Recent audit exercise will also be used to help create a public database of compliant products

Credit: Gerd Altmann/Pixabay

NHS bodies are to submit “action plans” outlining how they will support non-compliant technology suppliers to meet the health service’s required standards for digital services and products.

In cases where tech firms continue to fall short of the requirements set out by health service, NHS organisations are encouraged to “consider contractual measures” to ensure compliance, according to health and secondary care minister Will Quince.

The Digital Technology Assessment Criteria guidelines were first published in February 2021 by NHSX – which has now been subsumed into NHS England. The standards were created with the intention that they could be used by all NHS entities as “the default criteria against which all digital health technologies that are being considered for use are assessed against”.

DTAC provides a checklist that can be downloaded and filled out by technology suppliers to demonstrate compliance with the standards. NHS bodies, meanwhile, are advised that “as part of each new procurement process or contract renewal, [they] should ask the developer to complete the DTAC by responding to the question set and providing the evidence required, [and] should also put in place processes to re-assess those elements that have an expiry date or are subject to change with product iteration”.

In October 2022, the assessment guidelines formed the basis of the first-ever NHS Digital Health Technology Standards Audit – a nationwide exercise in which health-service bodies were asked to report back on the extent to which their technology estate and IT suppliers complied with DTAC.

Related content

• NHS health-inequalities body flags up potential of apps and digital services
• Mental health: NHS looks to digital and data to close ‘historic treatment gap’
• NHS Digital cites transformation ‘turning point’ after £750m investment in FY22

Once the results of the audits have been analysed, NHS entities will, where necessary, be required to “submit remedial action plans” for systems and providers that currently do not meet DTAC standards or have not yet been assessed.

“The intention from remedial action plans is that NHS organisations ensure that all the companies that supply technologies or provide digital services are complaint with the minimum legislation and NHS standards that are in place to protect patients,” Quince said. “Actions plans will be led by NHS organisations and will focus on working with suppliers to swiftly achieve compliance. If compliance cannot be achieved, then NHS organisations will need to consider contractual measures that can be used. Any products that are identified as being in breach of Medical Device Regulations will be reported to the Medicines and Healthcare products Regulatory Agency.”

While there are no plans to “no plans to publish the results of the audit” in full, the government intends that the exercise will be used to help create an online database of products that have been confirmed as compliant with DTAC. The launch of such a platform is pencilled in for early next year, the minister indicated.

“The directory of products meeting Digital Technology Assessment Criteria standards is an ambition for late 2023/24,” he said. “It is intended that this will be publicly available.”

The minister’s comments were made in answer to a series of written parliamentary questions from Julie Elliott, the Labour MP for Sunderland Central.