Our Blog

Most FemTech apps are not covered by HIPAA. Since Dobbs, the FTC has fined Premom, GoodRx, Flo, and BetterHelp for unauthorized health data sharing. Here is what your platform actually needs to get right.

42 CFR Part 2 enforcement began February 2026. If your behavioral health or mental health platform handles SUD records, HIPAA compliance is not enough. Here is what your architecture actually needs to pass a security review.

AI scribes are being adopted quickly across healthtech, and in most cases the product delivers. Very few deals fail at the product level. What stops them is the transition into IT and security review — where the conversation shifts from clinical value to data control, and where most vendors are underprepared.

ChatGPT Health aggregates, interprets, and centralises sensitive health data behind a single consumer account boundary. The encryption is real. The governance isn't. Here's what that means for security teams and healthcare organisations.

AI is transforming how biotech and longevity companies interpret biomarkers, blood panels, and genomics — but the moment your AI starts informing diagnosis or clinical decisions, it becomes a regulated medical device. This guide breaks down the regulatory line, FDA/MDR implications, PCCP, cybersecurity requirements, and how to build compliant AI systems without slowing innovation.

AI is transforming how biotech and longevity companies interpret biomarkers, blood panels, and genomics — but the moment your AI starts informing diagnosis or clinical decisions, it becomes a regulated medical device. This guide breaks down the regulatory line, FDA/MDR implications, PCCP, cybersecurity requirements, and how to build compliant AI systems without slowing innovation.

Generative AI is transforming biotechnology — from drug discovery to genomics — but it is also creating a new class of cyberbiosecurity risks. As biological data, AI models, and laboratory systems converge, the attack surface expands beyond databases to the algorithms designing the next generation of medicine.

Generative AI is transforming biotechnology — from drug discovery to genomics — but it is also creating a new class of cyberbiosecurity risks. As biological data, AI models, and laboratory systems converge, the attack surface expands beyond databases to the algorithms designing the next generation of medicine.

As biology becomes increasingly digital, the line between cybersecurity and biosecurity is disappearing. From genomic databases and lab automation to AI-designed proteins, the digital infrastructure of biology is under threat. This guide explains what cyberbiosecurity is, why it matters for biotech and healthtech, and how organizations can secure genomic data, lab systems, and AI pipelines against emerging cyber risks.

As biology becomes increasingly digital, the line between cybersecurity and biosecurity is disappearing. From genomic databases and lab automation to AI-designed proteins, the digital infrastructure of biology is under threat. This guide explains what cyberbiosecurity is, why it matters for biotech and healthtech, and how organizations can secure genomic data, lab systems, and AI pipelines against emerging cyber risks.

Learn how to build secure GenAI architectures in HealthTech. Avoid HIPAA/GDPR pitfalls with identity, data, and compliance guardrails.

Learn how to build secure GenAI architectures in HealthTech. Avoid HIPAA/GDPR pitfalls with identity, data, and compliance guardrails.

Discover what we learned analyzing 50 biotech companies in 2025 — including critical cybersecurity risks like insecure APIs, leaked credentials, and misconfigured environments. This report highlights real-world threats to genomic data, HIPAA/GDPR compliance, and patient trust, with practical steps for biotech and healthtech teams to improve their security posture.

Discover what we learned analyzing 50 biotech companies in 2025 — including critical cybersecurity risks like insecure APIs, leaked credentials, and misconfigured environments. This report highlights real-world threats to genomic data, HIPAA/GDPR compliance, and patient trust, with practical steps for biotech and healthtech teams to improve their security posture.

As biotech and healthtech companies scale across borders, they face a central challenge: how to lawfully collect, store, and use ...

As biotech and healthtech companies scale across borders, they face a central challenge: how to lawfully collect, store, and use ...

Biotech companies are under pressure to prove strong data security and compliance. This practical ISO 27001 guide and checklist outlines what biotech firms need to know in 2025 — from protecting IP and clinical data to choosing the right auditor and reducing risk.

Biotech companies are under pressure to prove strong data security and compliance. This practical ISO 27001 guide and checklist outlines what biotech firms need to know in 2025 — from protecting IP and clinical data to choosing the right auditor and reducing risk.

Navigating MDR cybersecurity compliance under the EU’s new medical and in vitro diagnostic regulations can be complex. This in-depth guide helps device manufacturers understand and implement the cybersecurity requirements of EU MDR (2017/745) and IVDR (2017/746) — from secure-by-design principles to post-market surveillance and CE certification. If you're building or selling connected medical devices or software in Europe, this is essential reading.

Navigating MDR cybersecurity compliance under the EU’s new medical and in vitro diagnostic regulations can be complex. This in-depth guide helps device manufacturers understand and implement the cybersecurity requirements of EU MDR (2017/745) and IVDR (2017/746) — from secure-by-design principles to post-market surveillance and CE certification. If you're building or selling connected medical devices or software in Europe, this is essential reading.