PharmaregUAE

DHA Telehealth Standards Version 4: practical implications

11 min read Updated June 2026

The Dubai Health Authority has refreshed the rulebook for remote care. Its Standards for Telehealth Services Version 4 raise the bar on licensing, data residency, security, and interoperability, and they are already in force. This guide explains what changed and the operational changes telehealth providers should plan for.

What the Version 4 standards are

The DHA Standards for Telehealth Services Version 4 were issued on 26 September 2025 and took effect on 26 November 2025. They apply to telehealth providers operating under the Dubai Health Authority in Dubai, and the next revision is due in 2030. In short, this is the framework that will govern remote consultations, virtual clinics, and connected care in Dubai for the next several years.

The standards bring together provider licensing and eligibility alongside clinical, interoperability, and data-protection requirements. That breadth is the point: telehealth is treated as a regulated mode of care delivery, not a lighter-touch alternative to in-person services. Providers should read the standards as the baseline that licensing, audits, and inspections will be measured against.

Licensing and provider eligibility

The first practical implication is that telehealth is a licensed activity. Providers need to confirm that their licence covers the telehealth services they intend to deliver and that the clinicians working through their platform are eligible to practise. If you are planning to launch a virtual clinic, expand an existing service line, or partner with an external platform, eligibility and scope should be settled before any patient-facing service goes live.

For groups entering Dubai from outside the Emirate, this means mapping your service model against the DHA framework early. The cleanest path is to align licensing, clinical governance, and technology decisions together rather than treating each as a separate workstream.

Data residency and security

One of the most consequential requirements is data residency: patient data must be stored inside the UAE. For providers relying on cloud services or platforms hosted abroad, this can require real architectural changes, including where databases sit and how backups and disaster-recovery copies are handled.

Alongside residency, the standards call for technical safeguards. Providers should plan for measures such as the following.

Checklist

Technical safeguards to plan for

  • Patient data stored inside the UAE
  • Encryption of data in transit and at rest
  • Multi-factor authentication for access to clinical systems
  • Use of approved communication tools for consultations
  • Integration with NABIDH, Dubai's health information exchange

NABIDH integration and interoperability

Interoperability sits at the centre of Version 4. Providers are expected to integrate with NABIDH, Dubai's health information exchange, so that records generated during remote consultations flow into the wider health system. This is not a one-off connection: it shapes how clinical data is captured, structured, and shared on an ongoing basis.

For many providers the practical work here is in the back end, making sure the platform can exchange data in the expected formats and that the right records reach NABIDH reliably. Building this in from the start is far simpler than retrofitting it after launch.

Clinical coding and records

Clinical documentation must speak the same language as the rest of the system. Clinical records should use DHA-approved coding, such as ICD-10 for diagnoses and SNOMED-CT for clinical terms. In practice that means your electronic medical record and any coding workflows need to support these standards, and that clinicians and coders are working to them consistently.

Consistent coding is also what makes interoperability meaningful. Records that are properly coded are the records that can be shared, audited, and acted on across the health system.

Prescribing controlled medicines

Prescribing through a remote consultation carries extra care. Controlled-medicine prescribing via telehealth is subject to specific rules, and providers should confirm what is permitted before building it into a service. If controlled substances are part of your clinical model, treat the prescribing pathway as a distinct compliance question rather than assuming it follows the same rules as a routine prescription.

What providers should do now

Because the standards are already in force, the sensible response is a structured review rather than a wait-and-see approach. A practical starting point is to map your current service against the licensing, data-residency, security, NABIDH integration, and coding requirements, then close the gaps in priority order. For groups planning to enter or expand in Dubai, aligning these decisions early avoids expensive rework later. You can read more about how we support remote care providers on our telehealth services page.

Frequently asked questions

When did the DHA Telehealth Standards Version 4 take effect?
They were issued on 26 September 2025 and took effect on 26 November 2025. The next revision is due in 2030.
Who do the standards apply to?
They apply to telehealth providers operating under the Dubai Health Authority in Dubai, covering licensing and eligibility as well as clinical, interoperability, and data-protection requirements.
Where must telehealth patient data be stored?
Patient data must be stored inside the UAE. Providers should also apply safeguards such as encryption, multi-factor authentication, and approved communication tools, and integrate with NABIDH.
What clinical coding should telehealth records use?
Records should use DHA-approved coding, such as ICD-10 for diagnoses and SNOMED-CT for clinical terms.
Can controlled medicines be prescribed via telehealth?
Controlled-medicine prescribing via telehealth is subject to specific rules. Providers should confirm what is permitted before offering such services.

This guide is general information, not regulatory or legal advice. Telehealth requirements can change, so confirm current rules with the Dubai Health Authority (DHA) or your regulatory partner before acting. Related: telehealth services.

Related guides.

Preparing for Version 4?

We help telehealth providers align licensing, data residency, NABIDH integration, and clinical coding with the DHA framework so your service launches on solid ground.

Talk to our team