmap. Investors notice that.”
Both Mittal and Fabro concluded by emphasizing that reimbursement needs to be considered just as early as regulatory strategy.
“Too many companies plan to think about reimbursement after FDA clearance,” said Mittal. “That’s too late. You could be looking at five to seven years of additional effort—and many companies don’t survive that gap.”
Fabro agreed: “In design, if your device doesn’t fit a known reimbursement and regulatory formula, you need to be creative. But ideally, it all connects from day one.”
Building a successful medtech company is never just about the technology. It’s about aligning every decision—design, regulatory, cybersecurity, reimbursement, and funding—with a clear path to market. That alignment doesn’t happen by accident. It requires early planning, cross-functional collaboration, and constant communication.
The message from the panel was clear: successful startups don’t treat these areas as silos or afterthoughts. They make them part of the conversation from day one. That’s what gives you the best shot—not just at approval, but at commercial viability.
Because at the end of the day, it’s not enough to build a product that works. You have to build a business that lasts.
Join us at MedTech Malta 2025, happening 12–14 November. Hear from global experts, connect with the MedTech World community, and take your startup from concept to commercialization. Book your ticket now!
For any queries, contact us at [email protected].
