Make your 30-minute strategy session count.
A short walkthrough so you arrive ready, leave with a clear scope, and don't burn a single minute on small talk.
Don't have any of this yet? Book the call anyway.
The steps below are aspirational - a way to get more out of the 30 minutes if you're prepared. None of them are required. We've scoped engagements from a single sentence ("we're building a Class II wearable") all the way up to a 400-page submission. Bring what exists; we'll handle the gaps.
-
Step 012 min
Know your company snapshot
We'll move faster if we know who you are and where you're heading. Bring a one-line description of the company and what stage you're at.
- Company name, website, headcount
- Funding stage (bootstrap, seed, Series A+, public)
- Target launch market(s) - US FDA, EU MDR, both
- Where you are in development (concept, V&V, pre-submission, cleared)
-
Step 023 min
Describe the device
The more specific you are about the device, the more specific our scope and timeline will be. A short description goes a long way.
- Intended use & patient population
- Device classification (Class I / II / III) if known
- Submission pathway (510(k), De Novo, PMA, EU MDR)
- Connectivity: BLE, Wi-Fi, cellular, cloud, mobile companion app
- Software level of concern (Basic, Enhanced)
-
Step 035 min
Map the architecture (one whiteboard sketch is enough)
You don't need formal diagrams. A rough sketch of components, data flow, and external interfaces tells us 80% of what we need.
- Device hardware (MCU/SoC, OS, key peripherals)
- Software components: firmware, mobile app, web portal, cloud backend
- Third-party / OSS components you depend on (rough list)
- Where PHI / patient data lives and moves
- Authentication and update mechanisms (if designed yet)
-
Step 045 min
Gather what you already have
We don't need polished documents - drafts and outlines are perfect. Bring what exists; we'll tell you what's missing.
- Design inputs / requirements doc (any format)
- Risk management file or hazard analysis (ISO 14971)
- Existing threat model, SBOM, or security architecture (if any)
- Prior FDA correspondence (Q-Sub feedback, AI requests, deficiency letters)
- QMS posture: ISO 13485, 21 CFR 820, internal SOPs
-
Step 052 min
Decide what 'success' looks like for this call
A 30-minute call is plenty if you know what outcome you want. Pick one or two - we'll prioritize ruthlessly.
- Fixed-fee scope and timeline for a specific submission
- Sanity check on an upcoming Q-Sub or 510(k) cybersecurity package
- Help responding to an FDA cybersecurity deficiency letter
- Pen test / threat model scoping for a connected device
- Postmarket vulnerability handling and SBOM/VEX program design
- Strategic guidance for an upcoming round, M&A, or audit
-
Step 061 min
Book the call - and bring one stakeholder
30 minutes, no slide deck on our side. Bring whoever owns the answers (regulatory lead, head of engineering, or founder) and we'll deliver a written follow-up within one business day.
- Pick a time that works for the decision-maker
- Loop in your regulatory or engineering lead if separate from the founder
- Have your device sketch and any prior FDA correspondence open in another tab
- Allow 30 minutes uninterrupted - we use every one of them
A 30-minute call. Three concrete outputs.
A clear scope
Exactly what we'd do, what you'd do, and what 'done' looks like.
A fixed fee
Within 24 hours of the call - no hourly games, no scope creep.
A timeline you can plan around
Tied to your submission date, not ours.
Before you book.
-
Yes. Plenty of founders book the call before they have a single document. If all you can answer is "we're building X and we think it's a Class II," that's enough to have a useful 30 minutes. We'll ask the questions; you don't need slides, diagrams, or a written brief.
Prepped? Pick a time.
30 minutes is plenty when both sides come ready. Book now and you'll have a written summary and a fixed-fee proposal in your inbox within one business day.