The Power of Unification. How Alto Health Integrated AI Governance and Medical Compliance.

Ardanis Launches Aileen with Confidence: Navigating AI Governance for a Successful Product Launch

Marita Kenrick

CEO of Alto Health

Dawn Horizon & Alto Health: Building a Trustworthy AI Foundation

For innovative companies in regulated sectors, integrating new AI requirements with existing, often siloed, compliance systems is a critical and complex challenge. Dawn Horizon partners with these businesses to navigate this complexity, building the unified governance frameworks their technology requires. This case study details our engagement with Alto Health, a company in the European HealthTech sector. Our collaboration focused on unifying their existing governance to navigate the European regulatory landscape, ensuring a compliant market entry for their AI-driven platform.

The Client's Challenge

Like many businesses, Alto Health’s governance practices for quality, security, and privacy had developed separately. This common scenario often creates inefficiencies, conflicting processes, and compliance gaps. Alto Health recognised this trend and wanted to break it, seeking to build efficiency and robust governance from the start.
Their initial request was specific: they sought an assessment and input on how best to leverage their existing QMS (ISO 13485) as the regulatory backbone for their new AI platform. The challenge was to integrate this QMS framework to holistically include the EU AI Act, GDPR, and ISO 27001.
Our initial analysis confirmed their internal governance components were strong. However, they were disparate and did not yet align into the single, cohesive approach required to efficiently manage the overlapping demands of the EU's digital regulatory landscape (e.g., the AI Act, GDPR, and NIS2). This structure was creating the exact inefficiencies and gaps that Alto Health was determined to avoid.
With a clinical launch and seed funding round approaching, Alto Health needed a partner to strip away this complexity. They sought a clear path to unite these, at times conflicting, regulations into a single compliance roadmap, formalising their governance to achieve a defensible, "always-audit-ready" platform.
Marita Kenrick, Co-founder of Alto Health, described the situation: "We understood our technology's potential, but we also recognised the complexity of the regulatory landscape. We were looking at the EU AI Act, GDPR, and MDR... We needed a strategic partner with deep expertise in cyber, privacy and AI compliance to provide a clear path forward."

The Power of Customised Client Solutions

Reflecting on the approach, Marita Kenrick commented: "The recommendation to build an Integrated Management System was a key moment for us. Instead of managing separate, siloed compliance programmes, Dawn Horizon provided a unified framework... Lee's & Eoghan’s guidance was always practical and focused on actionable steps. The collaborative workshops helped build our internal capabilities, ensuring the new processes were embedded in our organisation."

Our Solution

Our engagement was structured into three distinct phases, tailored to Alto Health's maturity and designed to build momentum. Each phase concluded with key deliverables to directly address their core request: how to best leverage and integrate their existing QMS.

Phase 1, Kick-off and Mapping, began with initial workshops to establish a regulatory trigger map. This phase delivered the critical classification of their platform as a "high-risk AI system" under the EU AI Act, a foundational input for the overall strategy.

Following this, the Phase 2 Midpoint Assessment focused on a detailed compliance gap analysis against GDPR, ISO 27001, and the AI Act. We then delivered a draft risk register and a clear outline for enhancing their existing QMS to manage these new requirements holistically, confirming the integrated approach was viable.

Then Phase 3, provided the Final Roadmap, delivering the cornerstone of our recommendation: the Integrated Management System (IMS). This approach was explicitly designed to solve their challenge of disparate, siloed governance. It validated the use of their existing QMS and provided the 'clear path' they sought.

The tangible value for Alto Health was delivered through two key components of this final phase:

Clear strategic guidance on connecting the enhanced IMS to their broader corporate risk framework,
And a tactical, actionable roadmap for delivery.

This plan strips away complexity by bridging high-level compliance objective. with concrete implementation steps, giving them a clear, sequential path to follow.

The Results From The Team

Our structured, three-phase engagement provided Alto Health with a unified foundation for growth and governance, delivering on their goal to break the trend of siloed operations.

The project delivered the single, actionable roadmap they needed, replacing ambiguity and process conflict with a clear, holistic path. This validated their decision to leverage their existing QMS, providing them with both strategic clarity and operational efficiency.

The resulting Integrated Management System (IMS) and tactical roadmap offer a solid foundation for a safe and compliant market launch, directly supporting their objective of an "always-audit-ready" platform.

Internally, the solution delivered the integration of their risk management processes within a single QMS, allowing them to cover AI-specific challenges alongside existing security and privacy requirements holistically. Externally, this unified and demonstrable compliance posture has become a key business enabler. By embedding "Trustworthy AI" principles into its integrated framework, Alto Health can now provide critical assurance to investors, partners, and future healthcare clients.

Lee Bristow

Providing specialist input on AI Governance, Cyber Governance, ISO/IEC 27001, ISO/IEC 42001, risk management strategies, and data protection.

Responsible for overall project delivery and all workshops.

Eoghan Kenny

Providing specialist input on GDPR, data protection, and medical data governance, and providing contingency and quality oversight across the full engagement.

The Power of Knowledge

Concluding the project, Marita Kenrick stated, "Working with Dawn Horizon has been an important strategic step for Alto Health. We now have a clear roadmap that provides our stakeholders with a high degree of confidence in our governance. They listened to our specific challenge and provided a path to unification, not just more complexity. That unified approach is fundamental to delivering value and building lasting trust with our clients."

BOOK YOUR FREE CONSULATION

Is your company preparing to launch an AI product?

Ensure its success and compliance with responsible AI practices. Contact Dawn Horizon today to learn how we can help you navigate the complexities of AI governance and secure a successful product launch. Don't start on a blank page.