Triple Ring’s Dr. Todd Harris will be presenting at 2024 LASHCON in Anaheim, California. LASHCON is the premier eyelash conference where Beauty and Aesthetics professionals go to connect with lash artists, get inspired, and learn to grow their businesses. Todd was invited to speak at the conference on the topic of laser safety around the sensitive anatomy of the eye. Todd’s expertise was critical to the development of LUUM Lash’s robotic precision eyelash extension platform. The LUUM Lash device is a true mash up of high-tech and glamor. Join Todd and hundreds of lash artists and enthusiasts for what will be a fun and exciting event.

This article was published by Deloitte on September 17, 2024. Click Here to link to the original article.

While interest in medical technology (medtech) appears to be growing—among both venture capital (VC) firms and private equity (PE) companies—investment strategies seem to be evolving. VC investments in medtech reached a two-year high in the first quarter of 2024, although deal volume remains lower than in 2022, according to a report.¹ Those firms typically focus on helping early-stage companies grow and build their brand. While there can be substantial risk, there is also the potential for significant returns

PE firms, by contrast, tend to invest in more mature companies, often taking a majority stake. The risks, as well as the returns, are typically lower. A growing number of large medical device manufacturers seem to be spinning off slow-growing segments of their companies so that they can focus on high-growth areas. This restructuring trend has created an investment opportunity for some PE firms. Both PE and VC investors appear to be homing in on companies that are focused on cardiovascular disease, surgical robotics, and women’s health.²

Silicon Valley-based Triple Ring Technologies, Inc. is an investment and development company that helps innovators and entrepreneurs solve problems and launch breakthrough products. Joe Heanue, Ph.D., the company’s CEO, has helped develop a wide range of medtech devices in his career. He says Triple Ring, which he co-founded in 2005, sits at the intersection of science, technology, and business (the triple rings). I recently had an opportunity to talk with Joe about some of the investment trends he is seeing in the medtech space. Here’s an excerpt from that conversation:

Glenn: How have you seen investment strategies change over the past couple of years?

Joe: A lot of investment dollars were flowing into start-ups and venture-backed companies during the pandemic as investors and entrepreneurs jumped in to meet the COVID-19 challenges. At the same time, some government programs provided funding for diagnostics. The net effect that I saw was over-investment in the sector. Inevitably, only a few players ended up benefiting, and that cast a bit of a shadow over investments in diagnostics. I also saw a significant burst of VC funding activity in medtech as the pandemic progressed but, by early 2023, there was a contraction. Some VC investors supported existing portfolio companies at the expense of new investments. This is when I started to observe a transition of investment activity, from venture capital to corporate venture and private equity. A lot of creative things are taking place in that middle ground. For example, some organizations are executing an interesting model in which they invest in R&D alongside a commercial chassis to build out a platform. These approaches are generating buzz around oncology, cardiovascular disease, and orphan diseases. Another example is known as build to buy. These partnerships are collaborative, outcome-focused, and financially flexible to balance risk when bringing new and innovative products to market. In general, I think we’re likely to see more examples going forward of large corporates trying to fill the gap left by under-investment in medtech by traditional venture firms.

Glenn: What types of companies do you think are getting more attention from investors?

Joe: Many VC investors appear to be paying close attention to their existing portfolios. But we see PE investors working with corporate venture in interesting ways. This is a reflection of the fact that some medtech companies have grown substantially through acquisitions over the past couple of decades and are starting to carve out some of their smaller businesses. The carve-outs tend to be more nimble and better able to respond to changing markets.

Glenn: What do you think is the exit strategy for venture-backed medtech companies? 

Joe: Smaller venture-backed companies often see an exit strategy through private equity investment. Within smaller private equity-backed companies, the exit strategy is often a move toward a larger PE group; and the larger PE groups often see their exit as an acquisition by a large corporation. 

Glenn: You refer to your business model as “venture building.” What does that mean?

Joe: We do a mix of investment and development. Our model is to invest in projects we work on and work on projects that we can invest in. At the same time, we try to bring a network of third-party investors to the table. We are a hub that helps to connect investors and innovators.

Glenn: You have developed a number of medtech products in your career. What gets you excited about this space today?

Joe: Incredible advancements are being made in biology with genomics, proteomics, and multi-omics as well as with cell and gene therapies. At the same time, computing has become less expensive, more scalable, and more powerful. Companies are often able to develop and introduce sophisticated products through multidisciplinary efforts much faster and more efficiently than ever. Every year, the industry’s ability to develop effective solutions to complex clinical problems increases.

Glenn: Is there a connection between biopharma and medtech?

Joe: Absolutely. Our business is split roughly 50/50 between medtech and biotech/biopharma. The lines continue to blur. In cell therapies, for example, manufacturers manipulate patient’s cells using a mix of manual labor, complex medical devices, and automation. The next generation of cell therapies will likely be developed and administered at the patient’s bedside. Collecting a patient’s blood, sending it to a manufacturing site to be developed into a therapy, and then sending the therapeutic back to the hospital is an expensive and time-consuming process that can take weeks. The next generation of therapies will likely move everything closer to the patient.

Glenn: Is artificial intelligence [AI] being integrated into medtech devices?

Joe: Medtech investors are evolving their approach as they move from a focus on tools and hardware to a focus on apps, AI, and data. If you are launching a new product, investors are going to ask if there is an AI component. Investors will also want to know about the data being generated and how it is being used. When we talk to people about the future of surgery, they are increasingly talking about digital surgery. They want to know how data can make the surgical process more effective. For example, prior to recommending a certain surgical procedure, AI could be used to evaluate a patient’s health data and demographics to predict the likely outcomes and identify possible complications or adverse events. AI, combined with data, is already impacting how some clinical procedures are performed. A new generation of clinicians that has grown up with technology is helping to drive this trend. They expect to have access to sophisticated tools, data, and connectivity. 

Glenn: Sophisticated medical devices sometimes can only be used by highly trained clinicians. It seems there is a trend toward democratization in health care and a focus on the simplification of care. What are you seeing?

Joe: The democratization of health care can help move care from the hospital to ambulatory surgery centers, out of surgery centers to a physician’s office, and out of the physician’s office into the patient’s home. There is a lot of interest in devices that can help move care delivery closer to the patient and improve convenience and reduce costs. Technology is making a variety of procedures, particularly surgical and interventional, more accessible. Democratization also is being accelerated by compressing the time needed to master a given procedure—skills that once took years to acquire now can be learned in a few months. 

Glenn: What about GLP-1 drugs? How do you see this impacting investments?  

Joe: We are starting to see interest move from the pharmaceutical sector into the medtech space. Investors are interested in delivery devices, wearables, compliance technology, tracking tools, and AI tools that can help match patients to the most effective drugs administered optimally.

Conclusion

Stepping back, it’s interesting to reflect on the dynamic nature of medtech innovation and the evolution of health care markets. As challenges arise in one portion of the innovation cycle, they are often offset by advancements in another. For example, as value-based models put pressure on hardware and equipment costs, AI shows potential for improving system performance and cost efficiency. This dynamic is also true of the funding environment—as some VC investors try to support new products and companies, some PE firms have helped fill gaps by taking riskier positions that were once solely the domain of VCs. Finally, governments can play a role in keeping the wheels of health care innovation churning. These trends appear to reflect a broader shift toward more collaborative, outcome-focused, and financially flexible approaches in medical device development, aiming to balance innovation with risk management.

By Glenn Snyder, principal, Deloitte Consulting LLP

FAQs

What is Corporate Venture Building?

Corporate Venture Building is the practice of building a separate venture from scratch – A new brand, team, program, revenue stream, or P&L is created to target untapped opportunity spaces – new customer segments, technologies or capabilities – outside of a core existing businesses. This effort can be a fully internal, adjacent, fully external, or hybrid program.

Do Private Equity firms invest in startups?

Private Equity (PE) firms are increasingly investing in startups, though selectively. PE firms traditionally invest later in a company’s lifecycle – around the time that companies begin to generate revenue from their products or services. Key value propositions that PE firms bring to portfolio companies include growth capital, operational efficiency and a tight focus on profitability. Most pre-revenue startups are not a fit for PE, however we are seeing PE firms investing earlier especially for high growth potential companies that are a short time away from revenue generation.

Is Triple Ring a CDMO?

In the MedTech industry, a CDMO, or Contract Development and Manufacturing Organization, is an external partner for the design, development, and manufacture of medical devices and diagnostic platforms. Triple Ring does perform the function of a CDMO, and quite a lot more. Beyond our Product and Technology Development (CDMO) business we are also a Corporate Venture Builder and Translator of technology from early R&D into products. The Translation work is performed primarily through contracts with the US Government.

In September 2023 the US Food and Drug Administration (FDA) issued industry guidance on cybersecurity for medical devices to better protect patients, hospitals, and the broader healthcare system from cyber-attacks. Medical device and in vitro diagnostic (IVD) manufacturers will be required to implement significant changes to Design Control and Quality Management practices and procedures to comply with the new regulations. The FDA guidance is a result of years of study and a well-documented increase in malicious attacks on hospitals and other healthcare distribution centers. Indeed, ransomware attacks are now commonplace among hospital systems (large and small) with heavy financial and even patient care consequences. Healthcare distribution systems are unique in their vulnerability to cyber-attacks due to a history of prioritizing patient care and patient outcomes over cybersecurity threats and a reliance on a vast array of tools and devices to manage care. 

The Intersection of Cybersecurity and Medical Devices

The past fifteen years have seen remarkable increases in software-enabled smart medical devices and a shift towards an Internet of Things (IoT) healthcare distribution architecture. These trends are responses to strong market demand for smart devices’ benefits, including wider patient access, more effective use of data, better patient experiences, and better patient outcomes. However, these benefits carry increased risks of malicious attacks on healthcare organizations by criminals who exploit vulnerable devices to target individual patient medical records, disrupt operations, ransom data, or enter networks through backdoors to move freely throughout an enterprise. Manufacturers of medical devices must do their part to remedy a situation that is increasing in frequency and severity by improving the quality of their products. 

FDA’s Cybersecurity Guidance for Medical Device Manufacturers

The impacts of the FDA’s cybersecurity guidance are only now being appreciated. The scope of the regulations is broad and includes all device software that stores, transfers or analyzes data. Therefore, any medical or diagnostic device with upgradeable software, a USB port, or even compact disc technology is now considered a connected device and is subject to updated regulations. It is important to understand that as of September 2023 any company, whether a startup or a Fortune 500 medical device or IVD manufacturer, developing devices and technology for FDA-regulated markets must update their product development procedures to address the new standards. This means medical device and IVD developers must now add resources and effort to quality management and design controls. It is also significant that the new guidance encompasses not only modern wirelessly connected and IoT technology but also the huge toolbox of existing products already in hospitals. The impacts of this reality could be even more substantial. They will play out as the industry faces balancing legacy technology’s security risks and upgrading systems’ costs.

The Guidance reflects FDA’s recommendations for information to be included in premarket submissions for Basic and Enhanced Documentation Levels. This recommended information should demonstrate that planning, requirements, risk assessment, design reviews, traceability, change management, testing plans and results, and other aspects of good software engineering for device software functions were employed, to support a conclusion that the device software function was appropriately designed, verified, and validated

FDA, Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions

What Changed at Triple Ring?

In preparation for meeting the design requirements implied by the new medical device cybersecurity rules, Triple Ring’s Quality, Systems Engineering, and Software Engineering teams have completed training on the guidance, have updated quality management processes, and have begun implementing device designs and documentation that will support successful FDA submissions for our clients. The new practices augment a robust and comprehensive quality management system by adding a threat modeling methodology called STRIDE. We have implemented the STRIDE methodology to systematically assess vulnerabilities and mitigate threats throughout the device design lifecycle. We follow a structured process, outlined below, for all our client projects requiring FDA submissions.

Figure: STRIDE framework for assessing, mitigating, and designing devices resistant to cybersecurity attacks.

STRIDE Process

• Identify and document device design elements requiring protection: The use of data flow diagrams (DFD) in parallel with the product architecture allows Triple Ring to decompose any device design to help the FDA understand key elements within the design, core functionality, external connections and how information flows through the device. From software, firmware, and embedded code to wireless communication, and data transfer hardware, the subsystems and components that require threat protection are cataloged in data flow tables.  

• Analyze each element using STRIDE methodology: At the subsystem and component level, we analyze the device design for potential vulnerabilities using STRIDE. 

• Document potential vulnerabilities and threats: We fully characterize device designs for each STRIDE category and document our findings in detail. By defining the ecosystem and system DFDs, the product can be used to identify assets that threat actors may utilize to probe at vulnerabilities of the product. Triple Ring is well-versed in defining asset and data flow tables in combination with security use cases to analyze the ecosystem and interactions with the device to identify threat events that may occur from element to element.

• Rank the likelihood and impact of threats, and develop mitigations: We then go through a process of identifying threats in accordance with the AAMI TIR-57 Security Risk Process. We quantify the likelihood and severity of each threat using FMEA tools (e.g. decision matrices), prioritize threats according to likelihood and severity, and then identify and develop mitigation strategies (e.g. encryption, access controls, or input validation). 

• Test, verify, and iterate: Triple Ring uses the generalized System Science approach to engineering development, which prescribes an iterative process for analyzing, specifying, designing, building, and testing. Gaps identified in our threat modeling analyses are used as inputs for further iterations of the device design and mitigation-specific vulnerabilities.  

• Include threat assessment in all FDA submissions: We then include all findings in regulatory documentation and ultimately in the device Design History File (DHF). FDA now requires cybersecurity threat assessments in most medical device and IVD submissions. Clear identification, understanding, characterization, and mitigation of threats will be essential to successful submissions.

The Future of Medical Devices and Diagnostics 

The future of the medical device and diagnostics industries is tied to smarter and more connected products. To date, these products have demonstrated clear benefits to patients, hospitals, and manufacturers and will continue to improve healthcare distribution and access. Cybersecurity threats posed by medical devices are well documented and will worsen without modernizing device design and quality management processes. As a result, device manufacturers will increasingly be required to mitigate these risks in the products they sell. 

To learn more about FDA’s medical device cybersecurity guidance and its impact on your product development plans, please connect with us to start a conversation. Triple Ring has 20 years of experience designing and developing cutting-edge medical technology and a long track record of supporting successful 510(k) clearances and premarket approvals (PMA). We are eager to help you navigate the changes resulting from this FDA guidance.

FAQs

What are the new FDA guidelines for medical device cybersecurity?

FDA’s guidance on Cybersecurity in Medical Devices adds Secure Product Development Frameworks (SPDF) to the risk management processes required of device manufacturers. Risk management is the essential systematic practice of identifying, analyzing, evaluating, controlling, and monitoring risk (now including cybersecurity risk) throughout the product lifecycle. The guidance also describes recommendations regarding the cybersecurity information to be submitted for devices under 510k, PMA, and other submissions. 

What does the new FDA guidance on medical device cybersecurity mean for me?

All software-enabled medical devices or in vitro diagnostics featuring connectivity (wireless, local area network, Internet), or portable media (USB or CD) are subject to additional regulatory standards and design controls. If your medical device product fits the above description, you will face additional development effort and development costs to meet the new cybersecurity standards. 

How do I design medical devices and IVDs for the new FDA guidance on medical device cybersecurity?

To meet FDA Cybersecurity in Medical Devices guidelines you will need to add Secure Product Development Frameworks (SPDF) like STRIDE to your risk management process. In all of your regulatory submissions, you will also need to address specific elements described in the FDA’s guidance document. Medical Device Engineering consultancies, like Triple Ring Technologies, can help you with these processes.

How does the FDA define connected medical devices?

FDA’s guidance can be interpreted as any device with cybersecurity considerations, including but not limited to devices that have a device software function or that contain software (including firmware) or programmable logic. The guidance also includes devices that are network-enabled or contain other connected capabilities.

Is my medical device product a connected device as defined by the FDA?

The answer is yes if your device contains software, firmware, or programmable logic. Also included are devices that are network-enabled or contain other connected capabilities. Examples of connected devices are MRI systems connected to an internal hospital network, in vitro diagnostics with wireless communications, or implantable devices that can be programmed remotely. Examples of devices that are not connected include orthopedic screws, tongue depressors, and bedpans.

One Health Group and Triple Ring Technologies Partnership and Investment

SYRACUSE, NY, UNITED STATES, February 1, 2022 /EINPresswire.com/ — One Health Group, specializing in remote medical diagnostics for animal health, and Triple Ring Technologies announce that Triple Ring will serve as a technology partner, leading One Health Group’s product development effort, and providing the science and engineering team. Additionally, Triple Ring will make an investment in the One Health Group.

“Our technology partnership with Triple Ring will enable us to much more quickly bring our patented mobile health monitoring technology to market, and will support our goals as we build on our noncontact intelligent biometric sensing Voyce platform, bringing new, innovative physiological monitoring capabilities to support in-situ and real-time animal health care”, stated Al DiRienzo, CEO and Co-Founder of One Health Group.

One Health Group’s Voyce is the first non-invasive, remote digital device with patented algorithms that accurately monitors biometric data for better interventions in animal care. One Health Group’s technology is a huge leap forward for interconnectivity between animal, human and environmental impacts on health. OHG has partnered with world-leading academic institutions and prestigious medical technology companies to continue to build on its biometric monitoring platform to provide health diagnostics globally.

“Triple Ring is pleased to partner with One Health Group to develop the next version of their exciting platform for next-generation remote animal health monitoring. We believe in One Health Group and are taking a stake in the company, showing our support for their technology and the potential for the Voyce platform”, added Joe Heanue, CEO of Triple Ring Technologies.

About One Health Group: One Health Group (OHG) is a medical technology innovator with a mission to bring breakthrough health diagnostics, therapeutics, monitoring, screening, and advanced analytics to market. Driven by seeking solutions to preventing needless animal and human illnesses, often attributable by a lack of health data, OHG has developed a patented mobile health assessment technology that uses intelligent sensors and artificial intelligence to provide personalized, context-based real-time health information. OHG’s goal is to provide a unique health platform that integrates animal, human, and environmental data, which are intrinsically linked. For more information, please visit www.onehealthgroup.com.

About Triple Ring Technologies: Triple Ring Technologies is a co-development company headquartered in Silicon Valley, with offices in Boston, Toronto, and Copenhagen. They partner with clients in medtech, life sciences, and sustainability & the environment to create new technologies, launch innovative projects, and start new ventures. Their capabilities span early R&D, product development, manufacturing, regulatory approval, market access, strategic investment, and incubation. For more information, please visit www.tripleringtech.com.

To read the full press release, please click here.

Triple Ring Technologies and Woods Hole Oceanographic Institution (WHOI) are collaborating to fill an unmet need in environmental sensing – providing a fieldable, portable microplastic sensor that quantifies the number of plastic particles in water. A comprehensive understanding of microplastic pollution is significantly hampered by the unavailability of low-cost, robust, accurate, and rapid analysis techniques. There is an urgent need for such measurement information, to inform the public and policy makers, and toward developing and managing effective mitigation strategies for plastic pollution in the world’s water bodies. With readout available in minutes, the sensor will ensure that field sampling time is maximally productive while also usable in a lab environment to significantly speed up sample testing.

The core technology was developed at WHOI in the laboratory of Dr. Anna Michel, Associate Scientist, Department of Applied Ocean Physics and Engineering, with doctoral student Beckett Colson.   Developing the proof-of-concept into a rugged, fieldable unit is being performed by Triple Ring Technologies under the leadership of Dr. Sheila Hemami, Sr. Director of Growth Initiatives. To further develop the technology, Triple Ring Technologies has been awarded an SBIR Phase I grant by the Environmental Protection Agency entitled “A fieldable, portable, reagent-free microplastic sensor enabling rapid readout and modular operation” and will work with WHOI to execute the grant.

Drs. Hemami and Michel believe that this new tool will allow easy, widespread assessment of microplastic pollution in waterways, wastewater, stormwater, and other applications in which the presence of microplastics is a concern. “Combining WHOI’s core sensing technology with Triple Ring’s experience in delivering integrated products will significantly move the needle on the understanding of microplastic pollution and will drive data-based mitigation solutions,” said Dr. Hemami.

Dr. Michel added “My lab is especially interested in developing technologies that enable us to robustly count the number of microplastics in drinking water, ponds, lakes, and oceans. We need field-deployable sensors that provide us this information in order for us to understand microplastic pollution.”

About Triple Ring Technologies

Triple Ring Technologies is a co-development company headquartered in Silicon Valley, with offices in Boston, Toronto, and Copenhagen. They partner with clients in medtech, life sciences, and sustainability & the environment to create new technologies, launch innovative projects, and start new ventures. Their capabilities span early R&D, product development, manufacturing, regulatory approval, market access, strategic investment, and incubation. For more information, please visit www.tripleringtech.com.

About Woods Hole Oceanographic Institution

The Woods Hole Oceanographic Institution (WHOI) is a private, non-profit organization on Cape Cod, Massachusetts, dedicated to marine research, engineering, and higher education. WHOI’s pioneering discoveries stem from an ideal combination of science and engineering. WHOI is known for its multidisciplinary approach, superior ship operations, and unparalleled deep-sea robotics capabilities. For more information, please visit www.whoi.edu.

To read the full press release, please click here.

Triple Ring is thrilled to announce that we have been awarded an SBIR Phase I grant by the Environmental Protection Agency entitled A fieldable, portable, reagent-free microplastic sensor enabling rapid readout and modular operation. This project is led by our Senior Director for Growth Initiatives, Dr. Sheila Hemami.

We are excited to be applying our deep technical and scientific expertise in support of our commitment to sustainability and the environment.

Learn more