Home /Compliance
Compliance

Compliance at every layer.

ClinexaOS is designed to operate within the regulatory frameworks that govern healthcare data and medical AI globally. We make compliance a platform responsibility, not an institutional burden.

Regulatory Frameworks

πŸ‡ͺπŸ‡Ί
GDPR (EU)

ClinexaOS operates as a Data Processor under GDPR when processing personal data on behalf of EU-based institutions. We support Controllers in meeting their GDPR obligations through our privacy-by-design architecture, DPA framework, and data subject rights assistance tools.

πŸ‡¬πŸ‡§
UK GDPR & Data Protection Act 2018

ClinexaOS Inc. is registered with the UK Information Commissioner's Office (ICO). Our UK operations comply fully with the UK GDPR and DPA 2018, with a designated Data Protection Officer.

πŸ‡ΊπŸ‡Έ
HIPAA (USA)

For US-based institutional customers, ClinexaOS enters into Business Associate Agreements (BAAs). Our zero-persistence architecture is designed to minimise PHI exposure. BAA templates are available upon request.

πŸ‡¦πŸ‡ͺ
UAE PDPL & DOH Regulations

ClinexaOS is compliant with the UAE Personal Data Protection Law and applicable Department of Health Abu Dhabi and Dubai Health Authority regulations for AI-assisted diagnostics.

🌐
EU AI Act

As a provider of AI systems used in high-risk medical contexts, ClinexaOS is preparing for full compliance with the EU AI Act, including transparency requirements, human oversight mechanisms, and conformity assessments.

Medical Device Regulation

ClinexaOS's AI-assisted radiology reporting module holds CE Mark certification under EU MDR 2017/745 (Class IIa). This certifies that the module meets applicable safety, performance, and clinical evaluation requirements for deployment in European healthcare settings.

  • CE Mark Notified Body: TÜV SÜD (NB 0123)
  • Classification: EU MDR Class IIa
  • Intended Purpose: AI-assisted pre-reading and structured report generation for radiological imaging studies
  • Annual post-market clinical follow-up (PMCF) conducted and documented

Regulatory status varies by jurisdiction. Please confirm the applicable regulatory status of ClinexaOS in your country with your sales representative before clinical deployment.

Compliance Documentation

The following documents are available to enterprise customers on request:

  • ISO 27001 Certificate of Registration
  • SOC 2 Type II Report (under NDA)
  • CE Mark Technical Documentation Summary
  • Business Associate Agreement (BAA) template β€” US customers
  • Data Processing Agreement (DPA) β€” EU/UK customers
  • Penetration Test Summary Report (most recent)
  • EU AI Act readiness assessment (available Q3 2025)

To request documentation, contact info@clinexaos.com.

Certifications
βœ…

ISO 27001:2022

Certified
βœ…

SOC 2 Type II

Annual report
πŸ‡ͺπŸ‡Ί

CE Mark (EU MDR)

Class IIa
πŸ“‹

ICO Registration

UK DPA 2018
⏳

EU AI Act

In preparation
Contact Compliance
πŸ“§

info@clinexaos.com

Compliance

info@clinexaos.com

Compliance documentation & BAAsamp; BAAs
πŸ”

info@clinexaos.com

Data Protection enquiries