Each Emirate runs its own health authority. We build dual-regulator compliance — NABIDH, Malaffi, Shafafiya, DOH claims, and UAE data protection — into your product.
See it working on your own workflows. We reply within 24 hours.
The Dubai Health Authority (DHA) governs Dubai and the Department of Health (DOH) governs Abu Dhabi — each with distinct standards, registries, and health information exchanges. These are the requirements a health information system must meet to operate across the Emirates.
DHA requires EMR standards conformance and NABIDH interoperability; DOH requires clinical information system approval tied to Malaffi connectivity. Systems must meet the relevant Emirate's standard before deployment at any licensed facility.
DHA's Smart Health initiative covers telemedicine standards, app requirements, and AI in healthcare; the DOH Telehealth Policy covers remote consultation, digital therapeutics, and AI-enabled diagnostics. Consumer-facing apps must comply with the framework of each regulator they target.
DHA and DOH each operate professional registries; health information systems and telehealth platforms must integrate to verify clinician licensing in the relevant Emirate. Prescriptions from digital platforms must be issued by a licensed prescriber verifiable through the appropriate registry.
Dubai runs mandatory insurance through DHA with electronic claims via Shafafiya; Abu Dhabi runs mandatory insurance through DOH with its own claims management infrastructure. Systems used by insured providers must submit compliant electronic claims through the appropriate platform.
Federal Decree-Law No. 45 on Personal Data Protection applies UAE-wide, and both DHA and DOH layer Emirate-specific health data privacy standards on top. Data localization, access controls, and audit logging are embedded in facility licensing standards for both regulators.
MOHAP sets national standards across all Emirates and directly regulates the Northern Emirates — Sharjah, Ajman, Umm Al Quwain, Ras Al Khaimah, and Fujairah. National deployments must account for MOHAP requirements alongside DHA and DOH obligations.
A structured path from regulatory mapping to live operation across Dubai and Abu Dhabi — each step with defined deliverables for DHA and DOH deployment.
DHA and DOH are separate authorities with distinct requirements — the UAE healthcare market rewards companies that meet both.
Book a UAE Compliance ConsultationEach DHA and DOH standard maps to specific design decisions and approval deliverables. These are not configuration choices — they are commitments that must be made before a system can be deployed across the UAE's dual-regulator market.
EMR and clinical information systems must meet DHA and DOH standards and obtain regulatory recognition.
Both regulators publish frameworks for telemedicine, digital therapeutics, and AI-enabled tools.
Systems must verify clinician licensure against the registry of the practicing Emirate.
Insured providers must submit compliant electronic claims through each Emirate's system.
Systems must meet the federal data protection law and Emirate-specific health data standards.
National deployments must account for federal MOHAP standards and the Northern Emirates.
FHIR servers, terminology services, health information exchange connectors, claims and registry integration, and UAE-resident cloud infrastructure — selected to match DHA and DOH standards and the dual-regulator requirements of UAE healthcare deployments.
H
HL7 FHIR R4
H
HAPI FHIR
N
NABIDH Implementation Guide
M
Malaffi Specifications
H
HL7 v2 / CDA
I
ICD-10
S
SNOMED-CT
L
LOINC
U
UAE Formulary Codes
N
NABIDH Connector (Dubai)
M
Malaffi Connector (Abu Dhabi)
S
Shafafiya Claims
P
Professional Registry API
E
Emirates ID Matching
A
AWS UAE Region
A
Azure UAE
G
G42 Cloud
I
In-Country Hosting
M
Monitoring & Alerting
We build dual-regulator compliance — EMR approval, NABIDH and Malaffi connectivity, registry verification, and claims integration — into the architecture and carry it through to production in both Emirates. Book a consultation and we will scope your UAE market entry.
Book a UAE Compliance Consultation
100 Fastest Growth Companies
Global Spring Winner
Top App Development Company
AWS Partner Network
Google Cloud Partner
Highly Rated on Trustpilot
Verified Agency
Top App Development Company
ASSOCHAM Member
Yes. DHA and DOH are independent regulatory authorities, and approvals or recognitions granted by one do not automatically apply to facilities regulated by the other. A health information system that has been approved and integrated with NABIDH for DHA-licensed facilities still needs to meet DOH requirements and connect to Malaffi before it can be deployed at DOH-licensed facilities in Abu Dhabi. Companies seeking to operate across both Emirates need to manage both regulatory relationships and maintain compliance with both sets of requirements. This dual-approval reality is one of the most important practical considerations for UAE market entry planning.
The Ministry of Health and Prevention operates at the federal level and is the primary health regulator for the Northern Emirates that do not have their own health authorities. MOHAP also sets national health standards and policies that apply across all Emirates, including standards for health professions education, pharmaceutical regulation, and national health data governance. For digital health companies operating only in Dubai or Abu Dhabi, DHA and DOH are the primary regulatory relationships to manage. For companies operating nationally across all seven Emirates, MOHAP requirements are also relevant, particularly for facilities in Sharjah, Ras Al Khaimah, Ajman, Umm Al Quwain, and Fujairah.
Health data in the UAE is governed by both federal and Emirate-level requirements. Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data establishes data protection rights and obligations that apply across the UAE. In addition, both DHA and DOH have issued health data privacy standards specific to their regulatory domains, and data localization, access control, and audit logging requirements for health data are embedded in both authorities' facility licensing standards. A health information system handling patient data in the UAE must comply with the federal personal data protection framework and any Emirate-specific health data privacy requirements applicable to the facility's location.
