NABIDH vs Riayati vs DHPO is one of the most searched compliance questions among UAE healthcare administrators, and for good reason. A clinic manager at a multi-specialty facility in Sharjah recently sat down with a new EMR vendor for a system kickoff meeting. The vendor asked a direct question: “Which integrations do you need — NABIDH, Riayati, or DHPO?” The manager agreed to all three on the spot. The problem was that the operational differences, regulatory boundaries, and technical obligations of each system were entirely unclear to her team.
That conversation happens across UAE medical facilities every week. Clinical directors, operations managers, and healthcare investors regularly encounter these three acronyms. The confusion is understandable because all three exist under the umbrella of UAE digital health reform, yet they serve completely different functions, cover different geographies, and answer to different regulatory bodies.
This guide cuts through that confusion. It explains exactly what each platform does, which framework applies to your clinic’s location, how all three interact, and how Medic by Freit.io manages all three in a single unified platform so your team never has to think about them separately again.
Table of Contents
Why Three Systems Exist: The UAE’s Decentralised Health Architecture
To understand why three distinct platforms exist, it helps to understand how healthcare regulation is structured across the UAE. The country operates as a federation where health administration is distributed across separate regulatory bodies rather than managed by a single national ministry.
The Dubai Health Authority (DHA) governs healthcare in Dubai. The Department of Health (DoH) oversees Abu Dhabi. The Ministry of Health and Prevention (MOHAP) manages federal health initiatives and directly oversees healthcare across the Northern Emirates, including Sharjah, Ajman, Ras Al Khaimah, Fujairah, and Umm Al Quwain.
Because each regulatory body developed its own digital health infrastructure to serve its specific population, independent platforms emerged over time. A major federal effort has since interconnected these systems so that patient data can cross emirate boundaries when patient consent is granted. However, the underlying architectures remain separate assets, each requiring its own technical configuration, security protocols, and compliance approvals.
Important: Operating a clinic in one emirate and assuming another emirate’s compliance covers you is one of the most common and costly mistakes in UAE healthcare administration. Your obligations are determined by where your medical licence is issued, not by which systems your software vendor happens to support.
What Is NABIDH? Dubai’s Mandatory Health Information Exchange
NABIDH stands for the National Backbone for Integrated Dubai Health. Developed and mandated by the Dubai Health Authority, it is the official Health Information Exchange (HIE) for the Emirate of Dubai. The platform functions as a secure, centralised digital repository that aggregates patient health data generated within Dubai’s geographic boundaries and makes it accessible to authorised providers in real time.
According to the DHA’s official announcements, NABIDH has unified over 9.53 million patient records and connected more than 1,500 healthcare facilities, with 82% of Dubai’s medical workforce actively using the system. These figures reflect the scale and penetration of a platform that is no longer emerging technology but established operational infrastructure.
Who Must Comply with NABIDH?
Every healthcare facility holding a DHA medical licence is legally required to achieve full, live integration with NABIDH. This universal mandate applies equally to:
- Private medical centres and specialist clinics of any size, from single-doctor practices to multi-specialty hospitals.
- Dental clinics operating under DHA licences anywhere in Dubai.
- Diagnostic imaging facilities and clinical laboratories licensed by the DHA.
- Pharmacies operating within the emirate’s licensed healthcare network.
There are no size-based exemptions. A neighbourhood GP clinic carries the same data transmission obligations as a 300-bed private hospital in Business Bay. The DHA verifies active integration during routine and unannounced inspections, and licence renewal is conditional on confirmed compliance.
What Data Does NABIDH Require?
The platform requires structured, real-time transmission of clinical data at every patient encounter. This includes consultation records linked to ICD-10 diagnosis codes, electronic prescriptions, laboratory orders and results, radiology reports, and discharge or referral documentation. Free-text notes and scanned documents are not accepted. Your EMR must enforce coded, structured data entry as a standard part of every clinical workflow.
For a detailed breakdown of how Medic manages NABIDH integration for Dubai clinics, visit the Medic NABIDH integration page.
What Is Riayati? The UAE’s National Unified Medical Record Platform
Riayati is a digital healthcare platform delivering the National Unified Medical Record (NUMR) programme, launched under the direct authority of the Ministry of Health and Prevention (MOHAP). Where NABIDH serves Dubai specifically, Riayati was engineered from inception as a national infrastructure, designed to bind the UAE’s diverse healthcare systems into a single, country-wide patient record ecosystem.
According to MOHAP’s official Riayati portal, the platform connects more than 2,500 healthcare facilities including public hospitals, private hospitals, clinics, day care centres, diagnostic centres, and pharmacies across the Northern Emirates and federal network. It is fully interconnected with NABIDH and Abu Dhabi’s Malaffi, enabling patient records to travel across emirate boundaries when patients authorise access at the point of care.
Who Must Comply with Riayati?
Riayati is the mandatory Health Information Exchange for all medical facilities licensed by MOHAP and physically operating in the Northern Emirates:
- Sharjah — all DHA-licensed and MOHAP-licensed facilities
- Ajman
- Ras Al Khaimah
- Fujairah
- Umm Al Quwain
A critical and frequently misunderstood point: clinic managers in Sharjah or Ajman sometimes assume that if their EMR supports NABIDH, their Riayati obligations are covered. This is incorrect and has resulted in audit failures. If your clinic is physically located in the Northern Emirates, Riayati is your mandatory platform, regardless of whether your software also supports NABIDH.
Healthcare groups operating branches across multiple emirates must maintain distinct, active integrations. NABIDH governs Dubai branches. Riayati governs Northern Emirates branches. Both must run simultaneously on a shared platform.
Warning: Assuming your NABIDH integration satisfies Riayati requirements if your clinic is in Sharjah or the Northern Emirates is a compliance error. These are separate systems with separate regulatory authorities. Failing a MOHAP Riayati audit carries the same licence renewal risks as failing a DHA NABIDH inspection.
Riayati Onboarding Requirements
Achieving a live Riayati connection requires a structured technical process. Your clinic must complete a rigorous information security assessment, sign a formal data participation agreement with the MOHAP Riayati authority, and conduct extensive end-to-end data exchange testing using standardised HL7 transmission protocols. Manual entries, portal updates, and spreadsheet submissions are not accepted. Your EMR must communicate directly with the federal Riayati data gateway through a native, certified integration.
What Is DHPO? Dubai’s Insurance Claims Clearinghouse
DHPO stands for the Dubai Health Post Office. Despite sharing regulatory oversight under the DHA alongside NABIDH, DHPO operates on an entirely different administrative plane. Where NABIDH and Riayati are clinical networks built to exchange medical histories between healthcare providers, DHPO is a specialised financial transaction and electronic claims clearinghouse.
The simplest way to understand the distinction is this: NABIDH maps your patient’s clinical journey. DHPO ensures your clinic gets paid for the care delivered.
Under Dubai Law No. 11 of 2013 on health insurance in the Emirate of Dubai, health insurance is mandatory for all Dubai residents. As confirmed by Dubai’s official government portal, employers are legally required to provide health insurance to employees. Because the vast majority of private clinic patients in Dubai carry employer-provided insurance, DHPO functions as the primary revenue channel for private medical practices.
What Does DHPO Handle?
DHPO manages the financial workflows that connect your billing team to insurance payors. Its core functions are:
- eClaim submission, which involves compiling and transmitting digital claim files containing ICD-10 medical codes and CPT procedure codes directly to insurance companies through the DHA-managed eClaimLink system.
- Prior authorisation processing, which transmits real-time approval requests for specialised procedures, advanced imaging, or specific pharmaceuticals before care is delivered.
- Remittance and rejection tracking, which delivers electronic payment advice and structured denial codes showing whether each claim was accepted, modified, or rejected by the insurer.
Who Must Comply with DHPO?
Any DHA-licensed facility in Dubai that treats insured patients must maintain an active DHPO integration. A Dubai clinic operating exclusively on a self-pay basis with no insurance patients is technically exempt, but this model is uncommon in practice given the high penetration of employer-sponsored health insurance across the emirate.
Warning: Submitting insurance claims without a live DHPO integration forces your billing team into manual portal entry, which dramatically increases coding errors, slows reimbursements, and creates audit exposure. The DHA can flag non-compliant billing workflows during standard facility inspections.
NABIDH vs Riayati vs DHPO: Side-by-Side Comparison
This is the clearest overview your management team needs for a complete picture of all three systems.
| Feature | NABIDH | Riayati | DHPO |
|---|---|---|---|
| Full Name | National Backbone for Integrated Dubai Health | National Unified Medical Record (via MOHAP) | Dubai Health Post Office |
| Governing Body | Dubai Health Authority (DHA) | Ministry of Health and Prevention (MOHAP) | Dubai Health Authority (DHA) |
| Geographic Scope | Emirate of Dubai only | Northern Emirates and federal network | Emirate of Dubai only |
| Primary Function | Clinical health data exchange | National unified patient medical records | Electronic insurance claims and billing |
| Data Type | Patient clinical records, diagnoses, prescriptions | Unified patient health histories across UAE | Financial claims, prior authorisations, remittance |
| Who Must Comply | All DHA-licensed facilities in Dubai | All MOHAP-licensed facilities in Northern Emirates | All Dubai clinics treating insured patients |
| Connected To | Riayati, Malaffi (cross-emirate) | NABIDH, Malaffi, Alhosn App | eClaimLink, insurance payors |
| Accepts Manual Uploads? | No — real-time automated only | No — HL7 protocol integration required | No — structured eClaim files required |
Your Clinic’s Exact Compliance Map
Understanding which systems apply to your facility comes down to two questions: where is your clinic licensed, and do you treat insured patients?
Dubai Clinics (Self-Pay Only)
If your Dubai facility operates exclusively on a self-pay model with no insurance agreements, your mandatory obligation is NABIDH only. Your EMR must maintain an active, real-time connection to the DHA’s health information exchange at all times.
Dubai Clinics (Insurance-Approved)
If your Dubai facility accepts any form of health insurance, you must maintain active, concurrent integrations with both NABIDH and DHPO. These are not optional additions. Both connections are verified during DHA inspections and both are prerequisites for licence renewal.
Northern Emirates Clinics (Sharjah, Ajman, RAK, Fujairah, UAQ)
Regardless of your insurance model, facilities licensed by MOHAP and operating in the Northern Emirates must maintain an active Riayati integration. This replaces, not supplements, NABIDH as your primary HIE obligation in this region.
Multi-Emirate Healthcare Groups
If your organisation operates clinic branches across both Dubai and the Northern Emirates, your corporate EMR must support NABIDH, Riayati, and DHPO simultaneously. This is one of the strongest arguments for selecting a single UAE-native EMR platform that carries all three integrations as standard components rather than optional add-ons.
Is your current system covering all the integrations your clinic locations require? Book a free compliance review with Medic by Freit and get a clear picture of your integration status.
Compliance Readiness Checklist
Use this checklist to audit your clinic’s current integration status before your next DHA or MOHAP inspection.
- [ ] Confirmed whether your clinic is licensed by DHA or MOHAP (or both for multi-emirate groups)
- [ ] Verified your EMR is officially DHA-certified for live NABIDH data exchange (Dubai clinics)
- [ ] Verified your EMR carries an active, native Riayati integration (Northern Emirates clinics)
- [ ] Confirmed your billing module submits eClaims directly through DHPO without manual portal entry (Dubai insured clinics)
- [ ] Received your official NABIDH Facility Code from the DHA (Dubai clinics)
- [ ] Completed MOHAP Riayati information security assessment and data participation agreement (Northern Emirates clinics)
- [ ] Confirmed your system supports HL7 and FHIR data communication standards natively
- [ ] Verified that clinical data entry in your EMR uses structured ICD-10 and CPT coding, not free-text notes
- [ ] Confirmed your EMR vendor manages technical maintenance of all integrations, not your internal team
Important: If your current vendor cannot confirm native, live integrations for each system relevant to your emirate, ask for written evidence before your next licence renewal cycle. Verbal assurances are not sufficient for DHA or MOHAP audit purposes.
How Medic by Freit Covers All Three in One Platform
This is precisely the complexity that Medic by Freit.io was built to eliminate. Rather than requiring clinic owners to manage separate software modules, track shifting compliance updates, and monitor three independent data flows, Medic consolidates the entire UAE health informatics layer into a single unified dashboard. All three integrations run automatically in the background, requiring no extra steps from your clinical or administrative team.
What Medic Delivers Across All Three Systems
DHA-Approved and MOHAP-Aligned. Medic holds formal regulatory recognition and technical approvals from both the DHA and MOHAP, ensuring smooth licensing and audit outcomes across every emirate in which your facilities operate.
Automated NABIDH Data Exchange. Clinical summaries, prescription details, and diagnostic data sync with the NABIDH platform automatically at the conclusion of every patient encounter in Dubai, requiring no additional data entry from your clinical team.
Direct Riayati Synchronisation. Facilities in Sharjah, Ajman, and across the Northern Emirates stay fully aligned with MOHAP’s National Unified Medical Record standards through Medic’s native, secure Riayati communication engine.
Unified DHPO eClaim Submissions. Your billing team can validate, package, and submit electronic insurance claims directly from Medic’s billing workspace. Built-in coding validation catches anomalies before submission, reducing rejection rates and protecting your revenue cycle.
Real-Time Remittance Feed. Track live approval, modification, or rejection status for every insurance claim from inside the patient file, eliminating the need to log into external insurance portals separately.
End-to-End Onboarding Management. The Medic engineering team handles the complete technical setup for all three integrations, runs validation tests with health authorities, and guides your staff through go-live without placing any IT burden on your internal team.
Medic is already trusted by more than 50 clinics and diagnostic networks across Dubai, Sharjah, Ajman, and Fujairah. Learn more about the platform and its UAE-specific design.
Frequently Asked Questions
What is the core difference between NABIDH, Riayati, and DHPO?
NABIDH vs Riayati vs DHPO represents three distinct functions within the UAE healthcare system. NABIDH is a clinical data exchange platform for Dubai managed by the DHA, enabling real-time sharing of patient medical histories across all DHA-licensed facilities. Riayati is a federal platform managed by MOHAP, serving as the National Unified Medical Record system for the Northern Emirates and connecting to NABIDH and Malaffi for cross-country data continuity. DHPO is an entirely different type of system: it is a financial clearinghouse for electronic insurance claims in Dubai, with no clinical data exchange function. Understanding this three-way distinction is essential for any UAE clinic manager planning a compliance strategy.
Do I need NABIDH if my clinic is in Sharjah?
No. If your clinic is physically located in Sharjah and licensed by MOHAP, your mandatory health information exchange is Riayati, not NABIDH. NABIDH applies specifically to facilities licensed by the DHA and operating within the Emirate of Dubai. Riayati is the federal platform that governs health data exchange across Sharjah, Ajman, Ras Al Khaimah, Fujairah, and Umm Al Quwain. If your healthcare group also operates a branch in Dubai, that Dubai branch must separately maintain a live NABIDH integration regardless of your Riayati status elsewhere.
Is DHPO separate from NABIDH even though both are managed by the DHA?
Yes, they are completely separate systems despite both falling under DHA oversight. NABIDH is a clinical platform that shares patient medical records between healthcare providers to support continuity of care. DHPO is a financial platform that processes electronic insurance claims between medical facilities and insurance payors. They do not share software engines, portal credentials, or data transmission paths. A Dubai clinic treating insured patients must run both integrations simultaneously: NABIDH for clinical data compliance and DHPO for insurance billing compliance.
Can one EMR system handle NABIDH, Riayati, and DHPO at the same time?
Yes, but only if the platform was specifically built for the UAE compliance landscape. Many international EMR products lack the native integrations required for these networks and cannot be retrofitted without significant cost, delays, and technical risk. Medic by Freit was designed from the ground up with all three integrations as standard platform components, meaning your clinic receives a single login, a unified dashboard, and a single vendor managing all three regulatory connections simultaneously.
What happens if my Dubai clinic has NABIDH but not DHPO?
If your Dubai clinic treats insured patients but lacks a live DHPO integration, your billing team is forced into manual claim submission through individual insurer portals. This approach increases data entry errors, raises claim rejection rates, slows reimbursement timelines, and exposes your facility to compliance flags during DHA inspections. Because health insurance in Dubai is mandatory under Dubai Law No. 11 of 2013, the vast majority of private clinic patients carry employer-provided coverage, making DHPO a practical necessity for almost every Dubai facility.
Do NABIDH, Riayati, and Malaffi share patient data across emirates?
Yes. The three principal health information exchanges — NABIDH for Dubai, Riayati for the Northern Emirates and federal network, and Malaffi for Abu Dhabi — are interconnected at the data layer. As confirmed by MOHAP’s official guidance, Riayati is integrated with NABIDH, Malaffi, and the Federal Authority for Identity and Citizenship. This cross-network connection allows patient medical profiles to move across emirate borders provided the patient authorises access at the point of care, forming the foundation of the UAE’s long-term vision for a single national health record.
How long does it take to get connected to all three systems?
Each integration follows its own onboarding timeline. NABIDH onboarding through a certified EMR vendor typically spans 6 to 8 weeks from software activation to receiving your official DHA facility code. Riayati onboarding involves an information security assessment, a formal data participation agreement with MOHAP, and end-to-end HL7 testing, which can run concurrently with NABIDH setup. DHPO integration through a compatible billing module can be activated as part of the same onboarding process. When a clinic selects Medic by Freit, the implementation team manages all three simultaneously, significantly compressing the total setup timeline.
What is a NABIDH Facility Code and is there an equivalent for Riayati?
A NABIDH Facility Code is a unique identifier issued by the DHA after your clinic’s EMR system successfully completes conformance testing, confirming it can accurately transmit and receive encrypted patient data in the correct format. Riayati operates a similar validation pathway through MOHAP, where facilities must pass data exchange testing and sign a formal data participation agreement before receiving active status on the federal network. Both codes serve as official confirmation that your facility is listed as compliant on their respective regulatory platforms. Without these, your clinic remains unverified regardless of which software you are running.
What are the risks of retrofitting an uncertified EMR for UAE compliance?
Attempting to connect a non-certified international EMR to NABIDH, Riayati, or DHPO through third-party connectors introduces multiple risks. The software may fail DHA or MOHAP conformance testing due to incompatible data structures or unsupported HL7 formats. Custom patches are expensive to build, difficult to maintain, and typically void the original software’s support terms. When regulatory standards update — which they do periodically — your team bears the full burden of technical remediation rather than your vendor. Selecting a pre-certified, purpose-built platform like Medic eliminates all of these risks from day one.
Closing Note
NABIDH, Riayati, and DHPO are three distinct systems with separate administrative roles, separate regulatory authorities, and separate technical requirements. They cover different geographies, process different data types, and carry different compliance consequences when they are missing or broken.
The NABIDH vs Riayati vs DHPO question does not have a single universal answer for every UAE clinic. The correct answer for your facility depends entirely on your licensing emirate, your insurance model, and whether you operate across multiple regions. Getting these distinctions wrong is not a minor administrative issue. It is a direct threat to your licence renewal, your revenue cycle, and your ability to provide informed patient care.
Medic by Freit.io was built to remove this complexity entirely. A single platform, three active integrations, managed end-to-end by a UAE-native team that understands every layer of the regulatory environment your clinic operates within. Contact the Medic team today to discuss your clinic’s specific compliance map, or book your free platform demo to see all three integrations in action.
Disclaimer: This blog is produced for informational and educational purposes only and does not constitute legal, regulatory, or compliance advice. Requirements under NABIDH, Riayati, DHPO, and other UAE healthcare frameworks are subject to change. Clinic owners and managers should consult the relevant regulatory authority — DHA, MOHAP, or DoH — for guidance specific to their facility type, licence category, and operational circumstances.