Skip to content
8foldgovernance master
  • Services
    • AI Governance
    • Medical Devices
      • Regulatory Roadmap
      • ISO 13485 Design & Build your QMS
      • Quality Management as a Service
      • Technical File Creation & Registration
      • UK Responsible Person
      • Post Market Surveillance
    • International Standards
      • ISO 13485 Certification
      • ISO 42001 Certification
      • ISO 9001 Certification
      • ISO 27001 Certification
    • DTAC
      • DTAC Management
    • Information Governance
      • Data Security & Protection (DSPT)
      • DSPT Audit
      • HIPAA Compliance
    • Clinical Safety and Risk Management
      • DCB0129
      • DCB0160
      • Clinical Safety Officers (CSO)
    • CQC Services
      • CQC Compliance Assessment
      • CQC Registration Support
      • CQC-as-a-Service
      • CQC Regulatory Review & Strategy
    • Cyber Security
    • Governance, Risk & Compliance Advisory
    • 8foldTraining
  • About
    • Meet the Team
    • Partnerships
    • Join Us
  • Blog
  • Case Studies
  • Contact
  • Services
    • AI Governance
    • Medical Devices
      • Regulatory Roadmap
      • ISO 13485 Design & Build your QMS
      • Quality Management as a Service
      • Technical File Creation & Registration
      • UK Responsible Person
      • Post Market Surveillance
    • International Standards
      • ISO 13485 Certification
      • ISO 42001 Certification
      • ISO 9001 Certification
      • ISO 27001 Certification
    • DTAC
      • DTAC Management
    • Information Governance
      • Data Security & Protection (DSPT)
      • DSPT Audit
      • HIPAA Compliance
    • Clinical Safety and Risk Management
      • DCB0129
      • DCB0160
      • Clinical Safety Officers (CSO)
    • CQC Services
      • CQC Compliance Assessment
      • CQC Registration Support
      • CQC-as-a-Service
      • CQC Regulatory Review & Strategy
    • Cyber Security
    • Governance, Risk & Compliance Advisory
    • 8foldTraining
  • About
    • Meet the Team
    • Partnerships
    • Join Us
  • Blog
  • Case Studies
  • Contact
  • +44 (0)1273 569172
Book a Call

← From our blog

NHS DTAC Version 2 (DTAC V2): Navigating the Next Version of Digital Technology Assessment Criteria

  • Published: September 4, 2025
  • Category: DTAC

Share this post

Avatar photo
Ryan Palmer

Share this post

Introduction to NHS DTAC Version 2 (DTAC V2)

The Digital Technology Assessment Criteria (DTAC) serves as England’s foundational framework for assessing digital health technologies, ensuring they meet essential standards in clinical safety, data protection, technical security, interoperability, usability, and accessibility.

Since its launch in 2021, DTAC—now anticipating the imminent arrival of DTAC Version 2 (DTAC V2)—has become a foundation for NHS compliance. It is widely viewed and used as both a tool for evaluating readiness and an entry point for suppliers into the NHS ecosystem. However, the pathway to its adoption has not been without challenges.

So, with the imminent release of NHS DTAC Version 2 of the assessment criteria, alongside various policy commitments made through the publication of the 10-year plan and other regulatory bodies and policymakers, what can industry hope for from DTAC Version 2?

Get ready for DTAC v2, Book a free call with our experts

The History of DTAC and the Road Towards NHS DTAC Version 2

DTAC emerged from the now-discontinued Digital Assessment Questionnaire (DAQ), which was initially used to vet products for the NHS Apps Library. The DAQ programme was dissolved following critical feedback around its inefficiencies, including misalignment with NHS priorities and a lack of value for public funds. In response, NHSX designed DTAC to set a unified standard, addressing clinical safety, data protection, and technical requirements, while being more cost-effective.

With the anticipated introduction of DTAC Version 2, or DTAC V2, industry expectations are that the next iteration will further strengthen these standards and address previous weaknesses, creating a more consistent assessment process for digital health suppliers across the NHS.

The Challenge and the Imperative for DTAC V2

The NHS is a vast labyrinth of services, and whilst they remain consistent in branding and mission, there are numerous system-level and geographic variations in how DTAC and compliance more generally are assessed.

Some organisations make it relatively simple for suppliers to evidence compliance with DTAC, whilst others have layered additional expectations on top of the minimum requirements. This presents not only duplication of effort for suppliers in addressing compliance requirements but also means that across the entire health economy, each health system may be reviewing the same information multiple times to come to similar conclusions of competency or quality.

These inconsistencies have highlighted the need for streamlining—something many hope will be addressed with NHS DTAC Version 2 (DTAC V2). The duplication and varied interpretation of the existing DTAC process present both challenges for the NHS and suppliers, but also an opportunity to promote cross-organisational working. To some extent, this has already happened with the establishment of ICB specialist groups for Governance or Clinical Safety, but due to liability issues, progress to secure ICB-wide approvals at a compliance level is challenging—verging on impossible—for suppliers. It’s also equally challenging to gain approval at a local level due to a lack of specialised resources and a prioritisation for major projects such as EPR implementations.

So how do we solve the gap in assurance?
Hopes for DTAC Version V2

DTAC’s primary purpose is clear:

To provide NHS organisations with a checklist-based approach to evaluate digital health technologies during procurement and commissioning.

But, to harness the power of this standardised assessment and help manufacturers expedite approvals as part of procurement, there need to be some systemic changes made to how DTAC is managed in Version 2 (DTAC V2):

  • Shared Liability: NHS organisations should be comfortable with their peers’ assessments of quality, and where activities such as DCB0160s and DPIAs have been completed elsewhere, they should be made available to other systems to use to prevent duplication. Needless to say, there should still be an opportunity for ‘healthy challenge’ amongst experts if they feel there has been an oversight of risk—this, after all, is how safety is achieved at a system level—but there should be shared liability across the whole NHS. Ideally, DTAC Version 2 will pave the way for this critical shift.
  • Passportability: This has to follow shared liability. The Innovation Passport will prove to be a key pillar of adoption in the future and needs to be prioritised alongside other policy commitments in the 10-Year Plan. With the aspiration to move from ‘analogue to digital’, this cannot be left at the wayside for innovation to continue to butt-heads with established processes. DTAC V2 implementation could finally create this more streamlined, portable approach to compliance across the NHS.

Looking to the Future: The Impact of DTAC V2

The DTAC framework is at a critical point, with the current consultation and related reviews offering a unique opportunity to streamline processes, clarify roles, and enhance its alignment with both the UK and international healthcare landscapes.

Stakeholders across the digital health ecosystem are watching closely, expecting that NHS DTAC Version 2 will deliver a more harmonised, effective, and supportive environment for suppliers and NHS organisations alike.

I look forward to seeing the full and final Version of the DTAC (DTAC V2) in September, following our review and feedback in July, which 8foldGovernance shared with our partners at the ABHI. I am hopeful it is complemented by a clear directive from the Department of Health and Social Care (DHSC) that it should be used as an enabler for innovation and not a wall to throw up to prevent purposeful progress.

We’re the experts that have your back.

Don’t wait for DTAC V2 to launch—get ahead now! Schedule a call with our team to review your compliance approach and get actionable insights on preparing for NHS DTAC Version 2.

Book a Call with our Expert Team

Other Articles​

Loading...

DTAC V2: What has changed, and how will this affect you

Read More →

March 30, 2026
DTAC for enterprise

The NHS DTAC – Compliance for Enterprise Health-tech Companies Made Simple

Read More →

November 17, 2025
Guide to the NHS DTAC

The Experts Guide to the NHS DTAC (Digital Technology Assessment Criteria)

Read More →

September 22, 2025
8foldgovernance master

+44 (0) 1273 569172

info@8foldgovernance.com

SERVICES

  • AI Governance
  • Medical Device Registration
  • ISO Compliance
  • Full DTAC Support
  • Information Governance
  • Clinical Safety
  • Data Security & Protection
  • CQC Services
  • Cyber Security
  • 8foldTraining

LINKS

  • Contact
  • About
  • Meet The Team
  • Blog
  • Join Us
  • Case Studies
  • Charity Work
  • Partnerships
  • FAQs
DSPT Data Security And protection Toolkit 8Fold
Information Governance Badge 8 Fold
NPSORE
ABHI Member

 © 2026 8fold | Privacy Policy | Cookie Policy | Terms & Conditions

X We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies. However you may visit Cookie Settings to provide a controlled consent.
Read More ACCEPT Cookie settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
Save & Accept