Every medtech founder eventually faces the same uncomfortable question: how do we talk about what this product does without overstepping what the FDA cleared us to say?

Under-claim, and you waste the evidence you spent millions to generate. Over-claim, and you invite a warning letter, a stalled hospital deal, or both. Most companies don't lose hospital business because their product is weak. They lose it because the gap between their cleared indication and their marketing language is too wide, or because the documentation behind their claims isn't ready when procurement asks.

That gap is one piece of a larger problem I work on with clients. The FDA asks one question about your product. U.S. hospitals ask an entirely different set of questions about your company. Both have to be answered well, and the second one is where international medtech companies most often stall after entering the U.S. market.

My lane is the commercial side of this. I don't write your QMS or run your regulatory submissions, and I have partners I refer to for that. What I help companies do is figure out what to claim, how to communicate it, and how to build the supporting architecture hospitals actually evaluate before they buy.

What Hospital Readiness Actually Means

There are really two evaluations happening at the same time, and most founders only prepare for one of them.

The FDA cares whether your product is safe and effective for its intended use. That’s the assignment. Hospitals, meanwhile, are trying to figure out whether bringing your company in is going to create operational chaos, security headaches, legal problems, or twelve extra committee meetings nobody wanted on their calendar. Entirely different sport. In all honesty, some of the committees you will interact with are incentivized to slow down or try and kill the sale.

Once a hospital gets serious about evaluating you, the process stops being just about the physician who loves your technology.

Now you’re dealing with:

• IT

• supply chain

• compliance

• legal

• information security

• risk management

None of those groups care how excited the surgeon is unless their paycheck reflects physician happiness. Your 510(k) letter is basically the opening act. Helpful, important, necessary...but not exactly the standing ovation founders think it is.

The Claims Tightrope

This is probably the conversation I have most often with founders. Usually after marketing got a little too ambitious and now everyone is trying to explain why a sentence “technically doesn’t say that.” Regulatory and marketing have one of the most fascinating relationships in healthcare. One writes the rules. The other treats them like escape rooms.

Your cleared indication is basically a line in the sand. Everything you say publicly about the product has to stay on the correct side of it.

The problem is that line is much narrower, stranger, and far more contextual than most teams realize.

• Sometimes your clinical data clearly points toward something meaningful, but the FDA never actually cleared you to market it that way.

• Sometimes the claim is technically supported, but the economic buyers writing the checks could not care less because your study measured outcomes they don’t financially care about.

• And sometimes a sentence that sounds perfectly reasonable to a clinician suddenly sounds wildly promotional when a regulator reads the exact same sentence. Same words. Completely different interpretation. Healthcare somehow managed to turn vocabulary into a liability sport.

The real challenge is learning how to communicate value without stepping outside the regulatory boundaries. There’s an art to saying something accurately enough to remain compliant while still allowing the audience to connect the dots themselves. Good messaging guides interpretation. Bad messaging tries to force it.

Three things go wrong constantly:

1. Stretching past the indication This one escalates quickly.

   The trial showed something interesting. Sales gets excited. Marketing starts “optimizing” the language. Suddenly the collateral is subtly implying a use case nobody actually cleared.

   Fastest way to create regulatory problems.

   Possibly an even faster way to lose credibility with a hospital if they catch it before the FDA does. Hospitals get surprisingly uncomfortable when a company starts sounding like it’s coloring outside the lines. Apparently compliance departments enjoy consistency. Strange little creatures.
   

2. Under-using good evidence

   The opposite problem happens just as often.

   Companies have genuinely strong data that would absolutely resonate with VAC committees or economic stakeholders... but the messaging gets watered down so aggressively that the evidence does zero commercial work.

   Everything starts sounding identical:

   • improves workflow

   • enhances efficiency

   • supports outcomes

   • Interoperability

   • synergizes synergistically with synergistic synergy

   At that point you sound like every other booth at a medtech conference handing out stress balls and espresso coupons.

   
   

   
   

3. Inconsistency

   Website says one thing.

   Pitch deck says another.

   Sales rep says something else.

   Hospitals absolutely notice this stuff. Best case, it reads sloppy. Worst case, it reads evasive.

   Neither speeds up procurement.

   What companies actually need is a real claims architecture:

   • every claim tied to evidence

   • every piece of evidence tied to a cleared use

   • every channel using the same language

   Nobody finds this exciting work. It’s also one of the cleanest predictors of whether a company closes enterprise deals or spends two years “building momentum.”

   Lastly, everyone should be trained on the messaging the same way. What to say and what not to say. What happens outside of the corporate doors on how your reps speak to the product is not my responsibility. Just don't ask questions that you don't want to know the answer to.
   

Three Myths That Quietly Kill Deals

1. “FDA clearance means we’re compliant.”

   Nope. FDA clearance covers safety and effectiveness.

   It does not magically solve:

   • cybersecurity

   • SOC 2

   • penetration testing

   • access controls

   • cloud security

   • privacy

   • vendor-risk documentation

   • The list goes on...

   Hospitals evaluate all of that separately, because apparently they enjoy spreadsheets, hundreds of questions, and suffering.
   

2. “Hospitals don’t really look at internal documentation.”

   They absolutely do. They’re not auditing your QMS line by line like a notified body would, but they are looking for signals that your company operates like a real organization.

   Things like:

   • certifications

   • training records

   • post-market evidence

   • security attestations

   • onboarding documentation

   Missing one of those can absolutely stall a deal.
   

3. “We’ll handle cybersecurity after launch.”

   This assumption has probably killed more hospital deals than actual product issues.

   Because eventually somebody in IT sends over a 300-question security questionnaire that reads like it was assembled by caffeinated defense attorneys in a bunker.

   And that is not the moment you want to begin figuring out your cybersecurity strategy.
   

What Hospitals Are Actually Evaluating

Hospitals are not trying to personally inspect your manufacturing floor like a medtech episode of CSI.

They’re trying to confirm:

1. somebody already did the hard work

2. your company can produce documentation without vanishing for six weeks every time procurement asks for something
   

Strong vs. Weak Architecture

Strong

• Current and verifiable certifications

• Structured cybersecurity roadmap

• Claims mapped directly to evidence

• Risk files tied to real workflows

• Regulatory roadmap for the next 2-3 years

• Prebuilt responses for IT and compliance reviews

• Note: If you don't have a particular certification or requirement, showing that you're actively pursuing it and a timeline for implementation is extremely helpful.
  

Weak

• “I think we have an SOP for that somewhere”

• No cybersecurity structure

• Marketing drifting outside the label

• Fragmented risk documentation

• “We’ll figure it out later” strategy

• Procurement delays every time someone requests paperwork

One of these closes enterprise deals. The other creates a six-month email chain nobody enjoys reading.

The Pattern I See Constantly

Company gets FDA clearance.

Finds a strong physician champion.

Early meetings go great.

Everyone’s excited.

Then procurement brings in IT and compliance.

Now suddenly:

• security documentation is incomplete

• no data-flow diagram exists

• risk files have gaps

• training records are inconsistent

• nobody owns onboarding documentation

Hospital pauses the project so the company can “get organized.”

Temporary pause becomes delay.

Delay crosses into the next budget cycle.

Champion physician gets busy, transferred, or loses momentum.

Deal dies quietly.

And the brutal part is the product itself usually wasn’t the problem.

The infrastructure behind it was.

Building a Real Hospital Readiness Package

A practical sequence usually looks something like this:

• Audit your own gaps before a hospital finds them for you. Trust me, you'll never be perfect. They always have a question you've never been asked before.

• Build the VAC deck and IT security FAQ early. Continue to build and improve your FAQ!

• Tighten claims language across every channel

• Create a real cybersecurity roadmap

• Align risk management with actual workflows

• Build a 2-3 year regulatory strategy

• Standardize onboarding and rep training

• Assign one owner to maintain the entire readiness package
  

Because these documents go stale fast.

And stale documentation quietly kills momentum.

The Real Standard

FDA clearance proves your product is safe.

Your operational infrastructure proves your company is trustworthy.

Your claims architecture proves you can communicate responsibly inside a regulated environment.

Hospitals don’t really buy “innovation” the way founders think they do.

They buy:

• reduced risk

• operational confidence

• defendable outcomes

• vendors that won’t become internal problems later

That commercial side of the equation is my lane.

The deeper quality and regulatory work has specialists for a reason, and I’m always happy to point companies toward the right people before procurement turns into an expensive group therapy session.