MedDeviceGuideMedDeviceGuide
Back
Digital Health & AISaMDRegulatoryMiddle EastSaudi ArabiaUAETurkeyIsrael

Digital Health & AI Medical Device Regulation in MENA: SFDA, EDE & TITCK Frameworks

Complete guide to digital health and AI medical device regulation across MENA — SFDA MDS-G27 guidance on digital health products (SaMD, mHealth, DTx, AI/ML, telemedicine, wearables, VR/AR), UAE EDE AI registration frameworks and National AI Strategy 2031, Turkey TITCK software medical device classification and exclusion list, Israel AMAR software requirements, and practical compliance strategies for each market.

Ran Chen
Ran Chen
Global MedTech Expert | 10× MedTech Global Access
2026-04-1317 min read

MENA's Digital Health Regulatory Landscape Is Taking Shape

Across the Middle East and North Africa, regulators are rapidly building frameworks to govern digital health products and AI-enabled medical devices. In August 2025, Saudi Arabia's SFDA published MDS-G27 — its comprehensive guidance on digital health products, covering everything from Software as a Medical Device (SaMD) to AI/ML-enabled diagnostics. This built upon the earlier MDS-G010 guidance on AI/ML-based medical devices, which had already established Saudi Arabia as the regional leader in AI device regulation. The UAE's EDE has established registration pathways for AI-enabled devices under the National AI Strategy 2031, while Abu Dhabi's Department of Health issued a Responsible AI Standard in October 2025. Turkey's TITCK classifies software-based products under its EU-aligned Medical Device Regulation, and Israel's AMAR applies its existing medical device framework to software with medical purposes.

This guide examines the digital health and AI regulatory frameworks across MENA's four largest medical device markets — Saudi Arabia, the UAE, Turkey, and Israel — providing practical compliance guidance for manufacturers of SaMD, AI-enabled devices, digital therapeutics, and connected health products.

Saudi Arabia: SFDA Digital Health Framework

MDS-G27: Guidance on Digital Health Products (August 2025)

The SFDA's MDS-G27, published August 11, 2025 (Version 1.0), represents a watershed moment for digital health regulation in the Gulf. The guidance applies to medical device manufacturers and software developers seeking Medical Devices Marketing Authorization (MDMA) for digital health products in the Kingdom.

Categories Covered

MDS-G27 explicitly covers the following digital health product categories:

Category Description
Software as a Medical Device (SaMD) Software intended for medical purposes without being part of a hardware medical device
Mobile Health Applications (mHealth) Apps that monitor health metrics or provide patient engagement support
Digital Therapeutics (DTx) Evidence-based interventions delivered via software to prevent or treat medical conditions
Health Information Technology (HIT) Systems managing health data, records, and clinical workflows
Telemedicine Platforms facilitating remote consultations and diagnostics
Wearable Devices Connected devices with health monitoring or diagnostic capabilities
Virtual Reality & Augmented Reality (VR/AR) Immersive technologies for medical training, therapy, or surgical planning
Artificial Intelligence and Machine Learning (AI/ML) Systems that analyze patient data or support clinical decision-making
General Wellness Devices Products making wellness claims without medical purpose (explicitly excluded from regulation)

Qualification as Medical Devices

The guidance establishes clear criteria for determining when a digital health product qualifies as a medical device under SFDA regulations. A product is regulated as a medical device when it:

  • Is intended for medical purposes (diagnosis, prevention, monitoring, treatment, or alleviation of disease)
  • Achieves its primary intended action by means other than pharmacological, immunological, or metabolic means
  • Incorporates software or digital technology that performs a medical function

A critical distinction is drawn between regulated medical devices and general wellness products. Products that solely promote general wellness, fitness tracking without medical claims, or lifestyle management do not fall under SFDA jurisdiction.

AI/ML-Specific Requirements

MDS-G27 establishes additional regulatory requirements specific to AI/ML-enabled medical devices:

  • Validation & Verification (V&V): Algorithms must be tested using diverse, high-quality datasets to demonstrate safety and effectiveness across the intended patient population.
  • Data Quality & Governance: Strict protocols must ensure data integrity, accuracy, privacy, and traceability throughout the entire device lifecycle.
  • Transparency & Explainability: Clear documentation of algorithm functionality, limitations, and biases is required to support clinical understanding and regulatory review.
  • Risk Management: A comprehensive framework must address potential risks specific to AI systems, including data drift, algorithm degradation, and adversarial inputs.

Regulatory Pathway for Digital Health Products

Digital health products that qualify as medical devices must follow the standard SFDA MDMA process:

  1. Pre-MDMA Assessment — Determine whether the product qualifies as a medical device under MDS-G27 criteria
  2. Classification — Apply risk classification (Class A–D) based on intended use and clinical context
  3. Conformity Assessment — Demonstrate compliance with applicable SFDA requirements (MDS-REQ1 and relevant standards)
  4. MDMA Application — Submit through the SFDA portal with full technical documentation
  5. Post-Market Surveillance — Comply with MDS-REQ11 vigilance and PMS requirements, including AI-specific monitoring obligations

SFDA Modern Technology and Digital Health Department

The SFDA has established a dedicated Modern Technology and Digital Health Department within its Medical Devices Sector. This department organized specialized workshops on its Digital Health Platform at the Global Health Exhibition 2025, focusing on regulatory practices in clinical trials for medical devices and emerging digital health technologies.

The SFDA also published a companion diagnostic IVD guidance and has been conducting capacity building programs covering analytical performance, clinical evaluation, companion diagnostics, artificial intelligence, and biocompatibility.

SFDA Digital Health Platform

The SFDA organized workshops at GHE 2025 highlighting:

  • Leading regulatory practices in clinical trials for digital medical devices
  • Requirements for digital and emerging health technologies
  • Collaboration with universities and research centers on technical requirements for biotechnology and AI-based devices

Related SFDA Guidance Documents

MDS-G27 does not stand alone. The SFDA has built a complementary body of guidance for digital health products:

Guidance Reference Scope
Guidance on AI/ML-based Medical Devices MDS-G010 Foundational AI/ML requirements, clinical evaluation standards partially adapted from WHO recommendations
Guidance on Software as a Medical Device MDS-G23 SaMD-specific classification, lifecycle management, and conformity requirements
Guidance on Pre-Market Submission MDS-G38 Pre-market documentation and evidence requirements for digital health products
Draft Guidance on Device Bundling MDS-G-028 (draft) Allows bundling multiple devices into a single MDMA, provided they share the same manufacturer and risk class

MDS-G010 is particularly significant — it was the SFDA's first binding AI/ML guidance and pioneered adapted WHO clinical evaluation standards, positioning Saudi Arabia as a regional leader in AI device regulation. Manufacturers of AI-enabled devices should reference MDS-G010 alongside MDS-G27 for a complete regulatory picture.

Practical Compliance for Saudi Arabia

For manufacturers of SaMD or AI-enabled devices targeting Saudi Arabia:

  1. Determine qualification status using MDS-G27 criteria before starting the MDMA process
  2. If the product is general wellness only — document why it does not meet the medical device definition; no MDMA needed. Labeling must clearly state in both Arabic and English that the device is not intended for medical purposes.
  3. If the product qualifies as a medical device — classify under the standard A–D system, prepare a full technical file per MDS-REQ1
  4. For AI/ML products specifically — comply with both MDS-G27 and MDS-G010; prepare V&V documentation, data governance protocols, transparency reports, and AI-specific risk management documentation
  5. Consider MDS-G-028 bundling — if you have multiple devices from the same manufacturer and risk class, explore the draft bundling guidance to streamline MDMA submissions
  6. Engage an Authorized Representative in Saudi Arabia to manage the MDMA application

United Arab Emirates: EDE & National AI Strategy 2031

EDE Registration for Digital/AI Devices

The Emirates Drug Establishment (EDE) manages medical device registration for the UAE, including AI-enabled and digital health products. The EDE's framework, established under Federal Decree-Law No. 38 of 2024, applies the standard GHTF classification (Class I–IV) to digital health products that meet the medical device definition.

Key requirements:

  • Classification: AI-enabled devices are classified based on risk (Class I–IV), not on the basis of AI/ML technology alone
  • Registration: Standard EDE registration through the portal at www.ede.gov.ae
  • LAR requirement: Foreign manufacturers must appoint a Local Authorized Representative
  • Post-market surveillance: Biannual PSUR for high-risk devices; vigilance reporting per EDE requirements

UAE National AI Strategy 2031

Launched in October 2017, the UAE National AI Strategy 2031 aims to position the UAE as a global AI leader by 2031, with healthcare as a priority sector. The strategy has eight strategic objectives:

  1. Build a reputation as an AI destination
  2. Increase UAE competitive assets in priority sectors through AI deployment
  3. Develop a fertile ecosystem for AI
  4. Adopt AI across customer services to improve lives and government
  5. Attract and train talent for future jobs enabled by AI
  6. Bring world-leading research capability to work with target industries
  7. Provide the data and supporting infrastructure essential to become a test bed for AI
  8. Ensure strong governance and effective regulation

The strategy aligns with the UAE Centennial 2071 vision and is overseen by the Ministry of State for Artificial Intelligence, Digital Economy, and Remote Work Applications.

Abu Dhabi DOH Responsible AI Standard (October 2025)

On October 16, 2025, the Department of Health – Abu Dhabi (DOH) published the Responsible Artificial Intelligence (AI) Standard, developed by the Data and Digital Governance Office (DDGO). Key provisions:

  • Establishes minimum requirements for implementing responsible AI practices across Abu Dhabi's healthcare ecosystem
  • Applies to all DOH offices, centers, sectors, and licensed healthcare entities involved in AI development, procurement, or deployment
  • Effective immediately upon publication (October 2025), with next review scheduled for October 2026
  • Accompanied by the Responsible AI Risk Management Protocol for risk assessment and mitigation in healthcare AI systems
  • Core requirements include:
    • Clear governance on the use of AI
    • Regular audits of AI functionality with reporting to DOH
    • Compliance with all UAE and DOH regulatory requirements (e-health, health information exchanges, data protection, information security, AI)

UAE Charter for AI Ethics

The UAE adopted a non-binding Charter for the Development and Use of Artificial Intelligence (June 2024) outlining 12 ethical principles:

  • Transparency — AI systems and decision-making processes must be understandable and accessible
  • Accountability — Clear lines of responsibility for AI development and use
  • Fairness — Mitigating bias to ensure equitable treatment
  • Safety, data privacy, human oversight, and governance

The UAE has also adopted UNESCO's Recommendation on the Ethics of Artificial Intelligence.

MoIAT and Operation 300bn

The Ministry of Industry and Advanced Technology (MoIAT) manages Operation 300bn, which designates "Medicine, medical equipment and supplies" as a priority industrial sector. For digital health manufacturers, this means:

  • Access to EDB financing for local manufacturing of digital health products
  • Priority sector incentives for UAE-based AI/digital health production
  • Standards and metrology support through MoIAT's quality infrastructure
  • Advanced technology adoption programs for Industry 4.0 integration

Practical Compliance for the UAE

  1. Register with EDE using the standard device classification (Class I–IV)
  2. If deploying in Abu Dhabi — ensure compliance with DOH Responsible AI Standard
  3. For AI-powered SaMD — prepare documentation demonstrating governance, audit processes, and data protection compliance
  4. Consider DHCC or DSP for company establishment — 100% foreign ownership, 0% tax, healthcare-specific ecosystem
  5. Leverage National AI Strategy — the UAE actively supports AI innovation through regulatory sandboxes, funding programs, and streamlined approvals
Recommended Reading
South Korea Digital Medical Products Act (DMPA): Complete Compliance Guide (2026)
Digital Health & AI MFDS2026-04-10 · 16 min read

Turkey: TITCK Digital Health Framework

Software as Medical Device Classification

Turkey's medical device regulation is closely aligned with the EU MDR (Medical Device Regulation 2017/745). Software designed to fulfil the role of medical devices is regulated under the Turkish Medical Device Regulation (No. 38657) when it:

  • Is used to diagnose, prevent, monitor, or treat diseases, injuries, or disabilities
  • Modifies anatomy or physiological processes
  • Provides medical information through in vitro examination of body samples

Classification follows the same risk-based system as the EU MDR. Software classified as a medical device must meet all requirements including classification, ÜTS (Product Tracking System) registration, clinical evaluation, and CE marking verification.

Non-Turkish manufacturers must appoint a Turkish Authorized Representative, and importers must verify CE marking, Declaration of Conformity, ÜTS registration, and Turkish labeling.

TITCK Exclusion List (2026 Update)

In 2026, TITCK published an updated exclusion list clarifying products that are not medical devices despite their presence in healthcare settings:

  • Hospital furniture and textiles — standard items without specific medical functions
  • General cleaning products — including latex gloves marketed for "general cleaning" (contrast: the same glove marketed as "examination glove" or "surgical glove" is a medical device)
  • Dual-use laboratory equipment — instruments used for both medical and non-medical purposes, depending on intended use
  • Hospital infrastructure — building systems, HVAC, and structural components

This exclusion list is critical for digital health companies, as it clarifies the boundary between regulated and unregulated software.

Telemedicine Regulation

Turkey enacted the Regulation on the Provision of Remote Health Services in 2022, establishing the legal framework for telemedicine. Key provisions:

  • Only MoH-licensed software (Remote Health Information Systems — USBS) may be used for telemedicine
  • Healthcare institutions must notify the MoH of their USBS and obtain Remote Health Activity Authorizations
  • USBS systems must comply with cybersecurity, data security, patient correspondence safekeeping, and e-Nabız integration requirements
  • Healthcare professionals can issue e-prescriptions and e-reports using authorized systems

Emerging AI Regulation

Turkey has no specific AI regulation for medical devices yet, but several developments are underway:

  • A proposed AI and Digital Health Applications Regulation will introduce AI transparency requirements, ethical AI guidelines, and approval procedures for AI-driven diagnostics
  • Turkey's Personal Data Protection Law (KVKK, Law No. 6698) applies to any AI system processing personal data, including health data
  • Turkey is developing a risk-based AI framework inspired by the EU AI Act, with sector-specific guidance for healthcare
  • Updates to the Medical Device Regulation aim to align Turkish law with the EU MDR and introduce stricter post-market surveillance requirements
  • Cybersecurity regulations for digital health platforms will require end-to-end encryption and mandatory penetration testing for cloud-based health applications

Practical Compliance for Turkey

  1. Determine if your software qualifies as a medical device under the Turkish Medical Device Regulation definition
  2. If it does — classify, register in ÜTS, appoint a Turkish Authorized Representative, and obtain CE marking
  3. If it is telemedicine software — obtain MoH licensing as a USBS and ensure e-Nabız integration
  4. For AI products — comply with KVKK data protection requirements; prepare for upcoming AI-specific regulation
  5. Review the TITCK exclusion list to confirm your product is not erroneously registered as a medical device

Israel: AMAR Software Requirements

Regulatory Framework

Israel's Medical Devices Division, operating under the Ministry of Health (MOH), oversees medical device regulation including software-based products. Key principles:

  • There is no specific regulation dedicated exclusively to AI/ML-powered digital health devices or software solutions in Israel
  • Such devices are generally regulated under existing medical device laws and standards, including the Medical Devices Law, 2012
  • Software that performs medical functions (diagnosis, monitoring, treatment) is classified as a medical device under AMAR rules

Software Classification Under AMAR

Software products are classified based on their intended medical purpose:

  • If the software is used to diagnose, prevent, monitor, or treat disease — it is a medical device
  • If the software merely stores, archives, or transfers data without medical interpretation — it may fall outside medical device regulation
  • The Israel Registration Holder (IRH) is responsible for managing the regulatory process for foreign manufacturers

IVD Declaration Route

Israel's AMAR offers a declaration route for certain IVD products, which may extend to software-based IVD products. Under this route, manufacturers can self-declare conformity for lower-risk products, reducing the regulatory burden.

Emerging Digital Health Oversight

The MOH is adapting its regulatory framework to address AI/ML in healthcare through several initiatives:

  • Updated digital health-specific publications addressing telehealth, data protection, and AI systems
  • The Privacy Protection Authority (PPA) published guidance in 2025 clarifying the application of Israel's Privacy Protection Law to AI systems throughout their entire lifecycle — from model training to deployment
  • Emphasis on lawful bases for processing, informed consent, transparency, limits on data scraping, and enhanced accountability

Comparative Regulatory Overview

Parameter Saudi Arabia (SFDA) UAE (EDE) Turkey (TITCK) Israel (AMAR)
Digital health guidance MDS-G27 (Aug 2025) EDE framework MDR-aligned, exclusion list 2026 Medical Devices Law 2012
AI-specific regulation MDS-G27 AI/ML section DOH Responsible AI Standard Proposed regulation pending No specific regulation
SaMD classification Class A–D Class I–IV EU MDR risk classes Risk-based under AMAR
Wellness vs medical device MDS-G27 criteria EDE classification criteria TITCK exclusion list MOH guidelines
Telemedicine regulation Under MDS-G27 EDE framework Regulation on Remote Health (2022) MOH guidelines
Data protection SFDA data governance UAE federal data laws KVKK (Law No. 6698) Privacy Protection Law
Post-market AI requirements MDS-REQ11 + AI-specific Biannual PSUR MDR PMS requirements IRH periodic reports
Foreign manufacturer requirement Authorized Representative Local Authorized Representative Turkish Authorized Representative Israel Registration Holder
Recommended Reading
ISO 13485 Certification: Budget, Auditor Expectations & Certification Body Selection (2026)
ISO 13485 Quality Systems2026-04-14 · 23 min read

Strategic Recommendations for Digital Health Manufacturers

1. Start with Saudi Arabia and the UAE

These two markets have the most developed digital health regulatory frameworks and the highest investment levels. MDS-G27 and the EDE framework provide the clearest pathways for SaMD and AI-enabled devices.

2. Document Your Qualification Decision

For every digital health product, maintain a written qualification assessment explaining why the product is or is not a medical device in each target market. This is critical because:

  • SFDA MDS-G27 requires a documented pre-MDMA assessment
  • Turkey's TITCK exclusion list means borderline products need explicit justification
  • The UAE EDE applies case-by-case classification

3. Prepare AI-Specific Documentation Early

Even where AI-specific regulations are still developing (Turkey, Israel), manufacturers should prepare:

  • Algorithm transparency documentation — describe what the AI does, how it works, its limitations, and known biases
  • Data governance protocols — demonstrate data quality, integrity, privacy, and traceability
  • Validation evidence — diverse datasets, clinical performance metrics, and robustness testing
  • Risk management — AI-specific risks including data drift, adversarial inputs, and performance degradation over time

4. Design for Regulatory Convergence

MENA regulators are increasingly aligning with international frameworks — IMDRF SaMD guidance, EU AI Act principles, and WHO clinical evaluation standards. Products designed to meet the most stringent requirements (currently SFDA MDS-G27 for the region) will be well-positioned as other markets tighten their rules.

5. Engage Local Regulatory Partners

Each market requires a local representative (AR, LAR, Turkish AR, IRH). Choose partners with specific digital health experience who understand:

  • The distinction between medical device and wellness product classification
  • AI-specific documentation requirements
  • Post-market surveillance obligations for adaptive algorithms
  • Data protection and cross-border data transfer rules

Outlook: What to Expect in 2026–2027

The regulatory trajectory across MENA is clear: frameworks are becoming more specific, more comprehensive, and more aligned with international standards. Expected developments include:

  • Saudi Arabia: Further SFDA guidance on AI lifecycle management, building on MDS-G27; expanded capacity building programs; possible AI-specific MDMA pathway
  • UAE: Broader EDE guidance on digital health classification; potential federal AI regulation building on the DOH Responsible AI Standard; increased Operation 300bn incentives for digital health manufacturing
  • Turkey: Finalization of the proposed AI and Digital Health Applications Regulation; updated Medical Device Regulation aligned with EU MDR; stricter cybersecurity requirements for digital health platforms
  • Israel: Potential AI-specific guidance under the Medical Devices Law; updated PPA regulations for AI in healthcare

The digital health market across MENA is growing at 19.6% CAGR — the fastest segment in medical devices. Manufacturers that establish regulatory compliance infrastructure now will be positioned to capture this growth as frameworks mature.

Related Articles

RegulatoryManufacturing

3D Printed Medical Devices: FDA, EU MDR Regulatory Guide (2026)

Comprehensive guide to 3D printed medical device regulation — FDA pathways, EU MDR classification, patient-matched devices, point-of-care printing, process validation, biocompatibility, and key standards.

2026-04-15·39 min read
RegulatoryStandards & Testing

FDA Recognized Consensus Standards for Medical Devices: Complete Guide (2026)

Use FDA recognized consensus standards in 510(k), De Novo, and PMA submissions — Declaration of Conformity, key standards, and common mistakes to avoid.

2026-04-15·35 min read
RegulatoryQuality Systems

Single-Use Device Reprocessing & Remanufacturing: FDA & EU MDR Regulatory Guide (2026)

Comprehensive guide to FDA and EU MDR regulations for reprocessing single-use medical devices — covering 510(k)/PMA requirements, Article 17, Common Specifications, cost savings, and the 2026 EU amendment.

2026-04-15·32 min read