Skip to main content
    Back to episode
    Episode 58 · February 12, 2026 · 44m listen · 8,768 words · ~44 min read

    From Idea to FDA Clearance: What Nobody Tells Medtech Founders with Darcy Bachert | Ep. 57 - Full Transcript | The Med Device Cyber Podcast

    Read the complete, searchable transcript of Episode 58 of The Med Device Cyber Podcast - expert conversations on medical device cybersecurity, FDA premarket and postmarket guidance, SBOM management, threat modeling, and penetration testing.

    Prefer the listening experience? Open the episode page for the synopsis, key takeaways, topics, and Apple / YouTube listen links.

    Episode summary

    In episode 57 of The Med Device Cyber Podcast, hosts Christian and Trevor welcome Darcy Bachert, CEO of Prolucid, an ISO 13485-certified software development firm specializing in highly regulated industries like medical devices and nuclear. This episode pulls back the curtain on the often-underestimated complexities of bringing a medical device to market, emphasizing that clarity in project requirements, understanding the end-user environment, and robust regulatory compliance are paramount. The discussion highlights the critical role of standards like IEC 62304 for medical device software development and the significance of a well-implemented quality management system (ISO 13485) in de-risking development and regulatory submissions. Darcy and the hosts explore the financial and temporal realities of medtech market entry—averaging seven years and $35 million—and the ongoing postmarket responsibilities for security and updates. They also delve into the strategic advantages of partnering with experienced firms and participating in accelerator programs like MedTech Innovator to navigate the intricate landscape from ideation to FDA clearance and beyond, contrasting this with the rapid, iterative approach common in general tech startups.

    Key takeaways from this episode

    • Project clarity from the outset, encompassing clear requirements and a deep understanding of the end-user environment, is crucial for successful medical device adoption and market entry.
    • Developing medical devices is significantly more complex and time-consuming than general product development, requiring extensive planning and adherence to rigorous standards like IEC 62304 and ISO 13485.
    • A robust quality management system is essential not just for certification, but for establishing efficient, well-documented processes that de-risk development, enhance traceability, and ensure consistent product quality.
    • Choosing development partners with proven experience in regulated environments and a strong track record of successful FDA (or other regulatory body) approvals can significantly reduce delays and financial burn.
    • Achieving product-market fit in medtech requires intense focus on clinician needs, workflow integration, and reimbursement strategies from early stages, as rapid pivots are not feasible once substantial development has occurred.
    • The postmarket phase of a medical device demands continuous attention to cybersecurity, updates, and maintenance over its entire lifecycle, often spanning five to ten years.

    Full episode transcript

    Page 1 of 11· Paragraphs 1 - 11
    The lack of clarity causes the most problems in humanity, in anyone's life, not just in software development. Project clarity starts with the early stages of what we are doing, why we are doing it, and then every step of the way, making sure we communicate progress and show what we are building. So, in the end, what we have built is something that they actually need, that they can use, and that will be successful. What other challenges are pretty common that you encounter? Really understanding how to do it the right way and how to do it in a way that can be adopted by the end-user. I do not know if there is as much awareness about how much different it is to build a medical product than to just create a product. There is so much more that goes into it, just from a planning and process perspective. Welcome to another episode of The Med Device Cyber Podcast. Today, we have a guest, Darcy Bachert, and we are going to be talking about software development and how to do secure software development, and a little bit about the Canadian medtech market because Darcy's organization, Prolucid, is based in Canada. Before we dive in, do you want to give us a little background of yourself, Darcy, and Prolucid, and maybe why the name Prolucid? I was wondering that earlier, actually. Absolutely. First off, thanks, Trevor and Christian, for having me on. As mentioned, I am Darcy Bachert, founder and CEO of Prolucid. We are an ISO 13485 certified software development firm based in Toronto, Canada. We have been in business just over 17 years now. We actually do work in both medical and nuclear, so highly regulated industries, both with very unique development as well as cybersecurity type challenges, and we work with customers really across the world. The bulk of them, though, would be North America, Western Europe, and Australia, but others as well, helping them take an idea all the way through FDA. As you all know, cybersecurity is a huge part of that, so that is something that we help support. Where did the name Prolucid come from? It is not what it maybe sounds like. It is actually two different words joined together: "project clarity" is where it comes from. We find that one of the most challenging things in any project is not so much writing the software, but really understanding what problem they are trying to solve and what they are trying to build. And so, that project clarity starts with the early stages of what are we doing, why are we doing it, and then every step of the way, making sure we communicate progress and show what we are doing. So, in the end, what we have built is something that they actually need, that they can use, and that is going to be successful. So, we try and build that into everything that we do. But that is where the name comes from. I like it. I think the lack of clarity causes the most problems in humanity, in anyone's life, not just in software development in general, especially like building a business or going after a goal. You have to have clarity. Without clarity, people rarely know what to do; they do not know what steps to take, and it makes it very challenging. And I think you are the same when we are talking to people. They need help; they do not have all the answers. They are looking for that. And so, you are not just there to solve cybersecurity or to solve software development. You are there to share advice where you can, give input where you can, and ask good questions because, collectively, that is what we are all trying to find: that clarity on what we are building, how we are going to build it, and do it the right way. And that is where we create the best successes. And what is the weather like today in Toronto? We have almost 10 degrees. We have been dealing with blizzards and nonsense and a very, very long winter that has already started, but we have a bit of a thaw that we are dealing with right now, so I cannot complain too much. I think it is probably low 50s here. Gosh, I am in Arizona, it is like 55 today. That is like pretty cold for during the day in Arizona, 55 Fahrenheit, otherwise it would be super hot in Celsius. And Trevor is in San Francisco. He just moved to California not too long ago, and he is dealing with foggy weather and chilly weather typically. The sun has finally broken out today, it is nice to see. Hopefully, the sun stays out for the JP Morgan week next week. But yeah, it has been rainy, floody, earthquakey, fiery, just every bad thing that can happen seems to happen to San Francisco.
    1 / 11