$100M Bet on HealthTech—The UK Steps In

Good morning, ! This week we’re unpacking healthcare cyber risk scaling into a core infrastructure priority, the UK stepping in to fund late-stage healthtech scale-ups, AI-driven enforcement transforming compliance from periodic audits to real-time oversight, and EBITDA compression reshaping where value accrues across the healthcare stack.

Want to advertise in Healthcare 150? Check out our ad platform, here.

Know someone in the healthcare space who should see this? Forward it their way. Here’s the link.

— The Healthcare150 Team

DATA DIVE

Healthcare Cyber Risk Is Scaling Faster Than Defenses

Healthcare cybersecurity is no longer a rising risk. It is a structurally expanding liability. Median breach size increased ~275% from 2,030 (2015) to 7,614 (2022), signaling a shift from isolated incidents to system-level exposure. Even with recent moderation, breach impact remains elevated at 6,146 (2024), far above historical baselines.

What changed is not just volume, but concentration. Mega breaches now reach national scale, with the Change Healthcare incident impacting 192.7M individuals, exposing the fragility of centralized data intermediaries. At the same time, ransomware has industrialized. 77% of organizations targeted, 67% compromised, with average demands at $7M and peaks hitting $100M. Payment rates at 53% confirm a functioning economic loop.

The overlooked layer is medical devices. 99% of hospitals run devices with known exploitable vulnerabilities, many linked directly to ransomware pathways.

Why this matters now: cyber risk is compounding across three fronts. Data aggregation, third-party exposure, and unmanaged device ecosystems. The implication is clear. Cybersecurity is shifting from IT spend to core infrastructure, with capital flowing toward resilience, segmentation, and vendor risk control.

Read the full report HERE

HEALTHTECH CORNER

UK Steps Up on Scale-Up Capital

The UK healthtech funding gap—long a bottleneck for late-stage growth—is getting a targeted fix. The British Business Bank has committed £100M to Apposite Healthcare Growth I, its largest fund commitment to date, aimed squarely at growth-stage healthtech and life sciences companies.

This is not early-stage experimentation. The fund targets companies at commercial inflection points across medical devices, diagnostics, digital health, and pharma services—segments where capital intensity spikes and UK firms have historically struggled to scale domestically.

The strategic signal is clear: over 60% of the Bank’s venture flow will now target scale-ups, with ambitions to launch 10 new growth-stage funds in the next five years.

Why it matters: For investors, this is a de-risking mechanism—government-backed cornerstone capital crowding in private LPs. For founders, it reduces pressure for premature exits or U.S. relocation.

In a market where AI, digital health, and advanced MedTech require deeper capital pools, the UK is effectively underwriting its next generation of healthtech unicorns—and trying to keep them onshore. (More)

PRESENTED BY EXACT INSIGHT

95%+ qualified. 80%+ recontact. Built for live PE research.

When diligence moves fast, the quality of the respondent matters as much as the speed of the match.

Exact Insight helps PE teams generate more reliable primary research with 95%+ qualification rates, 80%+ recontact success, and access to vetted B2B professionals, healthcare experts, and global consumer panels. Quant, qual, and hybrid studies are built around the specific question at hand and delivered fast enough for live deal and portfolio workflows.

So whether you are pressure-testing a thesis, sizing a market, or validating a niche operator segment, you get cleaner inputs and a research process you can build on.

Scope a Diligence Project →

COMPLIANCE CORNER

FCA Enforcement Gets a Data Upgrade

The False Claims Act (FCA) just got a modern rewrite—without changing a word. The new HHS-OIG/DOJ Working Group is layering AI-driven analytics onto billing oversight, scanning for risk adjustment outliers, telehealth spikes, and shaky documentation.

Translation: what used to require audits now happens in real time.

The shift is subtle but meaningful. Enforcement is no longer just about fraud—it’s about systemic billing errors flagged by algorithms that don’t get tired (or lenient).

Providers relying on periodic audits are officially behind the curve.

Bottom line: Compliance is moving from reactive to continuous monitoring. If your coding accuracy, documentation, and overpayment remediation aren’t airtight, expect faster scrutiny—and potentially faster settlements. (More)

COMPETITIVE LANDSCAPE SNAPSHOT

TREND TO WATCH

EBITDA Compression Is Reshaping Healthcare Value Pools

Healthcare’s EBITDA pool is not disappearing. It is shifting. Total industry EBITDA holds roughly in the $450B to $530B range, but distribution is diverging, with limited recovery expected through 2027 .

The core signal is margin pressure. EBITDA as a share of spend is down 200 basis points vs. 2019, with another 100 basis points decline expected . This compression is concentrated in providers, while payers and healthcare services and tech expand their share.

This reflects where margin resilience sits. Asset-light, tech-enabled, and risk-bearing models are capturing incremental EBITDA, while labor-heavy delivery models remain structurally exposed.

Why this matters now: capital is repricing around EBITDA durability by segment, not top-line growth. Scale is no longer defensive. Margin structure is. (More)

"Great founders move fast, make decisions, and don't wait for permission."

Sam Altman