Digital clinical safety assurance

Version 1.1, 28 July 2023

This guidance is part of the Clinical safety section of the Good practice guidelines for GP electronic patient records.

What is digital clinical safety assurance?

Clinical safety is the concept of eliminating unacceptable clinical risk to patients.  The term ‘clinical risk’ is used to emphasise that the scope is limited to management of risks related to clinical safety rather than other risks such as information governance, financial and legal risks

The provision and deployment of health IT systems within the NHS can deliver substantial benefits to patients. These systems may, however, have design flaws, be incorrectly used, or simply fail, all of which have the potential to harm those very patients they are intended to benefit. 

Digital clinical safety assurance is the process by which health IT used by care professionals is assured as safe and meets the required national standards. These standards are the DCB0129 and DCB0160, which relate specifically to clinical safety and are published under section 250 of the Health and Social Care Act 2012. Compliance with these standards is mandatory under the Act.

The standards require manufacturers of health IT systems and healthcare organisations to carry out particular types of risk assessment on the product or health IT solution. These processes help the manufacturer or health care organisation assess whether the product is safe to use in a live environment with real patients.  

Clinical safety assurance is, in essence, a clinical risk management activity.

What are DCB0129 and DCB0160?

The two standards issued by the NHS relating to digital clinical safety are:

  • DCB0129Clinical Risk Management: its Application in the Manufacture of Health IT Systems. This standard is designed to help manufacturers of health IT software evidence the clinical safety of their products. Any health organisation looking to implement a solution can request, and should be provided with, this documentation.
  • DCB0160Clinical Risk Management: its Application in the Deployment and Use of Health IT Systems. This standard is designed to help health and care organisations assure the clinical safety of their health IT software.

At first glance the standards and requirements may appear very similar. The fundamental premise is that the manufacturer carries out a risk assessment and analysis and documents the findings. These are then presented to the healthcare organisation through a number of deliverables such as compliance documents and hazard analysis. 

The health organisation considering the adoption of the manufacturer’s product then, in turn, looks at how it is going to adopt and configure the product within its own organisation. This may need further analysis and a further risk assessment may need to be conducted which is particular to the organisation.


Each of the standards have numerous requirements which are set out in the documents. 

When do they apply?

Not all digital solutions are subject to formal clinical safety assurance.  In some cases it’s suggested/advised, whilst in others it’s mandated. There is a tool designed by the NHS to help determine the applicability of the DCB0129 / DCB0160 and this can be found on the NHS Digital website.

Who needs to be involved?

Both standards, regardless of whether you are a manufacturer or a healthcare organisation, require you nominate an individual to be the Clinical Safety Officer (CSO).  The CSO must be a senior clinician and have a current registration with a professional body such as the General Medical Council (GMC) or Nursing and Midwifery Council (NMC).  They must also have sufficient training in clinical safety and clinical risk management.   An individual general practice may not have the expertise within their organisation so it may be appropriate to approach your commissioning organisation or primary care network (PCN)  for advice. 

NHS Digital offers training in clinical risk management.

The CSO will be responsible for the process as defined in the standard.  This may include undertaking or overseeing the clinical risk management activities, which may include:

  • hazard workshops
  • evaluating the evidence that clinical risks have been mitigated or accepted
  • ensuring that the risk management processes are documented and recorded appropriately
  • reviewing or developing key documents such as the clinical safety case report, hazard log and clinical risk management plan

These processes are beyond the scope of this document but are defined in both standards DCB0129 and DCB0160.


Digital clinical risk management has to be a rigorous, methodical, and clearly documented process to ensure that any clinical risks have been assessed and if required, mitigated appropriately.  This rigour is required both from the perspective of compliance with the standards and ultimately to ensure that the product is safe for patients. 

Both DCB0129 and DCB0160 outline how the clinical risk management activities should take place and how they should be documented.

Clinical risk management activities

A clinical risk assessment is a process by which each of a particular product’s functions is analysed.  This can be from various perspectives and use cases.  It considers ‘what if’ scenarios and how they may have a clinical impact and present a clinical risk to a patient.  These potential sources of harm are described as hazards. It is through a rigorous process of clinical safety assurance that these hazards are considered, as are the controls or mitigations that may need to be put into place to prevent, mitigate, or minimise those hazards.  These risks also need to be evaluated in a systematic way to determine what is considered acceptable. 

Hazards are documented in the form of a ‘hazard log’.  The hazard log is a key document as it underpins the work carried out to evaluate the clinical safety of a product. 

There are various methods of identifying hazards and these are described in the DCB0129 and DCB0160 standards (Appendix B) such FFA (Functional Failure Analysis) HAZID (Hazard Identification) SWIFT (Structured What-IF Technique) Fishbone Diagrams. 

Hazard log

This is a formal document specified in DCB 0129 and DCB 0160 which describes all the hazards that have been considered attributable to the product.  It describes the hazards, potential clinical impact of those hazards, mitigations and controls and final assessment of risk.

Once this analysis has been completed, it is presented more formally as the clinical safety case. 

Clinical safety case (as defined in the DCB 0129 and DCB 0160)

The clinical safety case is a structured argument which is supported by a body of relevant evidence that provides a compelling, comprehensible, and valid case that a system is safe for release.

When should digital clinical risk management activities occur?

The clinical risks that need to be considered depend on the phase in the product lifecycle.  Implementing a new product will have different risks to the decommissioning or maintenance of a product in a health IT environment. 

There will be various requirements, such as the need to maintain a safety incident log, throughout the lifecycle of a product, and processes to reassess risks as they are identified during the use of a product.  When safety incidents occur they can often have importance beyond an individual practice and should be raised with the manufacturer, the responsible commissioner and nationally through systems such as the learn from patient safety events (LFPSE) service.

Further guidance on the clinical safety standards

For the complete specification and accompanying guidance documents please see the resources below.  They provide definitive guidance on what should be included and what to expect of each of the standards:

Importance of clinical safety assurance for general practice

General practice is becoming more and more digitally diverse.  The GP IT estate now comprises a myriad of IT systems, both clinical and administrative, that form part of routine care of patients.  The GPIT Futures framework goes someway to assuring these solutions against a set of overarching standards.  A practice does, however, need to understand the context in which a particular IT solution is being deployed. 

Practices need to make sure they understand the risks involved in using a digital solution in primary care.  To do this, the practice needs to understand the clinical risk assessment carried out by the manufacturer (the DCB0129 process) then re-evaluate and form their own risk assessment in the form of the DCB0160.  This will ensure the practice understands not only the solution itself but what it needs to put in place to operate the solution safely within that particular GP organisation.

The standards apply equally where practices use solutions outside of the NHS digital buying catalogue but which involves the handling and processing of patient data.  These include sub-contracting of primary care services, engaging a digital service (software or hosting) provider or a physical record handling service (e.g. scanning or archiving patient records).

For some programmes there have been national risk assessments such as total triage solutions in primary care during the COVID 19 pandemic.  Although some of the more formal aspects of the assurance will have been completed, each practice still needs to understand the risks and mitigations required to operate safely.  This can be achieved by ensuring the activities described in the DCB0160 are carried out.

Similarly, integrated care boards may help practices carry out some of the DCB0160 activities but ultimately GP practices still remain responsible for the activities and mitigations required to operate digital solutions safely.

Other helpful resources