How Compliance Killed MedTech – And Why AI Is Next
The healthcare industry stands at a crossroads. While technological advancements promise unprecedented improvements in patient care, an insidious force threatens to stifle innovation: compliance.
The Rise and Fall of MedTech Innovation:
Initial Promise: MedTech emerged with the potential to revolutionize healthcare delivery, offering tools that could enhance diagnostics, treatment, and patient monitoring. Remember Telemedicine and evidence-based medicine?
Compliance Roadblocks: The burgeoning field soon encountered obstacles, like: HiTrust, Soc2 type 2, FedRamp, ONC Health IT Certification and others. Stringent regulatory frameworks, while designed to ensure patient “safety”, created an environment where innovation became secondary to compliance. These certifications are required and are listed under the Terms section of any federal contract a new company might like to bid on located at Sam.gov. State and local contracts also block the sale of any new MedTech product by incorporating mandatory compliance from the organizations listed above and beyond. The result is the criminalization of entrepreneurship. Medicine is a largely government owned industry — however not even private industry nor cash-based practices that live outside of government funding and health insurance cartels are immune from being sued for non-compliance.
Consequences: Startups found themselves entangled in prolonged approval processes, diverting resources from research and development to meet regulatory demands. The result? It’s a massive understatement to say “a stagnation in innovation”. The closer truth is “it destroyed small businesses created by MedTech entrepreneurs” - and this destruction is permanent.
MedTech last ditch effort: Why not “just comply”?
Money: $250k to $X million. Not many newly graduated PhDs (who are broke) or burgeoning physician’s early in their career (who are also broke) can fund the software compliance cartel. Further, there is no reason to legitimize the utility of these organizations. Have you ever noticed the most compliant software companies are the ones that are always hacked? Remember Solar Winds? But they were Soc 2 compliant? So… So what…
Time: 9 months to a year. Who doesn’t have 9 months to a year to burn on building out compliance AFTER build a fully product? Everyone! Everyone does not have 9 months to a year to burn! Also it’s irrelevant if you don’t have the money to waste on a 3rd party audit.
Bankrupt: The time and money will clearly bankrupt any company that is fighting for scraps to stay afloat! Can a company really afford the cash and money for a chance to make $25k / year? This is where the saying comes from “the juice is not worth the squeeze”. If software compliance cartels can design a system where the juice is not worth the squeeze to sell in the market place - they’ve created a near monopoly, which they’ve successfully accomplished. Current EHRs are an anti-trust.
Reality: You’re never in compliance! The reality is “you are never in compliance” and “no one is in compliance”. If you enter this circus chasing compliance, you will soon find that every one of these software compliance cartels updates their definition of what “compliant” means every couple years. In doing so, they create more jobs for themselves, as auditors can continue to audit “once compliant” but no-longer compliant companies. And on and on the circus goes. You have to sand in awe at the intelligence and patience of the software compliance cartels because they have won. The only thing is… no amount of money can help them on their death bed when we still can’t fix cancer. Builders have opted out.
Can’t you raise money? Of course you can, but this section needs an entire book - and the honest advice is that you shouldn’t raise money. Ask any honest venture capital investor - “does VC money help more than it hurts”. Resoundingly, VC hurts more than it helps, creates perverse incentives, a state of continual property theft, and a drug-like enforced dependency on more capital you don’t need. Don’t raise money.
AI: The Next Frontier Under Threat:
Parallels with MedTech: Artificial Intelligence (AI) in healthcare holds immense promise, from predictive analytics to personalized medicine. Yet, it faces a trajectory eerily similar to MedTech.
Emerging Regulations: As AI applications proliferate, regulatory bodies are scrambling to establish guidelines. While oversight is essential, there's a looming risk that overly stringent regulations could hamper AI's transformative potential.
Call to Action: Recognize the #1 priority of institutions is “safe and useless”. It's imperative for stakeholders to strike a balance between ensuring a “safe and useful” outcome. Without proactive measures, AI in healthcare succumbs to the same compliance-induced inertia that bludgeoned MedTech.
The narrative of MedTech serves as a cautionary tale. As we stand on the brink of an AI-driven healthcare revolution, we must learn from past missteps. Embracing innovation while exiting the economy completely appears the only way to avoid compliance. Compliance is still the linchpin to realizing the full potential of technological advancements in healthcare or anywhere.
Join the conversation on DoctorsInTech.com, explore strategies to to criminalize the software compliance cartels, and let the builders build.