PL | EN

AI Regulatory Sandbox

A safe harbour for innovation. Test your AI solutions in medicine under regulatory oversight, before you enter the market.

Submit a project How does it work? ▾

What is a Regulatory Sandbox?

A special legal regime that enables organisations (start-ups, hospitals, IT companies) to test innovative solutions in a real-world environment, with a temporary exemption from certain stringent legal requirements.

Everything takes place under strict regulatory oversight, ensuring patient and data safety.

What does your project gain?

⚖️ Legal Security

Confidence that your activities align with the regulator's interpretation (compliance).

⏩ Faster Deployment

Ability to detect errors at an early stage, saving months of work.

🤝 Credibility

A sandbox participation certificate builds trust among investors and medical partners.

Who is the Regulatory Sandbox for?

Start-ups and innovators

Teams developing new medical technologies, digital systems, or AI-powered solutions.

Institutions and regulators

Public and private entities interested in safely testing innovations within the applicable legal framework.

Healthcare facilities

Organisations wishing to participate in pilots and technology testing before full deployment.

Why does the Regulatory Sandbox matter?

The Regulatory Sandbox reduces the risk of deploying innovation in healthcare, enabling early identification of legal, organisational, and technological barriers.

This is particularly important in the context of rapidly evolving technologies, such as artificial intelligence and remote patient monitoring.

Links to other initiatives

The Regulatory Sandbox operates in close connection with initiatives such as Living Lab, Startup Integrator and educational programmes including Longevity Technology Academy.

Detailed information about the Regulatory Sandbox

Legal Context

Under the AI Act, EU Member States are required to establish regulatory sandboxes to support innovation. Our initiative aligns with this trend, offering a pathway to compliance with national and EU regulations.

Why is it worth it?

⚡ Faster Deployment

Shorter time from idea to market and feedback from the regulator.

🛡️ Limited Risk

Operating in a special legal regime with secure access to data.

📈 Credibility

A sandbox participation certificate builds investor confidence.

🧪 Real-World Testing

Access to real medical data and infrastructure.

Sandbox Process Overview

Stage 1: Preparation

Qualification and Application

  • 1. Assessment of whether the product is an AI medical device.
  • 2. Preparation of documentation and risk assessment.
  • 3. Submission of application to URPL.
Stage 2: Deployment

Testing and Monitoring

  • 4. Ethics committee and URPL approval.
  • 5. Studies on a limited patient group.
  • 6. Risk management and audits every 3 months.
Stage 3: Evaluation

Certification and Deployment

  • 7. Data analysis and final report.
  • 8. Transition to full CE certification (MDR).
  • 9. Alumni programme and commercialisation.

Terms and Finances

Participation Requirements

  • • AI solution classified as a medical device
  • • Preliminary validation data
  • • Risk management plan
  • • Professional liability insurance

Costs (Estimated)

  • • Application fee: PLN 5,000–15,000
  • • Documentation: PLN 20,000–50,000
  • • Professional liability insurance: PLN 10,000–30,000/year
  • • Monitoring: PLN 5,000–15,000/month

Clinical Documentation

Clinical Trial Plan

Hypothesis, inclusion criteria, methodology, statistics.

Study Report

Endpoint analysis, safety, clinical conclusions.

Literature Review

Systematic review and meta-analyses.

Sandboxes in the EU (AI Act)

Legal Basis: AI Act Art. 57

Member States are required to establish regulatory sandboxes by August 2026. The aim is to support innovation while maintaining safety.

  • Real-World Testing: Validation in a clinical environment.
  • Exemptions: Temporary suspension of certain requirements.
  • Oversight: Continuous safety monitoring.
  • Protection: Safeguards for fundamental rights.

International Examples

Sandbox for Radiology AI

Organiser: Dutch Healthcare Authority

  • • Shared data repository for training.
  • • 8 certified solutions in 18 months.
  • • Procedures based on RWE (Real World Evidence).

Health Data Hub

Scale: 70 million patient records

  • • AI testing on anonymised data.
  • • Federated Learning Environments.
  • • Differential Privacy mechanisms.

Finnish AI Region

Model: Nordic Regional Collaboration

  • • 40% reduction in certification time.
  • • Shared validation protocols.
  • • Mutual recognition of certificates.

For Start-ups: How to Prepare

Success Strategies

  • Early Dialogue: Consultations before application.
  • Scientific Advice: Formal scientific guidance.
  • Partnership: Consortia with hospitals.

Economic Benefits

  • • Certification cost reduction: 30–50%
  • • Time-to-Market reduction: 40–60%
  • • Valuation increase (investment): 3–5x

Examples of Qualifying Projects

Diabetic Retinopathy

Fundus analysis algorithm. Sensitivity 94%. Certification in 14 months (vs 24+).

Sepsis Prediction

Detection 2 hours earlier than standard. 50k patients in trials.

Application Process — Step by Step

Stage 1: Pre-application

Duration: 1–2 months

  • ✅ Project eligibility analysis
  • ✅ Consultations with MDR legal counsel
  • ✅ Clinical requirements review

Stage 2: Documentation

Duration: 2–3 months

  • ✅ Clinical trial plan & risk assessment
  • ✅ Algorithm technical documentation
  • ✅ Data protection plan (GDPR)

Stage 3: Assessment

Duration: 3–4 months

  • ✅ Regulatory and ethical assessment
  • ✅ Ethics committee opinion
  • ✅ Statistical verification

Document Templates

Application Form (Extract)

A. START-UP INFORMATION
- Name, NIP, Address, Website
- Registration date

B. TECHNOLOGY DESCRIPTION
- AI category: [Diagnostic/Therapeutic]
- MDR risk class: [I/IIa/IIb/III]
- TRL: [6–9]

C. TEAM
- Team members and their experience (max 500 characters)

Study Plan & Risk

Study Plan

  • 1. Objectives: Primary (Sensitivity/Specificity), Secondary.
  • 2. Methodology: Sample size, Inclusion/exclusion criteria.
  • 3. Timeline: Recruitment → Testing → Analysis.

Risk Table

  • • Hazard (e.g. false negative result)
  • • Probability & Severity
  • • Control measures (e.g. physician verification)

Algorithm Technical Documentation

1. Architecture: Model type (CNN/Transformer), Layer structure.

model_architecture = {
    "input": "512x512x3",
    "hidden": ["conv2d_64", "max_pool"],
    "output": "sigmoid_1_node"
}

2. Training Data: Sources, Number of cases, Split (70/15/15), Augmentation.

3. Metrics: Sensitivity, Specificity, AUC, Precision.

Budget (24 months)

  • • Research personnel: ~PLN 480,000
  • • Site fees: ~PLN 270,000
  • • Statistical analysis: ~PLN 48,000
  • TOTAL: ~PLN 903,000 (incl. indirect costs)

GDPR

  • Anonymisation: Differential privacy / k-anonymity.
  • Encryption: AES-256 (at rest), TLS 1.3.
  • Patient Rights: Access, Objection, Right to be forgotten.

Future in Poland

Planned full sandbox launch: 2025

Funding from KPO. Collaboration between the Ministry of Health and URPL.
We recommend a model combining the AI Act with MDR procedures (as in Nordic countries).

Want to test an innovation in a safe environment?

Contact us to discuss the possibility of participating in the Health4You Regulatory Sandbox.

Contact us