NHS Care Identity Service 2 (CIS2)

Version 1.1, 17 February 2023

This guidance is part of the Information governance and data protection section of the Good practice guidelines for GP electronic patient records.

The NHS Care Identity Service (CIS) application is the identity and access management service for the NHS.  It comprises user management, role-based access assignment, and smartcard administration. 

CIS makes use of current technologies and smartcards to allow health and care professionals in England to authenticate their identity when access to national clinical information systems is required. 

Access to CIS is currently only through the Health and Social Care Network (HSCN, formerly known as N3).  This access allows users with a smartcard to be securely authenticated to national clinical systems.  It requires users to have their identity verified and to have been issued with a smartcard.

Most general practice staff currently use smartcard authentication.  As well as having an HSCN connection, users need certain software installed on their machine.

What’s new?

NHS Care Identity Service 2 (NHS CIS2) is a new framework, providing a number of ways health and care professionals in England are able to securely access patient records in real time, at the point of care, as well as allowing the use of additional information and communication systems in real time.  The ability to access clinical information by authenticating identity without the need for smartcard access to the secure HSCN will transform the way mobile health and care professionals work.

It will make it easier for mobile workers to access clinical information, like patient records, securely, at the point of need, using a range of devices, without the need for a smartcard reader. 

Advances in digital technology, accelerated by the COVID-19 pandemic, also mean that a greater number of NHS staff are working remotely, from more locations.

All secure access methods, past, present, or planned, make use of multi-factor authentication which currently provides the most secure model of identity authentication.  This incorporates the principles of:

  • ‘something the user has’ in their possession, for example a smartcard, an approved device
  • ‘something the user knows’ for example pin code or password
  • ‘something the user is’, biometrics such as fingerprint or facial recognition

Benefits of NHS CIS2

NHS CIS2 aims to provide benefits in the following areas:

  • Multi-factor authentication | Enables the use of new authentication mechanisms in care settings where a smartcard may not be appropriate, where an HSCN connection is not available, but where there is an internet connection. Using a device that is associated with the user allows them to authenticate identification with biometrics (fingerprint and facial recognition) and smartcards.  In the future, there will be additional ways to be able to provide identity using the latest secure technologies.
  • Support modern health and care | Users can confirm their identity securely, in order to progress through a clinical system’s security, to access patient information at the point of need using a range of devices, for example tablets and laptops. Practices remain in full control of who is granted access to their clinical systems.  This supports modern and mobile ways of working within health and care and will simplify the effort needed to integrate an application with the authentication service.
  • Easy integration | Allowing the use of the latest operating systems and browsers, removing the need for outdated technology, and Java applets.
  • Secure | NHS CIS2 uses OpenID Connect (OIDC) the leading standard for single sign-on and identification via the internet.  OIDC is a modern, widely understood and adopted protocol that greatly simplifies the integration effort required by application developers.  It has the key benefit of isolating an application, like SystmOne, from the authentication method used, e.g., an authentication app.  To use OIDC an application makes simple secure web requests, and the identity provider (IdP) takes care of the technology, for example biometrics, needed to authenticate the user.  Because it works with modern browsers, technology systems are more secure and less vulnerable to malware and other malicious attacks.

Patient-facing benefits

There are some anticipated, patient facing, benefits, like:

  • secure, ease of access to systems that provide health and social care professionals quick and easy access to secure identity authentication – note: NHS CIS2 does not provide access to the clinical system, it provides confirmation of identity. Health and social care professionals will still progress through the specific clinical system’s security to access patient information, through password, PIN, etc.  No matter where patients have been treated before the staff member can then:
  • have the data to make the right decisions and appropriate management of patient care at that moment in timespend less time searching for relevant information
  • have better informed conversations with the patient to make decisions about personalised care
  • the confidence of staff to know and understand when and how data can be shared with others who provide care to patients for the benefit of all involved

Long-term benefits

The long-term benefits are expected to be:

  • more standardised security available on more platforms
  • the ability to confirm staff identity consistently across all services through a single staff identity system instead of the multiple systems in use now (making it easier for mobile staff, like paramedics, to be able to verify themselves at a workplace and allow them to move more freely across areas that need them)
  • easy adaptation to new requirements as CIS2 will be a web-based system as opposed to a software application
  • compatibility with modern browsers and CIS2 non-smartcard authenticators
  • usability and accessibility improvements
  • reduced development time for new products to the market
  • ability to use a larger range of devices including mobile devices.

London Ambulance Service case study

Benefits are well demonstrated by the Mobile Summary Care Record application (SCRa) currently being used by the London Ambulance Service (LAS) to access patients’ summary care records

CIS2 provides the benefit of secure authentication on mobile devices without smartcards.  It is this authentication that then allows access to SCRa. The application can be used both on iPads carried by paramedics and by call handlers working at a desktop.  In both cases the application makes the same simple HTTPS (web) call and care identity authentication takes care of the technology required to authenticate the user, based on the device they are using.  On iPads this is via the internet and fingerprint reader whereas, in a call centre, access is via a traditional HSCN connection, using a smartcard.

There are other out-of-hours and external providers currently using the same technology too. You can read the LAS case study on the NHS Digital website.

Next steps

Whilst bringing many benefits, it is understood that the transition to NHS CIS2 will take some time due to the large number of existing applications that have been created to work with the original CIS authentication service.  NHS Digital[1] has begun to prepare NHS organisations in the updating of existing identity agent clients and the replacement of smartcards.

CIS2 has been carefully designed to enable a gradual transition by adopting the following strategy:

  • developers of new applications will be recommended to adopt CIS2 in order to achieve the benefits outlined above
  • CIS2 will continue to support the use of smartcards via an identity agent
  • applications using CIS2 will be able to co-exist on a device with applications still using the CIS authentication service.

Other helpful resources