DCB0160s are mandated to prove that health IT systems have been continually and adequately assessed for risks to patient safety. The number of systems, how they interact, and the functionality they deliver are increasing. DCB0160 provides four key things:
A process to assess and reduce risk.
A reference point for what has and hasn’t been risk-assessed.
The ability for internal organisational scrutiny of the level of risk involved.
An audit trail ensures that activities are as safe as practicable.
In addition to providing Top Management assurance that technologies procured or in use are safe, the DCB0160 also provides an audit trail that the CQC may request. This will become more common as the number of health technology systems on the market increases.
The DCB0160 applicability guidance makes it clear that it applies to all health and social care organisations that deploy and use Health IT Systems in the UK. This includes publicly funded health and social care organisations. This standard reflects NHS England’s recognition that while digital systems can improve healthcare, they also have the potential to cause harm if not properly managed throughout their lifecycle. The DCB0160 provides a standardised, structured methodology for assessing and mitigating risks from digital systems in healthcare settings.
The DCB0160 provides a standardised and structured methodology for assessing and mitigating risks from digital systems in healthcare settings. It requires a multidisciplinary team to undertake the following activities for each health IT system:
Undertake risk management activities stipulated in a Risk Management Plan
Document the hazards and patient harm that can be caused in a Hazard Log
Summarise the safety of the system for Top Management to approve in a Clinical Safety Case Report
Monitor clinical incidents or near misses and record them in an incident log
Ensure the Hazard Log and Clinical Safety Case Report are up to date
Achieving DCB0160 compliance requires a systematic approach to clinical safety, focusing on three key areas. Firstly, implement a robust Clinical Safety Management System with clear policies and processes for managing clinical risk throughout the health IT system's lifecycle, including hazard identification, assessment, control, and incident reporting. Secondly, conduct thorough, iterative clinical risk assessments at design, development, deployment, and ongoing use stages to identify hazards, evaluate likelihood and severity, and determine mitigation strategies. Finally, document comprehensive evidence of compliance, maintaining records of all clinical safety activities.
A key challenge in achieving DCB0160 compliance is obtaining relevant documentation and evidence of DCB0129 from the product manufacturer. This also presents a challenge when updating and maintaining documentation following system updates. NHS CSO capacity is often limited and can therefore take some time to complete the assessment.
It is recommended that DCB0160 be reviewed at a minimum of annually. It should also be reviewed and updated when system updates or new features are deployed or when it is being deployed into a new clinical area.
Failing to comply with DCB0160 can result in risks to patient safety, potential legal liabilities, and the inability to provide services within the NHS framework.
Navigating DCB0160 clinical risk management requirements is crucial for digital health innovators aiming for NHS approval and lasting patient trust. At 8fold Governance, our experienced team is here to simplify the process and support you every step of the way. Want expert guidance and actionable tips? Explore our latest blogs on DCB0160 for specialist insights and proven strategies to help you achieve compliance with confidence
Let’s see how we can help you navigate DCB0160 or any other aspect of clinical safety or clinical risk management.
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |