The complexity behind easy-to-use medical devices

POV
Medical devices are becoming smaller and more user friendly thanks to increasing human factors efforts yet developing them is becoming far more complex. Modern MedTech products combine hardware, software and cloud connectivity into one integrated system, forming the Internet of Medical Things (IoMT)
Daniel Laszlo-Deli
|
March 16, 2026

Why designing truly simple medical devices requires a system-level integration, not device-level design alone.

Highlights

  • Modern medical devices are no longer standalone products but parts of connected ecosystems.
  • Software, data, and cybersecurity requirements significantly increase development complexity.
  • More healthcare is moving into our homes, resulting in novel – often higher – usability-related safety risks.
  • The ever-evolving regulatory framework (e.g. MDR, GDPR, EU AI Act, FDA's evolving digital health framework) adds additional layers to product development.

Table of Contents

  1. From Standalone Devices to Connected Systems
  1. Software Became Central to MedTech
  1. Connectivity Brings Cybersecurity Challenges
  1. Home Care Raises Novel Usability Challenges
  1. Regulation Is Expanding with Innovation
  1. What This Means for Product Development

From Standalone Devices to Connected Systems

Medical devices used to function largely as standalone tools. A monitor measured data, a pump delivered therapy, and the system rarely extended beyond the physical product.

Today, most devices operate as part of a broader ecosystem. A single product may include embedded electronics, mobile applications, cloud infrastructure, and integration with clinical systems.

This shift means product development teams are no longer designing just a device. They are building an interconnected product ecosystem

Modern MedTech products rarely exist as standalone devices anymore. They are part of a connected ecosystem where hardware, embedded software, mobile applications, and cloud data systems must work seamlessly together.

Software Became Central to MedTech

Software has become one of the fastest-growing components of medical technology, and in many devices, it now performs the diagnostic or monitoring function itself.

This introduces challenges well beyond traditional engineering. Medical software must interoperate with hospital systems, cloud platforms, and AI-driven analytics, where each integration point adds complexity and regulatory burden. IEC 62304 further requires treating software as a continuously managed system, with change control and traceability obligations which often result in 1.000+ page documentation packages for higher risk-class medical software.

Devices are no longer static products. They evolve through controlled updates, and that ongoing lifecycle must be actively managed long after release.

“Modern medical devices may look simple, but behind that simplicity sits a highly complex system of hardware, software, data, and regulatory requirements. The real challenge today is integrating all these elements into a product that is safe, usable, and ready for production,” says Harm Hogenbirk, Co-founder of Pilotfish.

Connectivity Brings Cybersecurity Challenges

Connected medical devices often exchange data with private smartphones, hospital infrastrucutres, electronic health record systems, and cloud platforms. While connectivity enables remote monitoring and better clinical insights, it also introduces cybersecurity risks.

Manufacturers need to design devices with security built in from the start. This includes secure data transfer, authentication systems, long-term vulnerability management, and the integration of cybersecurity hazard control into the broader ISO 14971-based risk management approach.

In a world where sensitive patient information is increasingly moving outside hospital walls to enable remote monitoring and healthcare system optimization, cyberattacks on medical infrastructure are becoming an expected reality. The increasingly common Russian cyber-attacks on US healthcare infrastructure, or the recent pro-Iran cyberattack on Stryker show that the threat is no longer theoretical. It is increasingly becoming a cornerstone of patient safety.

Home Care Raises Novel Usability Challenges

As mentioned earlier, healthcare delivery is gradually shifting from hospitals to homes. Remote monitoring systems, wearable sensors, and connected diagnostic tools allow patients to manage conditions outside clinical environments, reduce pressure on healthcare institutions, and improve quality of care for millions of patients worldwide. Read more about one of the in-house monitoring devices, developed by our team here.

However, this shift introduces human factors challenges that are fundamentally different from those of traditional clinical devices. When data flows continuously from the home into hospital systems, it must integrate seamlessly into existing clinical workflows without adding burden to already stretched care teams. Poorly designed data handoffs, alert systems, and reporting interfaces can create as many problems as they solve.

At the same time, these devices are often operated by elderly, cognitively or physically impaired users with no clinical training. This raises the bar for intuitive design considerably. Usability engineering and human factors, structured under IEC 62366-1, are therefore no longer a finishing step in development. They are a core design discipline from the earliest stages of product definition.

Regulation Is Expanding with Innovation

Alongside technological advances, regulatory requirements are expanding in both scope and complexity. The EU Medical Device Regulation (MDR) introduced significantly stricter requirements around clinical evidence, safety documentation, post-market surveillance and a spectrum of other topics. And MDR is only one layer of an increasingly dense regulatory stack.

Manufacturers developing software-driven or AI-enabled devices must also navigate the EU AI Act, which classifies many medical applications as high-risk AI systems with their own conformity assessment and transparency obligations. GDPR adds further complexity, governing how patient data is collected, stored, and transferred, creating tension with MDR's post-market data retention requirements that manufacturers must actively manage.

In parallel, despite of the generally looser regulatory landscape, FDA guidance on Software as a Medical Device and cybersecurity documentation is raising the bar for US market access, and the trajectory of global regulators is broadly converging in the same direction.

The result is that compliance can less and less be treated as a downstream activity. With multiple frameworks intersecting across safety, software, AI, and data privacy, a regulatory strategy must be embedded into product development from the outset.

What This Means for Product Development

The paradox of modern MedTech is clear.

Devices are becoming smaller, cleaner, and easier to use. Yet behind that simplicity lies a growing level of complexity.

Successful products today require the seamless integration of multiple disciplines: electronic and mechanical engineering, firmware and software development, industrial and UX design, human factors and usability engineering, regulatory expertise, and manufacturing expertise. All running under one integrated Quality Management System.

The challenge is no longer just building the device. It is the Innovation management of orchestrating the entire system around it.

FAQ

Why are medical devices becoming more complex?

Modern medical devices are no longer standalone products. They combine hardware, software, cloud connectivity, and data infrastructure into integrated ecosystems, with each layer adding engineering, usability, and regulatory requirements that must be managed simultaneously throughout development.

How does software affect medical device development?

Software can now perform core diagnostic or monitoring functions, making it subject to rigorous lifecycle management under IEC 62304. This includes change control, traceability, and post-market monitoring obligations that continue long after a product is released, fundamentally changing how development teams must be structured and resourced.

Why is cybersecurity important for MedTech?

Connected devices exchange sensitive patient data across smartphones, hospital infrastructures, and cloud platforms. Remote monitoring moves increasing volumes of that data outside the protected boundaries of hospital systems, significantly expanding the attack surface. A breach can disrupt device operation, expose patient records, or compromise treatment. Regulators expect cybersecurity to be integrated into the ISO 14971 risk management process from the outset.

Why is usability so important for modern medical devices?

As more care moves into the home, devices are increasingly operated by elderly, physically or cognitively impaired patients with no clinical training. In a hospital, a trained professional can catch a use error before it causes harm. At home, that safety net is gone. Structured human factors engineering under IEC 62366-1 is what bridges that gap.

Interested in how complex hardware products move from concept to production? Explore Pilotfish’s approach to integrated product development.

News
March 30, 2020
Pilotfish celebrates 20 years of dreams realised
Insights
May 23, 2025
Building it right & building the right thing: mastering validation and verification
News
May 4, 2022
Pilotfish Taipei achieves ISO 9001:2015 certification
ISO9001:2015
Issued by SGS
Certificate TW21/10544
ISO13485:2016
Issued by: Bureau Veritas
Certificate: DNKFRC102249
Company
Case StudiesServicesAboutBlogCareers
Services
Strategic Concept DevelopmentConcept to ManufacturingUX/UI
Offices
BerlinTaipeiAmsterdamLisbon
Contact
Berlin +49 30 34399211
Taipei +886 2 2659 1226
Amsterdam +31 20 470 6111
info@pilotfish.eu
Cookie PolicyPrivacy PolicyTerms & ConditionsImprint
|
©2026 Copyright Pilotfish. All rights reserved.