Listen now
Key takeaways
- Neuron Sphere provides a toolkit that enables medical device engineers to quickly develop and deploy data-driven products and AI/ML algorithms in a compliant manner.
- Neuron Sphere's platform deploys within a customer's AWS cloud environment, ensuring the medical device manufacturer retains full data ownership and control, simplifying compliance and reducing the trust chain.
- The MedTech industry has historically been slow in adopting cybersecurity practices, often prioritizing patient safety and effectiveness over security until late in product development.
- New FDA guidance, effective since late 2023, mandates earlier integration of cybersecurity into the New Product Development Process (NPDP), forcing companies to address security from the outset.
- A significant cultural challenge in MedTech is that developers, often under tight deadlines and lacking formal secure coding training, prioritize functionality and speed over robust security.
- Operating data within a manufacturer's own infrastructure enhances security and simplifies compliance by minimizing reliance on third-party vendors and Business Associate Agreements (BAAs).
How can medical device companies own their data without compromising security?
In this episode, Kevin Derr from NeuronSphere joins Christian and Trevor to dive into the intersection of cybersecurity, compliance, and innovation in the MedTech world. They also explore why data ownership and secure system architecture are foundational for FDA compliance and patient safety.
Key points:
(0:47) From Big MedTech to Startup
-
Kevin shares his journey from Stryker and J&J to co-founding NeuronSphere, which was built to simplify the creation of compliant data products for MedTech engineers.
-
NeuronSphere is like a toolkit allows companies to retain full data ownership while meeting FDA and cybersecurity requirements.
(5:21) Ownership, Trust, and Compliance
-
Vendor solutions often fall short during V&V, triggering costly compliance upgrades.
-
NeuronSphere keeps ownership and compliance within the manufacturer's own infrastructure.
(11:12) Misconfigurations and Human Error
-
Misconfigured S3 buckets and default credentials are common sources of breaches.
-
Even the FBI and CIA have faced major data exposures from simple mistakes.
-
Human error remains the biggest vulnerability.
(17:00) Balancing Security and Functionality
-
FDA’s focus is patient safety and effectiveness, not just data protection.
-
Secure coding is often deprioritized due to deadlines and lack of training.
(33:21) FDA Guidance
-
The new FDA cybersecurity guidance is moving security discussions earlier in the development lifecycle.
-
Startups are now forced to consider data flow and security posture before first-in-human trials.
Learn about NeuronSphere: https://www.neuronsphere.io/
Notable quotes
“I spent the previous ten years stringing together 15, 20, 25 different SaaS companies and systems to make a data platform, and all the challenges that come with that.”
“You maintain ownership of your data throughout the lifecycle of your data platform with Neuronsphere. That does a number of things from a security perspective.”
“New FDA guidance, issued in late 2023, mandates that cybersecurity be addressed much earlier in the New Product Development Process.”
Frequently asked questions
More episodes
Keep listening
-
Episode 70
Why MedTech Needs Specialists with Zoltan Kevei and Saby Toth of Bishop & Co
With Zoltan Kevei
-
Episode 69
Science Before Hype in MedTech Investing with Varun Turlapati of Chaanakya Capital
With Varun Turlapati
-
Episode 68
Why MedTech Needs More Than Approval with Michael Branagan Harris of HealthTech Strategies Limited
With Michael Branagan Harris
-
Episode 67
De-Risking Product Decisions in MedTech Startups with Brent Lavin of Ironwood MedTech Partners
With Brent Lavin