Stream A · Product
Configuration from 80+ pre-validated modules. Integration of your clinical content and therapeutic logic. First review builds from week 3.
Phase 01 · BUILD
Digital therapeutics, the way only a platform can build them.
From therapeutic concept to a CE-marked product under MDR at DiGA compliance level. Twelve weeks, not twelve months.
Why different
Every DTx team builds the compliance stack from scratch. We solved that once, for everyone.
Classic medical device development is a project: custom architecture, custom regulatory work, custom post-market effort. The result is nine to eighteen months to CE certification and six- to seven-figure development costs – per indication, per market.
The mHealth Suite inverts the logic. It is a platform: indication-agnostic, modular, with compliance as part of the architecture. What is standardised below – data, security, documentation, BSI TR-03161 – gets configured above for your product. Therapeutic concept, content, interaction logic.
The difference isn’t incremental. It’s structural.
The timeline
Twelve weeks. Four parallel streams. One CE-marked product under MDR at DiGA compliance level.
Before kick-off
Intended purpose & therapeutic concept
Medical intended purpose, therapeutic logic, evidence strategy, regulatory pathway – DiGA fast-track, DiPA or MDR Class I/IIa. Upstream of the 12-week clock. The duration depends on your prior work; the 12-week clock only starts once this foundation is in place.
Responsible Customer + DUX
The twelve weeks · four parallel work packages
Not sequential – four streams run at the same time. That's why it's twelve weeks, not twelve months.
Stream B · MDR documentation
Technical documentation, clinical evaluation, risk management, Data Protection Impact Assessment – automated from the platform QMS.
Stream C · Cybersecurity (per DiGA)
BSI TR-03161 assessment by a BSI-recognised testing body – product-specific, per DiGA. Since 01.07.2025 a formal prerequisite for application completeness under § 139e Abs. 10 SGB V. The platform provides architecture and evidence; the assessment runs per product.
Stream D · CE marking under MDR
Conformity assessment, technical documentation, audit preparation. Class I (software without a measurement function): manufacturer’s Declaration of Conformity, CE mark self-affixed – no Notified Body on the product side. Class IIa: involvement of a Notified Body under MDR Annex IX – QMS audit and review of the technical documentation, Notified Body certificate. In parallel with development, not after.
After week 12
CE-marked under MDR, BSI-compliant, at DiGA level
Result: your product carries the CE mark under MDR (Class I: manufacturer’s Declaration of Conformity; Class IIa: additionally with Notified Body certificate), has the BSI TR-03161 assessment report per DiGA, and meets the BfArM Data Protection Criteria at DiGA compliance level. In the DiGA fast-track, the BfArM application now follows (three-month processing time after the complete application, DiGAV § 16 Abs. 1). Launch, market introduction and reimbursement onboarding come after BfArM listing – not within the twelve weeks.
What's inside
80+ modules your product is composed from.
The modules are clinically validated, technically reviewed, regulatorily covered and operationally ready. They aren’t rebuilt per project – they are configured per project.
Health data & integration
Apple Health / Google Fit · Bluetooth medical devices · FHIR interfaces · Electronic Patient Record (ePA)
Patient data management
Onboarding flows · patient profiles · validated questionnaires · GDPR consent · PIN and biometric lock
Clinical modules
Medication plans · training and exercises · vision and fitness tests · symptom diaries · pain monitoring
Regulatory & security
BSI TR-03161 architecture · ISO 27001 ISMS · MDR-compliant documentation · BfArM Data Protection Criteria (all ~150 individual requirements evidenced) · AbEM collection and reporting modules (Stage I mandatory from 01.07.2026) · data correction workflows
Community & engagement
Chatbot (FAQ + triage) · challenges · notifications · surveys · social share
Telemedicine & care
Physician integration · pharmacy integration · prescription renewal · second-opinion workflows
Evidence with substance
Audited on process and product level.
We cover both BSI standards relevant to the DiGA market – TR-03185 on the process level (our software development was audited), TR-03161 on the product level (every DiGA is certified individually; the DiGAs on our platform passed without conditions). For you that means: both evidence levels are prepared before your project begins.
BSI TR-03161
Rare in Germany
Our DiGAs: pass without conditions.
Cybersecurity · certified per DiGA.
BSI TR-03161 is awarded per DiGA – not per organisation. Most DiGAs only reach it with formal conditions and obligations to remedy; the DiGAs on our platform passed without conditions – a combination rarely seen in Germany.
BSI TR-03185
First audit
Audited as the first company.
Secure software development lifecycle.
DUX Healthcare is the first company to have completed a BSI TR-03185 audit – the formal certificate is pending. The audit covered the entire development process from requirements through implementation to release. Updates do not require re-auditing.
Baseline
ISO 13485
Quality management for medical devices – certified (TÜV Hessen)
ISO 27001
Information security management system – audited under BSI TR-03185 · separate certificate to follow
The math
In-house development versus mHealth Suite.
| Traditionelle Entwicklung | mHealth Suite | |
|---|---|---|
| Time-to-market (CE Class I/IIa) | 9–18 months | 12 weeks |
| Development cost | bespoke, noticeably higher than platform reuse | predictable, flat-rate |
| MDR · DiGA · BSI · GDPR | has to be built up | is part of the platform |
| Architecture | rebuilt per indication | indication-agnostic, modular |
| Legacy · existing DiGAs | not transferable | migratable as DiGA transfer |
| International expansion | repeated infrastructure investment | activatable per market |
Who you are
Four ways into BUILD.
For pharma
Adherence-focused companion apps for Rx medication.
Companion apps that connect telemedicine, prescription renewal and integrated patient journeys with your existing patient support program architecture. Not marketed as a DiGA – but integrated as an adherence-supporting building block of your product.
For startups
Time-to-market your cap table will like.
No six-figure upfront cost for regulatory infrastructure. No 18-month horizon until the first invoice. Instead: your clinical concept, configured to a CE-marked product. Twelve weeks. Predictable cost.
For DiGA manufacturers
DiGA transfer when compliance in-house is becoming unmanageable.
If your in-house development no longer keeps up with the updated BfArM review criteria or BSI TR-03161: we migrate your existing DiGA into the mHealth Suite. Your listing entry stays, your technical foundation becomes platform-based.
For international DTx manufacturers
Market entry Germany without your own regulatory team.
You have a DTx in the US, UK or APAC and want to enter the German statutory health insurance market. We re-implement on an MDR/DiGAV basis and act as your regulatory market-access partner in Germany.
Pricing
Transparent flat rate instead of bespoke estimate.
The mHealth Suite is operated as a leasing model. You pay setup and ongoing operations – no hidden licence or platform fees, no milestone negotiations.
The platform engagement
Setup
€100,000
one-off
Product development and initial configuration, MDR documentation, clinical evaluation, Declaration of Conformity, release management through go-live.
Operations
€15,000
per month
Further development on regulatory changes, hosting and operations, technical support, compliance maintenance, continuous security updates. Minimum term twelve months, payable in advance.
Optional
€54,000
on request
Regulatory Concierge
Consulting package: intended purpose, risk management, clinical evaluation, Declaration of Conformity. If you don’t want to carry the regulatory work in-house.
Additional: external manufacturer service for market placement of the SaMD from ca. €2,000 per month (optional). Customer-specific functionality on request.
Next step
Thirty minutes. Your intended purpose. An honest assessment.
A short conversation: whether the mHealth Suite fits your project and, if so, where we would start.
Book a call with Christoph