How to Design New Digital Products in Compliance Heavy Sectors 2

How to Design New Digital Products in Compliance Heavy Sectors

Every industry is different, but when it comes to successful digital design, most business sectors have regulations to consider.

Some industries that are typically considered ‘compliance heavy’ include banking, telecoms, and healthcare. 

The Information Commissioner’s Data Protection principles affect almost every type of business. Failure to follow these regulations can lead to a fine of up to 4% of worldwide group turnover.

When designing new digital products, security is a top priority. Individuals and businesses are becoming increasingly reliant on apps. That means it’s vital to protect the data and privacy of each user. The government’s National Cyber Strategy and Plan for Digital Regulation sets out the requirements. 

When should I start thinking about compliance and regulations?

As early as possible. In most cases, the purpose of regulation is to protect individual consumers and society as a whole. Factors such as privacy, security, and physical safety are the driving force behind these regulations. 

Any business that wants to introduce a new product to the market must gather input from a variety of sources. This includes everything from device and software engineering to quality control and manufacturing. 

With so many contributors, regulations must be considered at the earliest possible stage. This will help to avoid facing regulatory obstacles later in the process. Failure to consider regulations could lead to a hefty bill at a stage when it is more expensive to make changes to the design. 

Try not to view compliance as restrictions. If you reframe the concept as guidelines to work within, this may help to remove the idea that they are restricting your creativity. The most important thing is to gain a clear understanding of the regulations that you’re working with. 

Our approach – LION+MASON

Being aware of regulations at the earliest possible stage is key to our design process. We include representatives from our legal and compliance teams at every stage of the design process, including: 

    • Initial workshops to discuss product ideation
    • Early product design
    • Simulation and prototyping
    • Scaling and sale of the product

In doing so, we ensure that compliance underpins the entire design process. This means the appropriate regulations are part of every decision that we make. 

It also helps to reduce the risk of needing to make costly design changes. The cost of making changes tends to rise as we progress to the latter stages of the process. 

For example, making changes during the first or second stage would cost less than having to make them during the manufacturing stage. This is because we would have to revisit earlier design decisions that have already been justified and verified.  

Our work with Little Journey is one example of our approach. Little Journey is a digital eSupport platform. It’s designed to reduce anxiety in children undergoing healthcare procedures.

We were enlisted to create a participant administration portal, for use by research staff conducting international drug trials.  

During the design phase, we had to consider relevant healthcare regulations. This included the Records Management Code of Practice for Health and Social Care 2021.

Failure to Consider Regulations – What are the Consequences?

Case Study – myNurse

myNurse, a start-up business in California, stopped trading after a major data breach in March 2022. Personal data such as names, dates of birth, medical information, and insurance information was accessed by an unauthorised person. 

This data breach may have been the result of inadequate encryption. Apps for health care need personal, sensitive information to run. This means they must always be adequately protected and securely encrypted. 

When designing healthcare apps, data protection must be considered at every stage of the process. This also applies to any type of app that requires sensitive information to run, including banking apps.


The ideation stage often begins with a blank canvas, and at this point the possibilities can seem endless. 

Encouraging input from legal and compliance experts at the earliest possible stage is vital to the design process for every digital product or service.

With this input, it’s easy to start building the foundations for a product that is compliant with regulations.


Andrew Machin
Andrew Machin

With over 25 years’ experience in UX and digital strategy, Andrew has helped many national and global brands such as John Lewis, Harley Davidson, Johnson & Johnson, and Interflora create exceptional digital product experiences.

Through the success of such projects Andrew has received high-profile accolades that span innovation, strategy, and design, such as the Dadi Grand Prix Award and the Digital Impact Award for Innovation.

This experience has led to Andrew judging digital design awards, been featured in .net magazine, lecturing at Leeds university, and speaking at seminars and conferences across the UK.

Articles: 109

Newsletter Updates

Enter your email address below and subscribe to our newsletter