Company · About us

Fourteen years of mobile. Seven of them as a medical device software specialist.

DUX Healthcare emerged from fluidmobile GmbH. Platform before project – the consequence of a decade of mobile development in a regulated market.

Book a call with Christoph View certifications
2012 Karlsruhe

Founded as fluidmobile GmbH. Continuously in Karlsruhe, with continuous leadership in the technical core.

14 years

Mobile expertise – the last seven years as a Software-as-Medical-Device specialist.

2 BSI standards

TR-03161 per DiGA (our DiGAs: without conditions) · TR-03185 first company audited (process level).

5 DiGAs

on the mHealth Suite today. Platform-developed, BSI-conformant, CE-marked under MDR.

Our history

From mobile service provider to platform company.

  1. Founding · fluidmobile GmbH

    Mobile software development for industrial, insurance, and healthcare customers. With every project, specialization grew toward the one area the market needed most urgently: medical device software.

  2. Focus · Software as a Medical Device

    The share of medical device projects crosses 50%. QMS built and certified to ISO 13485. Recurring requirements give rise to the first platform building blocks – the precursor to the mHealth Suite.

  3. Rename · DUX Healthcare GmbH

    The name positions more clearly what the company is today: platform provider for digital therapies, not a mobile service provider with a healthcare business. Five DiGAs run productively on the Suite.
Karlsruhe since 2012Technical leadership continuous · QMS, contractual relationships, and data processors persist after the rename

From custom build to platform

The mHealth Suite is the distillate of recurring requirements.

After the third, fourth, fifth DiGA, the pattern became obvious: every DiGA manufacturer needs the same regulatory base – MDR-compliant documentation, BSI TR-03161-capable architecture, BfArM Data Protection Criteria, FHIR/IHE profiles, pharmacy redemption flows. Built from scratch per project, that costs 12–18 months of time-to-market; built once as a platform, new products emerge in twelve weeks.

Regulatory leadership

The certifications are timing, not marketing.

Each piece of evidence was started before the market forced it – in one case before anyone else. The detailed breakdown per standard is on the certifications page; here are the two that shape DUX most clearly.

BSI TR-03185

First audit

First company audited at process level.

Secure software development lifecycle – audit-ready when the directive was finalized. Certificate issuance is imminent.

BSI TR-03161

Rare in Germany

Our DiGAs: pass without conditions.

Cybersecurity – certified per DiGA, at a quality level few manufacturers in Germany achieve.

Baseline

ISO 13485

Quality management for medical devices – certified (TÜV Hessen), built as the share of medical device projects crossed 50%

ISO 27001

ISMS – audited as part of BSI TR-03185, separate third-party certificate coming shortly

BfArM Data Protection Criteria

around 150 individual requirements under § 139e (11) SGB V – part of the QMS

The team

Small. Experienced. Operationally involved.

Anyone working with DUX talks to the people who actually deliver – audit calls, architecture reviews, project decisions run without an account-manager chain in between.
Christoph Eberhardt – Owner & CEO

Owner & CEO

Christoph Eberhardt

Christoph Eberhardt, CEO and founder of DUX Healthcare, combines technical expertise with entrepreneurial thinking. His deep understanding of emerging technologies, such as generative AI, drives the development of tailored software solutions for the medical device and pharmaceutical industries. His goal is to effectively link technology and business value to generate maximum benefit for his clients.

LinkedIn
Mia Burniki – Business Development Manager

Business Development Manager

Mia Burniki

Mia Burniki brings a strong combination of Cognitive Science and Digital Medicine. Her specialization in Regulatory Affairs Management makes her an expert in the digital medical device space. She successfully identifies new business opportunities and drives the strategic development of DUX Healthcare.

LinkedIn
Thomas Wolters – CTO

CTO

Thomas Wolters

CTO, business IT specialist, and project lead with over 20 years of experience in software development at international corporations and German mid-sized companies. He leads a growing team of top-tier experts and is passionate about delivering outstanding user experiences.

LinkedIn

What guides us

Three values. No wall posters.

In the mid-market, values are often wallpaper. The three below can be read off actual behavior – and that is the only reason we mention them.

Substance

Audited, not asserted.

We publish what has been certified or audited – and stay silent on what cannot be proven. The digital health industry’s marketing dictionary is full of “something-compliant”. We speak concretely: BSI TR-03161 per DiGA (our DiGAs: without conditions), BSI TR-03185 first company audited (process level), ISO 13485 certified (TÜV Hessen), ISO 27001 ISMS audited (as part of TR-03185, separate certificate shortly). What is not on the list, we do not claim.

Platform

What is solved once is not rebuilt per project.

Compliance, security, and architecture arise once – at platform level – and carry every customer project. This logic applies internally (we do not build one-day products) and externally (we do not recommend one-day solutions).

Honesty

If the platform does not fit, we say so.

Not every project is a good project for the mHealth Suite. If a use case does not need the platform or overwhelms it, we say so in the first call – and point to better-suited providers. Long-term reputation is worth more than any single contract.

What DUX does not do

Two honest boundaries.

We are not a content company. DUX delivers the platform, the regulatory corset, and the technical excellence – not the therapeutic content. The therapeutic concept, medical expertise, and clinical evidence remain with the customer or their partners.

We are not a clinical evidence shop. Planning and executing the clinical evaluation, in particular the DiGAV-required evaluation study, are not part of our core business. We work with a coordinated regulatory pair – CONSULTYS Medical GmbH (consulting, evidence) and be-on-market (placing on the market) – and with independent IT security assessment providers such as secuvera for BSI TR-03161.

This sharp separation is what keeps the platform in focus – and lets the customer keep focus on what they do better than we do.

Where we are headed

Three directions.

Strategic directions for the coming years – two that extend the platform logic into new markets, and one that protects the regulatory lead.

  1. SCALE

    European multi-market operations

    We are systematically building out the SCALE side. After entering the German market, DTx manufacturers face exactly the fragmentation challenge the platform solves through localization layers.
    To SCALE

  2. Go Beyond

    Emerging markets, controlled

    We are expanding GO BEYOND in a controlled manner. Emerging markets rollouts require local partners; we select them along robust criteria, not by presentation slide.
    To Go Beyond

  3. Regulatory

    Preserve the lead

    We continue to invest in the regulatory lead. BSI TR-03185 is only the beginning of a new generation of process certifications; for each further one (CRA, upcoming BSI TR amendments), we will be audit-ready early.
    To the certifications
For the capital side: further materials on the investors page.

Contact

Thirty minutes directly with Christoph.

Book a slot in the calendar. We listen first before we answer.
Book a slot with Christoph