We build digital health products with the regulatory and security posture the NHS, MHRA, and CQC expect. DCB0129/0160 documentation, MHRA medical device classification awareness, ISO 27001-aligned architecture, and patient data flows that survive due diligence.
Digital health features built for UK clinical, regulatory, and operational reality — not generic CRUD apps with a stethoscope sticker.
Symptom tracking, appointment booking, medication reminders, secure messaging with clinicians. NHS login or third-party SSO supported. Accessible to WCAG 2.1 AA.
Caseload management, triage queues, structured note templates, e-prescribing where supported. Designed alongside actual clinicians, not against generic admin UI patterns.
Special-category data handling under UK GDPR Article 9, lawful basis tracking, data minimisation, encryption at rest and in transit, and audit-ready data subject access.
We architect to ISO 27001 Annex A controls so when you decide to certify, the technical gap is small. Access management, change control, encryption policy, and incident response built in.
PROMs/PREMs surveys, structured outcomes capture, anonymised export for research, and reporting dashboards for commissioners. The metrics your NHS contract will require.
FHIR R4 endpoints for interoperability with NHS systems and EHRs. Snomed CT and ICD-10 coded data structures so your records are usable downstream — not free-text trapped in your database.
We are not your regulatory consultant, but we know the questions the NHS, MHRA, and your clinical safety officer will ask. We build with these in mind.
Manufacturers (DCB0129) and deployers (DCB0160) of clinical risk-bearing software for the NHS need clinical safety case files. We structure development so the technical evidence (hazard log, risk assessment, change records) is ready when your clinical safety officer needs it.
Software that diagnoses, monitors, treats, or prevents disease may be a medical device under UK MDR. We help you understand which category applies (Class I to III) and architect to support a future application. Not a substitute for regulatory consulting, but we know the questions to ask.
The Digital Technology Assessment Criteria covers clinical safety, data protection, security, interoperability, and usability. We provide the technical evidence (penetration test, ISO architecture, FHIR endpoints) needed for a DTAC submission.
Three rough tiers. Every quote is fixed-price after a free scoping call. All include design, development, testing, deployment and source code handover.
From £18,000
Focused digital health app with the documentation needed for early NHS conversations. 6-10 weeks delivery.
From £40,000
Patient + clinician + commissioner platform with FHIR, reporting, and integrations. 12-16 weeks delivery.
From £75,000
Software-as-medical-device with the technical evidence for an MHRA registration. 16-24 weeks delivery.
Tell us about your health product and target deployment (NHS, private, B2B2C). We’ll come back within 24 hours with a clear scope, fixed price, and the regulatory considerations we recommend you discuss with a specialist.