Health
Audit

For MedTech & device companies

Software that passes the audit.

SaMD development under IEC 62304 and ISO 13485, FDA submission documentation, firmware-to-cloud pipelines, and companion mobile apps that ship alongside your device. By a team that's been through the audit, not just read about it.

Book a SaMD scoping callSee MedTech case studies

Hazard map · ISO 14971

reviewing

Battery overheat

high risk · sev 4 · prob 2

← lower prob.higher prob. →
8 hazards mapped14971 · 62304

What we hear from founders

The six things blocking submission.

Class II is our home turf. We can support Class III with the right partners — ask during the scoping call.

FDA submission is in 6 months — software isn't ready.

We come in with the documentation playbook. Code and DHF in parallel, not sequential.

We've never run IEC 62304 before.

Our SDLC is 62304-aligned from day one. Your QMS lead sees the artifacts produced alongside the code.

Firmware team and cloud team don't speak the same language.

We architect across the boundary — protocols, security, OTA, fleet management — in one project, one team.

Cybersecurity premarket guidance dropped 200 pages.

SBOM, threat model, vulnerability response plan — produced as part of the engagement.

Companion app got rejected by App Store review.

We re-submit with the right medical-device disclosures and prior-art context.

Our prior vendor delivered code but no documentation.

We backfill the DHF, traceability matrix, and V&V evidence from the code that exists.

How we work with you

Four ways to engage.

Software, documentation, and submission support — under one contract, one quality system, one accountable lead.

Class A, B, or C — we run software development under IEC 62304, with ISO 14971 risk management and ISO 13485-aligned quality system from project start, not patched at submission.

  • IEC 62304 process from day one
  • ISO 14971 risk management embedded in sprints
  • Design History File (DHF) produced inline

Class II ready · Class III on path

510(k)

IEC 62304

ISO 13485

Cloud

We've shipped the documentation for Class II software submissions cleared on first review. Test protocols, validation evidence, hazard analysis, cybersecurity SBOM — all produced alongside the code.

  • 510(k) software documentation produced inline
  • Cybersecurity premarket submission (SBOM, threat model)
  • Verification and validation protocols

510(k) cleared, first review

Connected-device platforms that handle intermittent connectivity, OTA updates, telemetry, and security at scale. Built on AWS IoT, Azure IoT Hub, or your existing platform.

  • OTA firmware update infrastructure
  • Device telemetry + edge data pipelines
  • Fleet management + remote diagnostics

$150K–$500K typical scope

Firmware

Mobile

Telemetry

Security

iOS and Android apps designed to clear the App Store and Play Store medical-device review processes. HealthKit, CareKit, Apple Watch — when relevant.

  • Apple HealthKit / CareKit integration
  • Android Health Connect support
  • App Store / Play Store medical-device review prep

Fixed-price per app

Tools we work in

We bring senior expertise from day one.

EHRs

EpicCernerAthenahealtheClinicalWorksNextGen

Standards

HL7 FHIRHL7v2DICOMX12CDA

Integration

RedoxHealth GorillaMirth1upHealth

Cloud

AWSAzureGCP

Platforms

Salesforce Health CloudTwilio HealthMicrosoft Cloud for Healthcare

AI / ML

PyTorchTensorFlowHugging FaceOpenAIAnthropic Claude

For founders heading to submission

30-minute scoping call. No commitment.

Tell us your device class, intended use, and target submission date. We'll come back with a roadmap to the documentation packet.

Book scoping callCompliance details