In this episode of the Global Medical Device Podcast, Etienne Nichols sits down with seasoned MedTech founder and investor Jon Bergsteinsson to unpack a critical—but often overlooked—topic: budgeting in early-stage medical device startups. Drawing from his deep regulatory, clinical, and investment experience, Jon shares the red flags investors look for, the cost categories that founders routinely miss, and why a line item called “compliance” just doesn’t cut it.

Whether you’re a startup founder, a regulatory lead, or a project manager, this episode offers a sharp lens into the financial planning realities that can make or break product development and commercialization in MedTech.

02:34 – Why QMS, regulatory, and clinical are budget afterthoughts for startups

06:45 – What separates experienced vs. inexperienced MedTech founders in budgeting

10:20 – Why software and compliance tools get left out of early budgets

14:12 – How missing budget detail impacts product quality and time-to-market

19:04 – Red flags investors look for in MedTech startup budgets

23:30 – How to improve budgeting accuracy without a CFO

28:10 – Critical cost categories MedTech founders often overlook

35:55 – Advice for recovering from a budgeting oversight

39:40 – Comprehensive checklist of overlooked line items (manual translation, UDI, ISO licenses, and more)

45:00 – Final advice: why networking trumps isolation for smarter budgeting

"Relying on the status quo is never good. There are always ways to do things better."

Jon reminds founders and compliance professionals alike that innovation doesn’t stop at the product level—it also applies to budgeting, systems, and team empowerment.

"Getting a 510(k) through is just the starting point. Budgeting like everything ends there is a massive red flag."

This quote highlights the investor’s perspective on sustainability and long-term thinking—crucial traits in any fundable founder.

1. Broad Budget Buckets Signal Inexperience

Lumping all compliance-related costs under one line item may look tidy but signals to investors a lack of operational depth. Break out line items for QMS, clinical, regulatory, and software tools.

1. Software and Tools Are Not Optional Extras

Founders must factor in essential systems—like eQMS, CAD, risk management, and clinical data tools—early in budgeting. Assuming a single hire covers everything is a critical mistake.

1. Budgets Must Reflect Time and Scale Realistically

Flat budgets over 2–3 years, or those that assume regulatory costs end at market clearance, raise red flags. Investors expect dynamic budgeting that reflects the realities of growth, post-market surveillance, and team evolution.

1. Outsourcing ≠ All-Inclusive

Many startups underestimate the actual costs tied to consultants and CROs, assuming “someone else is handling it.” Always clarify what’s included—and what’s not.

1. Recovery Is Possible—If You Own It

If your budget’s off-track, clear communication with your board and investors, a willingness to revise, and a plan for worst-case scenarios are your best tools for regaining credibility.

• Jon Bergsteinsson on LinkedIn
• Etienne Nichols on LinkedIn
• Greenlight Guru – QMS and Clinical platform for MedTech companies

In this live episode from the LSI conference in California, Etienne Nichols is joined by Ashkon Rasooli to break down what it really takes to build a high-performing quality management system (QMS) in medtech—from startup chaos to post-market scale.

Ashkon shares a phased approach to aligning QMS implementation with product development, explains the concept of "enforcement points," and reveals how founders can reduce the burden of compliance by starting small and planning ahead. If you're navigating regulatory requirements while trying to stay innovative, this episode is your roadmap to smarter, leaner quality.

• 00:02 – Introduction to Greenlight Guru and medtech process integration
• 01:15 – QMS evolution from startup to commercialization
• 03:00 – Phase-based product development overview (Phases 0–6)
• 06:35 – Why QMS should follow product needs, not just regulatory triggers
• 09:10 – Agile vs. proceduralism in quality systems
• 11:50 – Building a quality culture during the feasibility phase
• 15:25 – When to implement QMS controls and how to prepare for “enforcement points”
• 18:40 – Investor-driven and regulatory QMS triggers
• 21:10 – How early QMS planning saves time and reduces future remediation
• 26:20 – Ashkon’s final advice for startups: start small and stay proactive

"You’ve got to take the BS—being burdensome—out of QMS."

Ashkon Rasooli redefines QMS as a project management tool, challenging the notion that compliance must be a burden. This quote encapsulates his philosophy of proactive, phased implementation that actually enhances product development.

"Start small and do a little bit at a time—it won’t seem like a burden."

A practical mantra for startups, this advice underscores how a gradual, well-aligned QMS rollout can prevent last-minute fire drills and wasted effort.

1. Use the "Phase 0–6" Model to Guide QMS Rollout – Align QMS implementation with the stages of product development to ensure each step supports the next.
2. Don’t Wait for Enforcement Points – Start building your QMS before regulators or investors demand it to avoid remediation-heavy implementations.
3. Prioritize Culture Before Controls – In early feasibility, focus on aligning your team with medtech’s safety responsibilities, rather than formal procedures.
4. Procedures Should Support Outcomes, Not Just Check Boxes – Avoid proceduralism by tying every process back to its intended quality objective.
5. Regulatory Strategy = Investor Strategy – QMS maturity is increasingly scrutinized during due diligence. Treat it as a value driver, not just a cost.

• Ashkon Rasooli on LinkedIn
• Greenlight Guru – Quality management software for medical devices
• Etienne Nichols on LinkedIn – Connect with the host
• ISO 13485 vs. ISO 9001 – Explains how medical device quality systems build on general standards
• ISO 14155 Overview – Relevant for clinical validation procedures

In the context of QMS, enforcement points are moments when external stakeholders (regulators or investors) require proof of formalized processes. Think of it like a driver’s license checkpoint—you may be cruising just fine, but at that moment, you must prove you’re compliant. The earlier you prep for them, the smoother your...

Many MedTech companies focus heavily on FDA clearance but overlook a critical layer of U.S. market entry: state-level compliance. In this episode, Etienne Nichols speaks with Adam Steadman, CEO of MDD Options, to unpack the real-world challenges that derail commercialization after regulatory approval.

From navigating state-specific registration, sales tax laws, and distribution logistics to choosing between direct and distributor-based strategies, Adam shares hard-earned insights for avoiding the "second valley of death" post-clearance. Whether you're a domestic startup or an international company entering the U.S., this episode arms you with a tactical understanding of compliance landmines and scalable go-to-market strategies.

• 00:02 – Intro: The real MedTech “valley of death” after FDA clearance
• 04:45 – Why U.S. state-level registration is misunderstood and overlooked
• 08:15 – State-level definitions of medical devices and why they differ
• 11:20 – Strategic go-to-market options: Distribution vs. Direct
• 17:00 – How regulations vary drastically by state (CA, TX, etc.)
• 21:50 – The real risks of noncompliance: lawsuits, bad PR, and due diligence failures
• 26:15 – Why distribution agreements can stall your growth (and how to avoid it)
• 34:30 – Sales tax & use tax: The hidden compliance trap
• 39:10 – Logistics, warehousing, and long-term liabilities in contracts
• 44:55 – Overlooked pitfalls: Secretary of State filings and income tax in 36+ states
• 51:15 – Software as a Medical Device (SaMD): U.S. compliance still applies
• 55:30 – Selling to the U.S. government vs. private sector buyers
• 59:20 – Veterinary devices and why they still need regulatory controls
• 1:03:10 – What a winning go-to-market strategy actually looks like
• 1:10:25 – Adam’s final advice to MedTech startups (foreign and domestic)

"You're not entering one country—you're entering 50 states and D.C. Each with its own rules, definitions, and tax laws."

—Adam Steadman explains why U.S. MedTech entry requires a state-by-state strategy, especially for international companies.

"None of the strategics want your warehouse management system—they want your product, your sales, and your proof of market fit."

—Steadman on why building non-core infrastructure slows down commercialization and valuation.

1. FDA Clearance ≠ Market Readiness – State-level registrations, sales tax laws, and pharmacy board definitions often delay or block commercialization.
2. Distribution Isn’t Always a Shortcut – National distributors may have misaligned incentives and can lock you into exclusivity that hinders growth.
3. Sales Tax is a Regulatory Minefield – 46 states require separate sales tax registration, exemptions tracking, and monthly filings—even if you're tax-exempt.
4. Beware of Long-Term Contracts – Logistics and distribution contracts often lock companies into rigid terms that prevent pivots or acquisitions.
5. Speed to Market Is Strategic – Getting to market fast is often the difference between becoming #1 or #3—and #3 often gets nothing.

What Is “Nexus” and Why It Matters for Sales Tax?

“Nexus” refers to the minimum level of economic activity that triggers tax obligations in a given state. For example, selling $100,000 of devices or 200 transactions may establish nexus, requiring you to register for sales tax. Unlike VAT in Europe, U.S. sales tax laws are state-specific, making this a major compliance hurdle for MedTech companies.

In this episode of the Global Medical Device Podcast, Etienne Nichols and regulatory expert Mike Drues take a critical look at the FDA’s Manufacturer and User Facility Device Experience (MAUDE) database. While intended to serve as a vital tool for post-market surveillance, the MAUDE database is fraught with issues—from late reporting and missing data to unclear mission alignment.

Mike challenges MedTech professionals to rethink how we engage with the system, exposing how widespread underreporting and data hygiene problems not only weaken safety efforts but also increase legal risk. This eye-opening discussion reveals where the breakdowns are occurring, who’s responsible, and what industry and regulators can do to fix it.

• [02:30] What is the MAUDE database, and why does it matter?
• [06:10] The critical difference between reportable and non-reportable adverse events
• [11:20] Limitations of MAUDE: Why FDA warns against using it for rate comparisons
• [17:45] Underreporting, late submissions, and missing data: The disturbing stats
• [25:00] High-profile companies dominating late reporting violations
• [32:10] Legal consequences: What expert witnesses look for in MAUDE data
• [38:50] Is it poor systems or lack of regulatory understanding causing failures?
• [46:00] Recommendations for manufacturers: What responsible reporting looks like
• [53:20] How FDA could modernize the MAUDE database to better serve patients
• [1:01:30] Carrots or sticks: Creating incentives vs. penalties for compliance
• [1:09:00] Final thoughts: The true mission of MAUDE and how to fulfill it

"A report in the MAUDE database is just a historical record. It doesn’t say why it happened or who’s at fault—just that it happened."

— Mike Drues

This quote underscores the limited utility of MAUDE reports and why interpretation requires caution.

"If you're not a medical device professional without your tools, then you're not really a medical device professional."

— Etienne Nichols

A poignant reminder that compliance and quality are human-led, not software-enabled by default.

Late Reporting is Widespread and Risky

• Nearly 30% of MAUDE reports are filed late, with 10% submitted more than six months past due. This creates legal exposure and potential patient harm.

MAUDE Is Misused—Despite FDA Warnings

• Manufacturers commonly use MAUDE for competitive analysis or trend detection, even though the FDA explicitly warns against it.

Three Companies Account for Over Half of Late Reports

• Large, well-resourced companies like Medtronic and Becton Dickinson are responsible for a disproportionate share of noncompliance.

Electronic Tools Help, but Culture Matters More

• Software can support MDR timelines, but organizations still need internal processes and urgency to act responsibly.

FDA and Industry Both Need to Evolve

• Suggestions include AI-driven cross-referencing, tiered reporting urgency, and incentive-based compliance recognition.

• FDA MAUDE Database
• 21 CFR 803.16 – MDR Reporting Requirements
• Etienne Nichols on LinkedIn

Think of the MAUDE database as a public logbook of adverse events involving medical

In this episode recorded live at LSI Dana Point, Etienne Nichols sits down with Ed Muzio, author of Iterate, to explore how iterative management helps MedTech companies move faster as they scale. Muzio breaks down the pitfalls of traditional management—including siloed execution and backward-looking metrics—and offers a proven alternative grounded in over 70 years of research.

With real-world analogies, like orchestras and dashboards, Muzio explains how leaders can create alignment, drive faster decisions, and unlock collaborative problem-solving by focusing on the future instead of the past. Whether you're part of a startup or an established MedTech firm, this episode delivers actionable strategies to help your team iterate with purpose.

• [00:01] Introduction and sponsor message from Greenlight Guru
• [01:13] Meet Ed Muzio and the premise of Iterate
• [03:15] Why most management meetings don’t drive real action
• [06:40] The “Alice” video case study and how it exemplifies iterative management
• [11:50] Common objections and barriers to implementing iterative processes
• [17:00] Using forward-looking data instead of status updates
• [22:08] MedTech example: anticipating 510(k) review delays
• [29:15] Making decisions early to gain planning time
• [34:20] How to get started if you’re a small or early-stage company
• [37:40] Cultural barriers in iterative team models
• [41:20] Handling matrixed environments and CEO-level priorities
• [47:10] Why clarity of decision-makers matters in early teams
• [51:45] The biggest mistake mature companies make in team meetings
• [55:05] Final advice: focus on behavior, not buzzwords

These quotes challenge conventional meeting norms and emphasize a proactive mindset crucial to success in fast-moving MedTech environments.

1. Backward-looking metrics kill momentum. Most leadership teams spend meetings reviewing past progress. Instead, focus on forecasting future outcomes and addressing variances before they become problems.
2. Accountability must be systemic, not personal. A team can only normalize issue-raising if the entire culture shifts to expect it—making it safe and standard to surface concerns early.
3. “Succeed or fail together” breaks silos. When departments align to shared goals, cross-functional collaboration becomes natural. Incentives that isolate progress undermine execution speed.
4. Don’t vote—decide. In small teams, designate a clear decision-maker and avoid democratic processes that lead to politicking instead of clarity.
5. Adopt flexible systems over rigid charts. Org charts don’t reflect reality. Iterative management embraces the messiness of matrixed teams and adapts meetings and collaboration structures fluidly.

In this live episode from the LSI conference, Etienne Nichols sits down with Justin Bushko—known as the "MedTech Man" and author of Medical Device Fireside Chats—to dive into what separates thriving medical device companies from those that fail.

From costly engineering missteps like ignoring tolerance stack-ups to the human factors issues that derail usability in the OR, Justin shares battle-tested advice based on his experience reviewing hundreds of device designs. He also delivers a wake-up call to startups overly focused on licensing or acquisition as the endgame. Whether you're an engineer, founder, or CEO, this episode offers critical insights into how to build a product that works—and a company that lasts.

• 00:00 – Introduction & Greenlight Guru Sponsor Message
• 01:26 – Live from LSI: Introducing Justin Bushko
• 02:55 – Why Early-Stage Engineering Mistakes Derail Companies
• 04:12 – The Critical Role of DFM and Tolerance Analysis
• 06:20 – Real-World Usability Failures: FDA Warning on Cranial Fixation Devices
• 08:10 – Human Factors Oversights & Surgeon Behavior
• 10:25 – What CEOs Should Focus On vs. Engineers
• 12:20 – Economic Buyers, KOLs, and Commercialization Challenges
• 14:05 – Don’t Chase the Exit: Why Founders Should Build for Longevity
• 16:00 – Final Thoughts and Takeaways

1. DFM & Tolerance Analysis Are Non-Negotiable: Skipping detailed design-for-manufacturing and tolerance stack analysis often leads to failure right before tooling and commercialization—when funds are already tight.
2. Human Factors Must Be Built-In Early: Surgeons may not use your product as intended. Validate with a wide range of KOLs to uncover unintended use or misuse.
3. Test for High-Risk Use Cases Early: For devices like inserters, test mechanical thresholds that could lead to field failures. Don’t wait until post-market feedback.
4. Understand Economic Buyers, Not Just KOLs: A surgeon’s support doesn’t guarantee adoption. You need champions who can advocate to hospital boards and procurement teams.
5. Stop Chasing Exits—Build Real Companies: Investors and acquirers see through the “quick flip” mentality. A sustainable business model attracts more serious interest.

• Greenlight Guru – Sponsor and end-to-end MedTech quality management platform
• Justin Bushko on LinkedIn
• Etienne Nichols on LinkedIn
• Medical Device Fireside Chats –

Christian Espinosa, founder of Blue Goat Cyber and leading voice in medical device cybersecurity, joins Etienne Nichols to unpack the urgent and often misunderstood topic of cybersecurity in MedTech. From FDA’s 2023 regulatory overhaul to real-world hacking scenarios that could harm patients, Christian provides practical advice for innovators, RA/QA professionals, and software teams. He also shares why waiting until the last minute on cybersecurity could cost startups millions—or even kill a project entirely.

Whether you're a quality professional trying to build compliant systems or an innovator racing toward FDA submission, this episode lays out exactly what you need to know to stay ahead of cyber threats and within regulatory guardrails.

Key Timestamps:

• 00:01 – Intro to guest Christian Espinosa and Blue Goat Cyber
• 06:28 – Why medical device cybersecurity is different from traditional IT security
• 11:49 – Real-world hacking example: acne laser device turned skin-burner
• 13:57 – FDA expectations post-September 2023: what changed
• 17:12 – Secure boot: a microcontroller mistake that derailed a launch
• 20:35 – Common cybersecurity vendor mistake MedTech companies make
• 23:40 – SBOM: Software Bill of Materials and why it's legally critical
• 27:58 – Cyberattacks in hospitals: assuming a hostile network
• 35:44 – AI in medical devices: data bias and cybersecurity challenges
• 41:10 – Developers ≠ cybersecurity experts: the training gap nobody talks about
• 45:20 – What RA/QA professionals need to know now
• 49:30 – Why cybersecurity must be iterative, not a final-phase add-on
• 55:20 – Espinosa's final advice for MedTech professionals
• 57:52 – The story behind “Blue Goat Cyber”

Standout Quotes:

Top Takeaways:

1. Cybersecurity isn’t just about data—it's about patient safety. From burning skin to missed sepsis diagnoses, vulnerabilities in devices have real-world harm potential.
2. FDA now requires more than just a basic security plan. Post-September 2023 rules mandate testing (SAST, DAST, fuzzing), SBOMs, and risk assessments tied to patient harm.
3. Start cybersecurity planning during the requirements phase. Hardware like microcontrollers must support secure boot and other protections—retrofits can cripple product plans.
4. Iterate cybersecurity like any core development activity. One-time testing near submission is too late; build security into your pipeline just like QA or usability.
5. Traditional cybersecurity vendors aren’t enough. Many fail to meet FDA’s nuanced expectations for medical devices, causing costly submission rejections.

References & Resources:

• Christian Espinosa on LinkedIn
• Blue Goat Cyber
• Etienne Nichols on LinkedIn

MedTech 101 – Understanding SBOM (Software Bill of...

In part 2 of a critical two-part series, Etienne Nichols and regulatory affairs expert Mike Drues explore the nuanced pathway of switching a medical device from prescription (Rx) to over-the-counter (OTC).

This episode dives deep into what triggers a new submission, how usability testing and human factors play an expanded role for lay users, and the regulatory logic that guides these transitions. The conversation highlights the importance of aligning regulatory strategy with business goals, and offers practical insights on leveraging real-world evidence, understanding the limits of FDA databases, and optimizing pre-submission meetings.

• 02:10 – Starting from a cleared 510(k): Do you need a new submission for OTC?
• 06:45 – Implications of removing the healthcare provider from the equation
• 12:00 – Risk management: Expanding risk profiles when lay users are involved
• 18:15 – When a 510(k) becomes a De Novo or PMA
• 22:50 – Usability testing and the risk of user error in OTC devices
• 31:20 – Clinical investigations and good clinical practices (GCPs)
• 36:00 – Real-world evidence vs. real-world data—what’s usable?
• 41:30 – Using Pre-Subs effectively and what “quality data” really means
• 47:10 – Labeling, cleaning, and UDI for OTC products
• 53:40 – OTC software and digital health—when is it a regulated device?
• 01:00:00 – Summary: Aligning regulatory logic with common sense and business strategy

“With an OTC device, we are taking the healthcare professional totally, completely, and utterly out of the loop.”

– Mike Drues

This quote encapsulates the core regulatory challenge in moving a device to OTC: every element, from labeling to usability, must assume zero clinical supervision.

“If the clinical trial won’t tell you anything you don’t already know from good real-world evidence, why spend the time and money?”

– Mike Drues

A powerful argument for using well-documented real-world evidence over unnecessary trials—provided the data truly meets evidentiary standards.

1. Label Expansion ≠ Shortcut: Moving from prescription to OTC usually requires a new submission—especially when removing the healthcare provider introduces new risks.
2. Usability Testing Is Critical: OTC usability studies must go beyond IFU comprehension to include risk of misuse, poor device selection, and user decision-making.
3. Real-World Evidence Can Help—If It’s Clean: Real-world data isn’t always usable. FDA will expect reproducibility, traceability, and strong justifications.
4. Labeling & Design Must Assume No Clinical Oversight: Cleaning procedures, warnings, and directions must all be validated for home use and layperson comprehension.
5. Use Pre-Subs Wisely: Especially for label expansions or gray-area digital health tools, pre-subs provide critical alignment with FDA and prevent costly errors.

• Etienne Nichols on LinkedIn
• FDA Guidance on Real-World Evidence for Regulatory Decision-Making
• Greenlight Guru Webinar: What is and Isn't a Regulated Medical Device (feat. Mike Drues)
• FDA Guidance: Clinical Decision Support Software

Analogy: Think of prescription vs. OTC devices like driving a manual vs. automatic car. Prescription devices assume a trained “driver” (the healthcare provider), while OTC devices must be intuitive and safe enough for anyone to “drive”...