Thought Leadership

Understanding Our MHRA Regulatory Pathway

5 min read

Transparency matters. Here is our detailed roadmap to MHRA authorisation - timeline, costs, and standards.

Current Status: In Development

HeAIth does NOT have MHRA approval. We are an investigational clinical decision support tool in development and cannot be used for clinical care.

Expected MHRA authorisation: Q3 2026 (subject to funding and successful compliance)

What is MHRA AIaMD Classification?

HeAIth is classified as Class IIb AI as a Medical Device (AIaMD) - moderate to high risk software that provides differential diagnoses and investigation recommendations. Incorrect suggestions could lead to patient harm, requiring conformity assessment by a UK Approved Body.

The 7-Phase Regulatory Pathway

Regulatory authorisation is a 12-18 month process:

Phase 1: Foundation (Q4 2025 – Months 1-3)

  • CSO and DPO appointment
  • Regulatory strategy and documentation framework
  • Device classification confirmation

Cost: £35,000 - £100,000

Phase 2: Quality & Safety Systems (Q1 2026 – Months 3-6)

  • ISO 13485 Quality Management System
  • ISO 14971 Risk Management framework
  • DCB0129 Clinical Safety compliance
  • Clinical Safety Case Report

Cost: £40,000 - £80,000

Phase 3: Technical Documentation (Q1 2026 – Months 6-9)

  • Technical File and Clinical Evaluation Report
  • Data Protection Impact Assessment
  • Clinical validation studies

Cost: £30,000 - £60,000

Phase 4: Conformity Assessment (Q2 2026 – Months 9-12)

  • UK Approved Body audit
  • UKCA Certificate of Conformity
  • MHRA device registration

Cost: £15,000 - £40,000

Phase 5: NHS Readiness (Q2 2026 – Months 10-12)

  • NHS DTAC completion
  • Cyber Essentials certification
  • HL7 FHIR interoperability
  • NHS Digital integration testing

Cost: £35,000 - £95,000

Phase 6: Market Entry (Q3 2026 – Q4 2027)

  • UKCA marking and Declaration of Conformity
  • Post-market surveillance system
  • Limited NHS pilot (2-3 trusts)

Cost: £10,000 - £25,000

Phase 7: Product Refinement & International Expansion (2028+)

  • Cost optimisation and accuracy improvements
  • International regulatory preparation (EU, US)
  • Scalability for multi-country deployment

Phase 8: Post-Market Surveillance (Ongoing)

  • Performance monitoring and incident reporting
  • Annual reviews and clinical evaluation updates

Cost: £20,000 - £50,000/year

Total Investment: £250,000 - £500,000

Full regulatory compliance requires substantial investment:

  • ISO 13485 QMS: £20,000 - £50,000
  • Clinical Safety Officer: £20,000 - £100,000/year
  • Data Protection Officer: £15,000 - £80,000/year
  • UK Approved Body Assessment: £15,000 - £40,000
  • Clinical Evaluation & Validation: £10,000 - £25,000
  • NHS DTAC & Interoperability: £30,000 - £80,000
  • Regulatory Consulting: £20,000 - £60,000

This represents 35% of our £500k-700k seed funding round.

Key Standards & Compliance

  • MHRA Regulations: UK MDR 2002, UKCA marking, AIaMD classification
  • Quality Management (ISO 13485): Comprehensive QMS audited annually by UK Approved Body
  • Risk Management (ISO 14971): Systematic risk analysis covering clinical, security, and AI-specific risks
  • Clinical Safety (DCB0129): NHS standards requiring CSO, hazard analysis, and Clinical Safety Case Report
  • NHS DTAC: Essential for NHS procurement eligibility
  • Data Protection: UK GDPR compliance, DPIA, ICO registration, NHS DSPT
  • Cybersecurity: Cyber Essentials certification, ISO 27001 alignment, penetration testing
  • Interoperability (HL7 FHIR R4): Integration with NHS systems (EMIS, SystmOne) and SNOMED CT support

Why It Takes 12-18 Months

Healthcare startups often underestimate regulatory timelines:

  • ISO 13485 implementation: 4-8 months
  • Clinical validation studies: 3-6 months
  • UK Approved Body review: 3-6 months
  • Technical File preparation: 2-4 months

Rushing leads to failures. We have built realistic timelines with contingency.

Why Transparency Matters

Healthcare AI has a credibility problem. Companies misrepresent regulatory status and promise unrealistic timelines.

Our approach: We clearly state our development status, provide realistic timelines, and openly share our regulatory roadmap. This builds trust with advisors, investors, and future customers.

Questions?

Contact us at maximus.smith@heaith.co.uk or view our Regulatory Status Page.

View Full Regulatory Roadmap Join Advisory Board