NHS standards framework aims to set the bar for quality and efficiency

NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS

NHS Digital has published a standards framework for the NHS, which all health and care organisations – as well as suppliers – will have to adopt.

The framework, which was published alongside health and social care secretary Matt Hancock’s technology vision for the NHS, sets out both current and future standards requirements.

Although most of the standards in the framework aren’t necessarily new, they are “intended to be a clear articulation of what matters the most in our standards agenda, and is accompanied by a renewed commitment to their implementation,” said NHS Digital CEO Sarah Wilkinson in the framework’s foreword.

Speaking at the UK Health Show on 25 September, Wilkinson said the potential for use of data in the NHS is huge, but the health service needs to get to grips with standards to reap the benefits. 

Most of the standards in the framework, which is currently in beta form and out for consultation, are based in international ones, however some are specialised for the NHS.

This includes using the NHS number as a primary identifier – a standard which has been in place for a long time, but has had mixed results in uptake. The framework said the standard “is live now and should be adhered to in full immediately”.

Identity and security

The framework also highlights use of the NHS Citizen ID platform, which aims to be the standard way for patients to prove who they are when accessing NHS services and records online. The identity assurance platform is currently being trialled.  

“In the future, all NHS systems used by patients should check personal details using the ‘NHS Login’ system,” the framework said, adding that systems used by NHS staff “must check that staff are authenticated and authorised using the NHS identity platform”.

“These two systems will ensure that only approved and authorised people can view sensitive or confidential data, making patient data safer, and making systems easier to use,” it said.

Once the two identity programmes are fully operational, the standard will be a requirement, which “must be adhered to”.

NHS organisations also have to follow the 10-point data security model set out by national guardian for health and care Fiona Caldicott

There are also specific standards for a range of topics, including data sharing, cloud services, clinical coding and the use of application programming interfaces (APIs).

Health secretary Matt Hancock said the framework, together with his tech vision, will drive the government’s goal of making the NHS the “most advanced health and care system in the world” through modern technology architecture, a focus on user needs, privacy and security, interoperability and inclusion.

“All new IT systems purchased by the NHS will be required to meet the standards we set out and, in time, existing services will need to be upgraded to meet these standards,” Hancock said in his vision.

However, as revealed by Computer Weekly in an exclusive interview with Hancock, NHS organisations won’t be given any extra funding to ensure they are up to scratch with the new requirements.

Read more about NHS IT

Read more on IT legislation and regulation

Data Center
Data Management