Skip to content
8Fold governance Logo With Text Horizontal
  • DTAC
  • Services
    • DTAC
    • Cyber Security
    • Data Security & Protection (DSPT)
    • Interoperability, Accessibility & Usability
    • Clinical Safety & DCB0129
    • Information Governance
  • About
    • Meet the team
    • Join us
  • News
    • Blog
    • Case Studies
  • Contact
Menu
  • DTAC
  • Services
    • DTAC
    • Cyber Security
    • Data Security & Protection (DSPT)
    • Interoperability, Accessibility & Usability
    • Clinical Safety & DCB0129
    • Information Governance
  • About
    • Meet the team
    • Join us
  • News
    • Blog
    • Case Studies
  • Contact
  • +44 (0)1273 569172

← From our blog

DCB0129 & what a good Clinical Safety Officer (CSO) brings to digital health tech solutions

← From our blog

DCB0129 & what a good Clinical Safety Officer (CSO) brings to digital health tech solutions

Check out our Clinical Risk Management and Clinical Risk Officer services

What a good Clinical Safety Officer (CSO) brings to digital health tech solutions

One of the main aspirations when introducing technology into healthcare processes is to improve clinical safety and patient outcomes. Whether that is something as simple as providing secure messaging between patient and clinician to improve access, to sophisticated artificial intelligence-powered algorithms that aid the diagnostic process in picking up issues that may have otherwise been missed. Introducing new technology, however, usually requires changes to existing workflows and ways of doing things that may have been established and honed over many years. When introducing your new system into this mix, consideration has to be given to what could go wrong in the effort to reduce existing risks and what new risks are potentially being added? This is where the practice of clinical risk analysis comes in.

Clinical Risk Analysis – DCB0129 & DCB0160

Clinical risk analysis should be a vital part of the software development lifecycle for healthcare IT systems in the same way one would consider software quality, performance and security. In the UK, this is enshrined in law under the Health and Social Care Act 2012. The Act mandates compliance with two standards which are published by the Data Control Board – DCB1029 and DCB0160. DCB0129 sets the clinical risk management requirements for manufacturers of health IT systems. It defines the processes you must have in place to ensure that released software is clinically safe and the set of documentation that must be maintained and kept updated with each release. It mandates that a named Clinical Safety Officer is in post with the responsibility of ensuring that processes are followed. The CSO is responsible for signing off on the clinical safety of each release. This individual must be an experienced clinician knowledgeable in risk management in clinical domains. DCB0160 is a very similar document looking at clinical risk from the perspective of healthcare organisations that are deploying the software.

The standards are actually fairly well written and clear. NHS Digital offers training on these for CSOs and others wishing to learn more, which are well worth attending. These are usually face-to-face but have been moved online during COVID.

It is important to ensure that this does not become a ‘tick box exercise’ with a remote CSO being fed information on software changes and rubber-stamping the new versions of safety documentation prior to every release. Clinical safety should form an integral and integrated part of the software development lifecycle. It is important that this is a multidisciplinary effort as different parts of the organisation will have a part to play. For example, design decisions made early in the development process can have safety consequences that are expensive to undo later; complaints received by your support desk may indicate an underlying unidentified hazard; discussions had with customers by your success team may reveal unintended use of the software which introduces unexpected risk. 

One way to ensure multidisciplinary ownership is to set up a clinical risk team which should be headed by the CSO. This team should consist of senior representatives from development, product, success, QA, customer support, R&D, etc. – as appropriate for the structure of your company. Each of these would be responsible for any aspect of the process e.g. the customer support lead ensures that all potential incidents are brought to the group for discussion, the product ensures that clinical safety is considered early in the design of a new feature, etc. The responsibility of the CSO is to ensure that there is sufficient training and documentation of the process so that everyone knows and fulfills their responsibilities. This is confirmed by periodic audits of the process.

Despite the documentation and NHS Digital training provided, a common confusion for implementing organisations is how to translate the requirements into a process that actually works within their context. It’s fine knowing what the outputs of the process need to be, but at a practical level how do you actually achieve that? This can particularly be true in an agile working environment. The documentation does seem to assume a more ‘waterfall’ approach with distinct stages of software development and clean progression from one to the next – design, implementation, QA, release. However, most modern companies will work in a much more dynamic manner with frequent software releases, small iterations of functionality, releasing just enough for the current use case with planned subsequent improvements. The clinical safety process must be adapted to support this. Even if you are releasing every week it is still absolutely essential that every change has gone through the risk analysis process and the clinical safety of each release is signed off. This can only work if the clinical safety process is also agile. In my experience, this works best if the clinical safety steps run in cadence with the release cycle and that the clinical safety team has a detailed overview of the content of each sprint. This ensures that nothing is missed, clinical safety discussions can happen early and there are no surprises when it comes to release time. 

Here at 8foldgovernance, our clinical safety team consists of clinicians who have hands-on experience of software development and product management in agile environments. We have helped organizations create clinical safety processes which are customized for them, integrated into their development practices, and more importantly, ensuring that clinical safety thinking is inculcated throughout the organization. Whether you are starting from scratch with this or just need some advice we can help. From just providing advice to get you started, to working with you to set up a clinical risk management processes and getting the initial set of documentation in place, to managing the ongoing process providing an appropriately experienced and qualified clinical safety officer for your team, we’re happy to help.

Do you meet the statutory requirements under DCB0129?

To you ensure that clinical safety is a core practice for your organisation and that the statutory requirements for health IT in the UK (DCB0129) are met, contact us for a no-obligation call. We’ll help you to understand what your obligations are and also what needs to be done to ensure that you are compliant with the mandatory requirements.

Gurpreet Sarai

Gurpreet Sarai

Gurpreet is an experienced communicator with specialist knowledge of the health-tech industry. Her early career started in the NHS where she led pioneering communications programmes for the primary, acute and social care sectors, before delivering a number of central Government funded programmes to improve information sharing practices and policies across the Department of Health, Department for Work and Pensions and the Home Office. As someone who is able to articulate a vision into reality, Gurpreet has developed a number of health-tech brands, including the digital health records market leader.

Published:

  • October 21, 2020

Posted In:

  • Clinical Safety

SHARE THIS POST

Facebook-f Twitter Linkedin-in Envelope

Book your free, no-obligation discovery call with our experts.

If you need for support with any of your information governance and compliance needs including, DTAC, DSP Toolkit and Clinical Safety (DCB0129 and DCB0160), please get in touch for quick no obligation chat.

Book your call now
Book your call now

Other articles

History Lesson in Compliance

A Quick History Lesson in Health & Care Compliance

Read article →
Insource DTAC case study

Case Study: Insource – The route to DTAC compliance

Read article →
What is Clinical Safety?

What is Clinical Safety?

Read article →
8fold Zen Logo

+44 (0) 1273 569172

info@8foldgovernance.com

DTAC SERVICES

  • Full DTAC Support
  • Information Governance
  • Clinical Safety
  • Data Security & Protection
  • Interoperability, Accessibility & Usability
  • Cyber Security

LINKS

  • About
  • News
  • Join Us
  • Case Studies
  • Contact
  • Charity Work
DSPT Data Security And protection Toolkit 8Fold
Information Governance Badge 8 Fold
8 fold governance net promoter score
The Green Web Foundation Score 8fold governance
Cyber Essentials Trademark
B1G1 Logo

 Privacy Policy | Cookie Policy | Terms & Conditions

© 2023 8Fold
8Fold governance Teal Zen logo

+44 (0) 1273 569172

info@8foldgovernance.com

DTAC SERVICES

  • Full DTAC Support
  • Information Governance
  • Interoperability, Accessibility & Usability
  • Clinical Safety Data
  • Security & Protection
  • Cyber Security

LINKS

  • About
  • News
  • Case Studies
  • Contact
Cyber Essentials Trademark
Green Wen Foundation 8Fold
8Fold Net Promoter Score

Customer

Satisfaction

Rating

B1G1 Logo

 Privacy Policy | Cookie Policy | Terms & Conditions

© 2023 8Fold
X We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies. However you may visit Cookie Settings to provide a controlled consent.
Read More ACCEPT Cookie settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
Save & Accept