Requirements: Medical-Grade Quality at Consumer-Product Speed

To unlock deeper clinical insights and deliver greater value for users, Flo needed to establish a foundation for building regulated software. As the team evaluated tooling options, they identified four critical requirements:

• Preserve engineering velocity and culture of innovation: Maintain Flo’s rapid release cadence for regulated features while protecting its automation-first, experiment-driven engineering culture.
• Avoid friction and manual burden on developers: Keep engineers in Jira, GitHub, and existing CI/CD pipelines without adding new tools or manual documentation. Compliance artifacts should be generated automatically as a byproduct of normal work. Flo explicitly set a goal of no decrease in developer satisfaction for teams working under the new QMS.
• Create a QMS built for AI and modern SaMD: Stand up Flo’s first ISO 13485-compliant quality management system with processes designed to support frequent releases and lifecycle changes for AI/ML-enabled features.
• Support a multi-function, system-of-systems architecture: Technically isolate device from non-device functionality so only true medical device components follow QMS controls, keeping the rest of the Flo app shipping at consumer speed.

‍

Ketryx Solution: Developer-First, AI-Ready Compliance

Ketryx enabled Flo to implement a modern, compliant QMS without adopting legacy systems or forcing engineers into new workflows.

• 90-day QMS deployment, onboarding, and readiness: Ketryx provided guided configuration, templates, and training, enabling Flo to stand up a fully functioning QMS, map existing processes, and train teams in under 90 days (work that Flo estimated to take one year).
• Automated compliance inside existing developer workflows: Ketryx connects to Jira, GitHub, and CI/CD pipelines to automatically capture requirements, risks, tests, builds, and releases. Engineers ship code as usual while the DHF, traceability matrices, and documentation are generated automatically in the background.
• Built-in support for AI/ML-enabled, multi-function products: With native support for traceability, versioning, and systems of systems, Ketryx gives Flo the regulatory infrastructure needed for AI-powered features and multi-function devices without placing the entire app under stringent QMS processes.

‍

Business Outcomes: The New Playbook for Digital Health

With Ketryx, Flo achieved regulatory readiness at lightspeed.

• 90-day launch of a fully functional regulated SDLC: End-to-end QMS setup, process design, training, and tool integration completed in 90 days.
• No slowdown for teams under QMS: Teams working on regulated features continue to ship at a biweekly cadence, with no added friction or separate compliance tooling—validating Flo’s goal of preserving developer satisfaction and speed.
• Scalable foundation for AI-enabled innovation and multifunction devices: Flo now has the compliance infrastructure and system of systems architecture to support multiple regulated product lines, AI-driven capabilities, and a clear device/non-device boundary, establishing a repeatable playbook for digital health companies going regulated.
• First regulated product work executed and documented in Ketryx: Regulated design activities, reviews, and releases are performed and documented in the same tools engineers already use, backed by automated traceability and audit-ready records.