You can’t sell or pilot digital health technologies in the UK NHS and Social Care without DTAC and Clinical Safety compliance!
The Digital Technology Assessment Criteria (DTAC) is the UK national baseline criteria for new and existing digital health technologies. Each and every digital technology that is procured, trialled or piloted by the NHS or social care needs to “pass” a digital technology assessment. Therefore, this applies to all health IT being used in the NHS and social care settings and not only medical devices. Examples of digital health technologies that require a DTAC are electronic patient record systems, wellness apps, telemedicine, Software as a medical device, AI as a medical device, triage systems, GP platforms etc.
DTAC is currently under review and Psephos are part of the review process, speak to us to understand the latest.
It is important to understand that every time a new feature is added, or a change made to the digital health solution the clinical safety documentation must be reviewed, updated as needed and changes reflected throughout DTAC to ensure compliance with the requirements.
Work with Psephos to see which DTAC requirements apply to your digital health solutions and rapidly achieve compliance for procurement and throughout the lifecycle of the product. We walk you through the entire process helping you to build and maintain the required system and documentation. If you have multiple products, each one would need to be assessed against the DTAC.
Get in touch with Psephos to ensure your procurement to the NHS or Social Care runs smoothly https://www.psephos.com/contact-us
DTAC - 5 core areas
Source: NHS England
Legislation and Guidance
- Clinical safety management system
- Risk management hazard log
- Clinical safety case report
- Clinical safety management plan
- Approval by a clinical safety officer
DCB 0129 – Clinical Safety for the digital health developer
DCB 0160 – Clinical Safety for the buying organisation e.g. NHS trust
- Data flow map identifying the data assets and data flows
- Data protection impact assessments (DPIA) by which the flow of data is governed.
- Data sharing agreements
Data protection Act 2018 (GDPR)
8 Caldicot Principles
10 National Data Guardian (NDG) standards
NHS Data Security and Protection Toolkit (IG Toolkit)
- Validation, verification, load testing, performance. Regression, security, penetration, integration, unit and where applicable bias testing
- Multi-Factor Authentication
Cyber essential certification
IEC 62304- software lifecycle requirements
NHS Data Security and Protection Toolkit
- Assessment of the interoperability of the digital health technology with NHS and social care systems whilst maintaining technical assurance
NHS Interoperability Standards
Usability & Accessibility
- Benchmarking and accessing usability and accessibility ratings
- Usability studies and file
- Accessibility Statement
- System Usability Scale (SUS)
MHRA – Guidance on applying human factors to medical devices.
ISO/IEC 62366 – Application of usability engineering
ISO 9241 – Ergonomics and human system interaction
NHS internet first policy
WCAG 2.1 Level AA