If you are a healthcare provider using a digital technology for patient care, NHS England now expects you to ensure that it has been formally assessed as being safe to use. The Digital Technology Assessment Criteria for Health and Social Care (DTAC) is the name of this formal assessment.
Introduced in 2021 by NHSx, DTAC is an assessment that gives staff, patients and citizens confidence that digital health technologies used have met the NHS’ standards in 5 required categories:
- Clinical Safety
- Data Protection
- Technical Security
- Interoperability
- Usability and Accessibility
Together they form a national baseline criteria for digital health technologies that are entering and those that are currently utilised in the NHS and social care.
DTAC was established to allow healthcare organisations to assess suppliers at the point of procurement or part of a due diligence process. By doing this, it aids the NHS and social care to realise the benefits of technologies and ensure that they meet a certain standard.
Companies who are seeking to understand what the NHS is looking for when it procures technologies can use DTAC to build their products ‘by design’ to the established criteria.
Technologies are assessed to ensure that clinical safety measures are in place and companies actively participate in clinical risk management, data protection, technical security and interoperability strategies.
In December 2022, ECG On-Demand was independently judged to be DTAC compliant by NHS England.
Perhaps the most important part of DTAC is the DCB0129 clinical risk assessment, where a set of requirements that ensure and promote the effective application of clinical risk management must be met. The appointment of a clinical safety officer (CSO) is a mandatory requirement. At ECG On-Demand, we employ an external CSO who is independent to our company to ensure that all system changes that we make are extensively scrutinised to ensure clinical safety.
ECG On-Demand uses the Health and Social Care Network (HSCN) network as it provides reliable, safe, efficient and flexible sharing of clinical data between ourselves and the centres we provide Holter analysis for. The HSCN is a bespoke data network for healthcare organisations that protects organisations from the most sophisticated data threats. By using the HSCN, sensitive clinical data is never shared over the internet.
Furthermore, ECG On-Demand holds Cyber Essentials Plus certification. Independent certification reassures our service users that we take data protection and security very seriously.
Our technical infrastructure is secure by design. Our services are hosted within ISO 27001 data centres in the UK. The ISO 27001 standard promotes a holistic approach to information security in which people, policies and technology are vetted. By following this standard, our technical infrastructure can be deemed a tool for risk management, cyber-resilience and operational excellence as quoted by ISO.
The last stage of the DTAC process, ‘usability and accessibility’ results in a conformity rating being allocated after assessment. At ECG On-Demand we are proud to say that our conformity rating is a respectable 80%. We are always working to improve.
All things considered, processes such as DTAC are crucial to ensuring that NHS and social care organisations are confident in their procurement of digital technologies to aid and improve current service delivery.
ECG On-Demand has taken every measure to establish that we can provide a safe and secure way to outsource Holter analysis. If your current Holter analysis supplier has not completed DTAC, are they taking clinical safety seriously?
