Episode Details

Back to Episodes
Secure Software Development for Medical Devices: The Real Story with Darcy Bachert

Secure Software Development for Medical Devices: The Real Story with Darcy Bachert

Season 1 Episode 57 Published 2 months, 3 weeks ago
Description

Building medical device software is hard. Building it the right way is harder. And getting it through FDA approval while managing cybersecurity requirements? That's what Darcy Bachert has been doing for 17 years.

Darcy runs Prolucid Technologies, an ISO 13485-certified software development firm in Toronto. They work with medtech companies across North America, Europe, and Australia.

And in that time, he's seen the same mistakes repeatedly.

The biggest one? Founders build products that solve problems nobody has. Or they build something physicians won't adopt because it adds complexity instead of making their lives easier.

In this conversation, Darcy talks about IEC 62304 and why it matters when choosing a software partner. The Canadian medtech ecosystem and why Toronto is a major hub. And why quality systems and cybersecurity need to be built in from day one, not added at the end.

This episode is practical if you're building a medical device or working with medtech startups.

Episode Breakdown:

00:01 Welcome and intro

00:30 Darcy's background and Prolucid Technologies overview

01:15 The origin of the name Prolucid Technologies

01:58 Why clarity matters more than code

04:18 Common challenges beyond software development

06:11 Toronto's medtech ecosystem

06:57 IEC 62304 and choosing the right development partner

09:17 ISO 13485 certification and investor confidence

12:04 Realistic timelines for medical device software

15:32 Cost expectations and budget planning

18:45 Building quality systems from the start

21:20 Integrating cybersecurity throughout development

24:15 When and how to do penetration testing

27:30 Cybersecurity mistakes startups make

30:42 The MTI program and Canadian medtech resources

33:18 Canadian vs US medtech markets

36:22 Physician adoption challenges

40:18 Trevor: Don't invent your problem

41:36 Darcy: Find partners who've done it before

43:05 Christian: Balance user adoption with reimbursement


The Med Device Cyber Podcast is brought to you by Blue Goat Cyber, cybersecurity experts providing essential security solutions for the medical device industry. Learn more by visiting https://bluegoatcyber.com.

If you're interested in our services or partnering with us, schedule a Discovery Session: https://meetings.hubspot.com/blue-goat-cyber/discovery-session

Christian Espinosa is the CEO and Founder of Blue Goat Cyber. Trevor Slattery is the Chief Operating Officer at Blue Goat Cyber.

Christian Espinosa on LinkedIn: https://www.linkedin.com/in/christianespinosa/

Trevor Slattery on LinkedIn: https://www.linkedin.com/in/trevor-slattery-34852b1a9

Blue Goat Cyber on LinkedIn: https://www.linkedin.com/company/blue-goat-cyber/

Blue Goat Cyber on Instagram: https://www.instagram.com/bluegoatcyber/

Blue Goat Cyber on Facebook: https://www.facebook.com/bluegoatcyber/

Blue Goat Cyber on YouTube: https://www.youtube.com/@BlueGoatCyber/?sub_confirmatio

Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

 Support Us