Digital Clinical Safety Strategy

Foreword

Dr Natasha Phillips, Chief Nursing Information Officer and Director of Patient Safety

Safety is everyone's responsibility. As a nurse, I know very well the importance of delivering safe care and what it looks like when everyone contributes to a culture of safety. I also know that while we aim to provide the safest care every day, safety is not just a product of our individual actions. It is the result of the environments we work in, the tools we have at our disposal and the culture around us. This means that delivering safe care requires a concerted effort across all health and care professionals, patients and the public. More than ever, it also requires a dedicated focus on digital technologies, which are increasingly integral to our health and care service.

I have seen first hand the risk that digital can present, but I have also witnessed it transform pathways, support staff and save lives. Right now we have a responsibility to ensure that the digital technologies that surfaced with such vigour during the pandemic not only have a positive legacy, but are sustained and improved upon for patients, carers and families. We need to ensure the safety of digital health technologies, but beyond that, we need to employ these technologies as solutions to safety challenges.

Through this Digital Clinical Safety Strategy, we provide a collaborative national direction towards the enhanced safety of digital technologies that is fit for the future. We pave a path towards using these digital tools to counter some of our greatest challenges to patient safety. Empowering staff with the knowledge and skills to ensure safety will help us build a culture where safety is at the heart of all that we do. I look forward to implementing this strategy, working across the system and seeing patient safety truly be everyone’s responsibility.

Professor Jonathan Benger, Chief Medical Officer, NHS Digital

The implementation of effective digital technologies has huge potential to improve safety in health and care, however this potential has not been fully realised to date. Digital technologies can enhance safety by ensuring that critical information is provided in a timely way, and by automating processes to make them more efficient while reducing the risk of error. It is also essential that digital innovation is delivered safely, and does not lead to unintended harms.

This addition to the National Patient Safety Strategy, focusing on digital technologies and presented to the same principles and structure, is highly welcome. It is also timely in a post-pandemic landscape in which NHS clinicians and the patients and public they serve have come to rely more than ever before on the digital delivery of health and care.

I am hugely grateful to colleagues in NHS Digital and all our partner organisations who have contributed to the design and delivery of this for the NHS, and who strive tirelessly to enhance and assure digital safety in healthcare. This new strategy, and the national commitments it contains, will complement and support their work as we collaborate across the system to reduce avoidable harm in the NHS.

Dr Aidan Fowler, National Director of Patient Safety

There are two really important concepts in relation to digital systems and patient safety.

First, how do we make sure that the digital systems we use work safely? With greater use of IT, AI and other digital systems, the function of which is a mystery to many, how do we make sure these do not harm patients? For example, we have seen several incidents related to algorithms recently which have the potential to affect the care of thousands of patients.

The second thing is how we use digital systems to help us keep patients safe and harness the huge potential of such approaches to help us provide safer clinical care whether by facilitating the recording of information or for monitoring or supporting decisions and much more.

This strategy, especially as the style is so well aligned with the Patient Safety Strategy, is a really helpful part of continuing our digital clinical safety journey.

Executive summary

The Digital Clinical Safety Strategy is a joint publication between NHSX, NHS Digital and NHS England and NHS Improvement. It is an addendum to the NHS Patient Safety Strategy, outlining the case for improved digital clinical safety across health and social care.

The aim of the strategy is twofold.

• To improve the safety of digital technologies in health and care, now and in the future.
• To identify, and promote the use of, digital technologies as solutions to patient safety challenges.

In other words, digital clinical safety is about making sure the technologies used in health and care are safe, and then using those technologies to improve patient safety.

Part 1 provides an introduction to patient safety and defines digital clinical safety. It summarises the evidence base behind this strategy and it explains the regulatory and policy context for the strategy.

Part 2 sets out the Digital Clinical Safety Strategy. It directly links to the NHS Patient Safety Strategy, mirroring its structure, which highlights ‘Insight, Involvement and Improvement’, as three strategic priorities for safer systems and safer cultures. Actions are outlined for each of these three areas. The strategy specifies 23 actions, which can be summarised as five national commitments.

National commitments for digital clinical safety

1. Collect information about digital clinical safety, including from the Learn from patient safety events (LFPSE) service and use it to improve system-wide learning.
2. Develop new digital clinical safety training materials and expand access to training across the health and care workforce.
3. Create a centralised source of digital clinical safety information, including optimised standards, guidelines and best practice blueprints.
4. Accelerate the adoption of digital technologies to record and track implanted medical devices through the Medical Devices Safety Programme.
5. Generate evidence for how digital technologies can be best applied to patient safety challenges.

Part 3 explains how this strategy will be delivered and updated, with a focus on patient safety and digital health networks.

This strategy establishes what is needed for digital technologies to enable safety across health and care and how that can be prioritised nationally and delivered with a range of stakeholders. This strategy’s objectives support the wider NHS Patient Safety Strategy’s aim to build safer systems and safer cultures.

PART 1: Introduction and strategic alignment

Background

Across health and care systems internationally, patient safety is a cornerstone of quality (National Academies of Sciences, Engineering and Medicine, 2018). Unsafe care is still among the leading causes of death worldwide (Kruk et al., 2018). While the NHS is seen as a leader in patient safety, rates of harm across services remain unacceptably high, and cross sector commitment is needed to establish open and transparent safety cultures.

Delivering the safest care for our patients, service users and families, and designing the safest systems for our staff, are ambitions that need to respond to the evolving nature of the health and care system. Given the prominence of digital technologies, and their essential role in clinical care delivery, it is important to ensure their safety both in design, commissioning and use. It is also crucial that digital technologies be optimised to support safety and reduce errors. The potential for digital technologies to enhance safety in areas such as prescribing, record keeping and data driven health and care is widely evidenced (Avery et al., 2012; Bates et al., 1998). However, digital technologies that are not designed and deployed with safety in mind have the potential to harm patients. Ensuring that rapidly evolving digital systems do not cause or contribute to adverse events is also a system-wide priority.

‘Digital clinical safety’ refers to the avoidance of harm to patients and staff as a result of technologies manufactured, implemented and used in the health service. It is important across digital systems’ lifecycles and is part of a culture of patient safety focused on learning from best practice and speaking up about emerging risks.

Case for change

Evidence from a safety perspective

The NHS Patient Safety Strategy explains that improving patient safety will have profound benefits for patients and reduce costs across the health system,

“....Getting this right could save almost 1,000 extra lives and £100 million in care costs each year from 2023 to 2024. The potential exists to reduce claims provision by around £750 million per year by 2025.” NHS Patient Safety Strategy (NHS England and NHS Improvement, 2019).

Six types of events (hip fracture, death in low mortality treatment groups, pressure ulcers, sepsis, blood clots and central line infections) account for 36,000 healthy life years lost each year in England. The cost of common adverse events in England is equivalent to 2,000 GPs or 3,500 hospital nurses each year (OECD, 2017). This evidence is supported by Baroness Cumberlege’s First Do No Harm report, which exposed the need to improve the response to harmful side effects associated with certain medicines and medical devices.

The role of digital as an enabler to patient safety has been emphasised on a global level by the World Health Organisation’s (WHO) Patient Safety Action Plan. The interplay between human behaviour and systems drives patient safety, and in the NHS, reducing the burden of harm described above and meeting the outcomes outlined in the NHS Patient Safety Strategy will be dependent on digital clinical safety. It will depend on technologies being both safe and appropriately applied to major safety challenges facing patients, staff and the public.

Evidence from a digital perspective

Across safety-critical industries, digital technologies are considered in terms of their opportunity to enhance safety and their potential to disrupt it. Evidence demonstrates the power of digital to support safety. Scanning technologies and programmes like Scan4Safety, that use barcodes to track data and devices, have reduced device and patient identification errors (Scan4Safety report, 2020). Digital interventions like pharmacist-led information technology intervention for medication errors (PINCER) have been effective in reducing such medication errors (Avery et al., 2012). More recently, remote monitoring technologies are demonstrating the potential to recognise early signs of deterioration, an important factor in preventing harm (Clarke, 2020). More generally, the evidence base for electronic health records (EHR) supports many aspects of safety in terms of record keeping and reliable and shared access to information. However, as the use of these digital technologies increases and new EHRs continue to replace older versions, new safety risks emerge during transitions and periods of implementation. Evidence suggests these risks can be kept to a minimum, but securing safety during transition periods will continue to be a key feature of digital clinical safety (Barnett, 2016).

The evidence base for these technologies is expanding, as is their routine use. The COVID-19 pandemic has accelerated the use of digital technologies in health and care, and subsequently increased the interest in digital clinical safety. For instance, the use of online consultation systems in primary care doubled during the early stages of the pandemic to 600,000 requests per week (NHS England and NHS Improvement, 2021), digital prescriptions rose from 72% to just over 90%, and repeat prescriptions ordered via the NHS App increased by 495% in one year (NHS Digital, 2021). From a public perspective, survey results show that 97% of UK adults who had received NHS care for any health condition since the pandemic started used technology in their interaction with the health service, and 60% of those used it in a new way or more than before (Horton et al., 2021).

While digital health technologies have been available before, the pervasiveness of their use represents a fundamental change. This rapid acceleration has placed a focus on the role of digital technologies in delivering care and surfaced a public and professional interest in their safety. It is evident that as digital systems become increasingly integral to care delivery, there is a further need to understand their safety, but also how care can be delivered safely without them, or during periods of system downtime. Evidence demonstrates that disruption caused by downtime can cause delays and confusion, which could present safety risks (Larson, 2019).

Further understanding the impact of digital technologies and issues like downtime requires a clear and efficient mechanism for capturing information about when digital technologies contribute to risk or harm.

Studies have attempted to quantify harm associated with digital systems by applying natural language processing of safety incidents reported into the NHS’s national incident repository, the National Reporting and Learning System (NRLS). This is currently being replaced with the Learn from patient safety events (LFPSE) service. In an examination of 13,738,411 patient safety incidents recorded over more than a decade in England and Wales, 2,627 individual events were identified as related to failures in health IT. Of these 2,627 incidents, 75% were amenable to improvement (Martin et al., 2019).

However, these figures should be treated with caution. Underreporting of patient safety incidents is a complex problem that obscures what is known about harm caused as a result of digital systems (Mayer et al., 2016; Sari et al., 2007). Incident reporting systems have not historically captured comprehensively digital clinical safety information or indicate the influence digital systems have in the NHS. However, greater emphasis on digital systems and technologies in the LFPSE taxonomy, as compared to the NRLS, will be valuable as digital systems become more central to care delivery and will allow for insights into a greater number of associated events.

In the NHS there is an established national infrastructure for incident reporting, which is set to be further strengthened with the LFPSE. It will provide a front door for safety reporting, with data and intelligence shared across national organisations in the background to support a culture of national learning. It is important to promote use of the LFPSE service, expand its capacity for capturing and relaying information about digital technologies, and ensure it is aligned to other reporting mechanisms to support a comprehensive risk management and learning system.

Digital clinical safety is not simply about recording harm reactively, it is also about learning and preventing it proactively. Evidence suggests that better clinical integration and local configuration of digital information systems will help identify safety problems and pre-empt harm in both acute and primary care (Avery et al., 2020; Hogan and Sherlaw-Johnson, 2020). It is equally important to capture and share this information for proactive learning, within a systems approach to safety that aims to resolve the issues at source wherever possible.

The role for technology in harm prevention is typified in communication tools, as explained by the Healthcare Safety Investigation Branch’s (HSIB) national investigation of nosocomial spread of COVID-19 in hospitals. The HSIB also recommended that:

Evidence from a patient and public perspective

The acceleration in the use of digital technologies has raised questions about people’s experience of using them and the future of their adoption and scale into normal practice. In a Health Foundation survey, patients reported that the safety of technologies was their biggest priority for the next steps of digital transformation in the NHS (Horton et al., 2021).

In the same survey, 80% of patients reported a positive experience using digital technologies for health and care needs. However, this positivity was not uniform, with people over 55 years reporting a worse experience on average and others raising concerns about the suitability and sustainability of digital approaches in general (Horton et al., 2021).

The experience of using digital technologies for health is influenced by access to the internet, online skills and digital literacy. The pandemic has laid bare the problem of digital exclusion, where disadvantaged groups have continuing unequal access and capacity to use essential information and communications technologies (Schejter, 2015; Warren, 2007), a reality which extends to about 22% of the UK population (UK Consumer Digital Index 2019). In 2020 the Office for National Statistics (ONS) reported that 96% of households in Great Britain already have internet access, however the Centre for Economics and Business Research estimated 7.9 million people in the UK will still lack digital skills in 2025. Reliable access to the internet is not equal across socioeconomic groups. Households with lower incomes not only have less internet access, but also pay more for the access they do have (Essential Digital Skills, 2020). Accounting for and reducing these inequalities is important to achieve digital clinical safety for all patients, carers, the public and health and care providers. While digital exclusion is a systemic problem, a concerted effort is needed to mitigate the risk of technology exacerbating it. Overcoming these challenges will depend on co-design and co-production between patients, the public and staff within the health and care community as well as innovators.

Strategic direction

Based on this evidence and patient and public interest, we can predict that the need for digital health technologies will continue to grow, compounding the need for a dedicated digital clinical safety strategy in the NHS to support the existing NHS Patient Safety Strategy.

NHSX’s ambition is to digitise, connect and transform the health and social care systems. A digitised, interoperable, connected health and care system will make it easier for health and care systems to form partnerships and transform services, delivering them more effectively and productively, and with the individual at the centre. To achieve this, over the next five years NHSX will support systems across the NHS and social care to digitally mature, ensure data can flow between health and care settings, and re-imagine care pathways to raise productivity, safety, experience and outcomes for patients and people in care.

The evidence for the importance of patient safety in saving lives and reducing costs is clear, as is the need to ensure digital systems are safe. Furthermore, the evidence that digital systems can be deployed appropriately to address safety issues is mounting and growing in relevance following the pandemic.

Historically, the maturity of patient safety tends to follow three sequential phases (Gandhi et al., 2016).

• ‘Superficial simplicity’, such as emulation of safety practices in aviation and other safety-critical industries.
• ‘Confusing complexity’, for example, unique healthcare characteristics and assumptions emerge and challenge the effectiveness of the new approaches.
• ‘Profound simplicity’, for instance open safety culture is seen as a foundational aspect.

This framework applies across patient safety and in the NHS, digital clinical safety practices are considered to be at the second level of maturity (Habli et al., 2018). A strategic direction is required to shift towards a culture of digital clinical safety.

Strategic purpose

The vision of this strategy is for digital technologies to enable better patient safety across health and care and for everyone to feel equipped and empowered to uphold the principles of digital clinical safety.

This strategy provides an adjunct to the NHS Patient Safety Strategy to ensure digital clinical safety across health and care. The NHS Patient Safety Strategy aims to maximise the things that go right and minimise the things that go wrong. It is integral to the definition of quality in health and care, alongside effectiveness and patient experience.

This strategy aims to:

• improve the safety of digital technologies in health and care, now and in the future
• identify, and promote the use of digital technologies as solutions to patient safety challenges

To achieve this joint aim, this strategy suggests priorities for digital clinical safety in the areas of Insight, Involvement and Improvement. These three areas are the domains used in the National Patient Safety Strategy, with insight and involvement focused on the first aim and improvement focused on the second.

The strategy includes 23 actions, which can be summarised as five national commitments.

Insight

1. Collect information about digital clinical safety, including as part of the LFPSE service and use it to improve system-wide learning.

Involvement

1. Develop new digital clinical safety training materials and expand access to training across the health and care workforce.
2. Create a centralised source of digital clinical safety information, including optimised standards, guidelines and best practice blueprints.

Improvement

1. Accelerate the adoption of digital technologies to record and track implanted medical devices through the Medical Devices Safety Programme.
2. Generate evidence for how digital technologies can be best applied to patient safety challenges.

A number of core principles support the joint aim and priorities outlined in this strategy:

• Collaboration: Partnership working between health and care staff, regulators, industry, the scientific and informatics community and patients and citizens to ensure risks are understood and managed effectively.
• Openness: Sharing of important information on potential risks to ensure appropriate escalation and mitigation activity.
• Iterative change: Identifying learning from events to ensure systems are safe and use feedback loops wherever possible.
• Proportionality: Developing processes that are proportionate to the scale, complexity and level of clinical risk associated with the programme of work.
• Inclusion: Encouraging active co-production in digital safety processes to put patients, staff and the public at the heart of digital safety.

Strategic alignment

This strategy is aligned to, and intended to support, existing health and care strategies.

Globally, patient safety is prioritised by the WHO’s Patient Safety Action Plan that positions patient safety as an essential foundational step in building, designing, operating and evaluating the performance of all health care systems. It specifically recognises digital as an enabler to safety.

The NHS Long Term Plan places a focus on the role of digital to improve patient services. Bridging the strategic gap around digital clinical safety is central to the delivery of the NHS Long Term Plan. Further to the NHS Long Term Plan, the 2021 Legislating for Integrated Care Systems: five recommendations to Government and Parliament makes recommendations to build Integrated Care Systems (ICSs) that will require integrated ways of working across settings and sectors, and digital technology can provide a driver for operating in this way. NHSX, NHS Digital, NHS England and NHS Improvement, and other arm’s length bodies (ALBs) and regulators have a critical part to play in improving digital clinical safety of health and care services. All groups will work collaboratively to ensure the technology itself is safe and makes care safer.

The NHS Patient Safety Strategy published in 2019 sets out what the NHS will do to achieve its vision to continuously improve patient safety. It also identifies the role of digital in improving safety and points to the need for a specific strategic direction in this area. Further to this, it is also important to acknowledge regulatory strategy, both in terms of the Care Quality Commission (CQC) safety strategy which focuses heavily on learning and improvement (CQC, 2021) and HSIB which conducts independent investigations of patient safety concerns and shares insights about safety challenges that are often relevant to digital clinical safety.

The Academic Health Science Networks (AHSNs) and their embedded Patient Safety Collaboratives (PSCs) already support the delivery of the NHS Patient Safety Strategy, including the regional and ICS delivery of national safety improvement programmes. AHSNs are particularly relevant to digital clinical safety, as they also support the rollout of digitally-focused improvement programmes within their geographies.

In terms of policy related to digital health and technology, the NHSX Data saves lives: reshaping health and social care with data (draft) provides a vision for how data will be used to improve the health and care of the population in a safe, trusted and transparent way. It sets out a mission to harness the potential of data in health and care, while maintaining the highest standards of privacy, ethics, and accountability. It clarifies the link between enhanced use of data and the impact on safer care. Additionally, the NHSX Artificial Intelligence (AI) Lab has been accelerating the safe adoption of AI in health and care. The NHS AI Lab works with the Medicines and Healthcare Products Regulatory Agency (MHRA) and National Institute for Health and Care Excellence (NICE) as well as NHS Resolution who support the fair resolution of safety concerns and disputes.

International and national strategy has shaped the direction of this work, but also exposed a gap around digital clinical safety. While the emphasis on safety is strong, and the priority for digital clear, a specific strategic direction for achieving technology-enabled safety is required. This is needed to establish national ambitions as well as regional and local expectations.

Strategy across health and care, however, is responsive to evolving needs of patients and the public, meaning that continuous effort will be required to ensure alignment across all relevant areas.

Policy and regulatory context

Digital clinical safety sits at the intersection of many disciplines. It is by definition a core part of patient safety as well as digital health and IT. Beyond those domains, digital clinical safety shares borders with established strategies and programmes of work around medical devices, cybersecurity and information governance. Achieving digital clinical safety is therefore dependent on the broader digitisation agenda, systems interoperability and general improvements in data quality. Furthermore, digital clinical safety is important to all settings across health and care, meaning this strategy aims to be relevant across settings and sectors, accounting for differences in digital maturity.

This strategy intends to help people understand how the existing safety requirements in these separate but related areas, and organisations overseeing them, relate to each other. It sets out ambitions to build a more coherent digital clinical safety system.

Standards and regulations

Digital clinical safety in the NHS is established in statute under section 250 of the Health and Social Care Act, 2012. The process for documenting safe development and deployment of health IT systems is delineated in the Clinical Safety standards, DCB0129 for manufacturer of health technologies and DCB0160 for those deploying and using health technologies. Nationally, these two clinical safety standards outline the set of requirements to promote the effective application of clinical risk management by organisations responsible for the development, commissioning, deployment and use of health IT systems.

Digital clinical safety in a wider sense is supported by a series of standards and regulations.

The Digital Technology Assessment Criteria (DTAC) provides a national baseline criteria for digital health technologies entering into the NHS and social care. Its criteria include compliance with the clinical safety standards, alongside data protection, technical security, interoperability and usability and accessibility standards. This aims to give staff, patients and citizens confidence that the digital health tools they use meet clinical safety requirements.

Additionally, the NICE evidence standards framework for digital health technologies support innovators and commissioners to understand what good levels of evidence for digital health technologies look like, stipulating that technologies must also meet the needs of the health and care system, patients, and users. The standards have been developed to support innovation with the appropriate level of rigour and assurance for the health and care system including assessments of functional classification, risk and evidence of effectiveness.

Furthermore, when a digital health technology is considered a medical device as per the UK Medical Device Regulations 2002, additional requirements need to be met. International harmonised standards, such as ISO 14971 about risk management of medical devices, ISO 13485 about medical device quality management systems, and ISO 62304 about medical device software life cycle processes, can be used as evidence that particular requirements are met to ensure safety and performance. In addition, manufacturers must provide clinical data in the form of a clinical evaluation report that demonstrates that the device under normal conditions of use has a favourable risk to benefit ratio. All medical devices in the UK need to be registered with the MHRA and those that are categorised as higher risk (class II or above), require third party approval. When medical devices are on the market, manufacturers are required to have a post-market surveillance system, which includes reporting adverse incidents that fall as vigilance and field safety corrective actions (FSCAs) to the MHRA, to ensure that their devices continue to perform as intended and are acceptably safe.

From a cybersecurity perspective, the Data Security and Protection Toolkit sets the standard for cyber security in the NHS. It consists of an online self assessment tool to allow organisations to measure their performance against requirements mandated by the Department of Health and Social Care (DHSC), principally the 10 data security standards created by the National Data Guardian. Additionally, the Security of Network and Information Systems (NIS) regulations provide legal measures to increase the cyber and physical security of digital networks and information systems. NIS Regulations protect the UK from network or cyber issues, raising security standards across essential sectors of the economy such as health and care.

The policy and regulatory landscape in this space is still evolving, particularly with increasing demand for use of artificial intelligence in health. For instance, the clinical safety standards will be reviewed in order to optimise their impact across the system and limitations, inclusion and necessary modifications. NHSX is also working with regulators to ensure that clinical safety objectives are woven into this landscape.

PART 2: Digital clinical safety strategy

This section sets out the Digital Clinical Safety Strategy, including national priorities. This strategy is a living document, intended to be refreshed regularly and updated according to NHS and system-wide needs.

Insight

In accordance with the NHS Patient Safety Strategy, ‘Insight’ is defined as:

“Improving understanding of safety by drawing intelligence from multiple sources of patient safety information.”

The priorities for Insight include the following:

• Optimising and centralising incident reporting and response processes to capture and learn from digital clinical safety in all relevant health and care settings.
• Learning from best practice in digital transformation programmes to understand what works well and why.
• Facilitating data triangulation and ensuring all sources of safety information contribute to a shared understanding of digital clinical safety issues and how they can be resolved.

To measure digital clinical safety, it is necessary to capture data about how digital systems impact patient safety, both positively and negatively. Digital clinical safety aims to support a culture of learning from incidents as well as learning from excellence, with different health and care organisations working together to capture and model best practice.

A mutual understanding of how and when things can go wrong or right can help identify and mitigate risks as well as reduce harm.

Incident recording and learning

Gathering this information requires recording when a digital system contributes to a patient safety event including near misses, as well as risk reporting from clinical safety officers (CSOs) and responsible individuals involved in the manufacturing, implementation and day to day use of digital systems. To maximise involvement in this type of reporting, it should be user-friendly, centralised and clear (Mayer et al. 2016). In the case of digital clinical safety, incident reporting should be aligned to existing patient safety incident reporting systems such as the NRLS and its successor system LFPSE. Furthermore, reporting digital clinical safety incident information into these national systems should be accessible via all standard incident reporting platforms already widely used to make such reports (for example Datix, Ulysses, or local intranet based platforms).

The LFPSE will provide a consolidated approach to capturing the role of digital in patient safety incidents across health settings. The LFPSE mandatory questions will ask reporters if an event is related to an IT or software system, and follow-up questions will ask about the nature of the IT or software problem. These reports, in conjunction with the larger event context also captured in the LFPSE, will contribute to system-wide learning and response related to digital technologies. Review of information from the LFPSE and issues reported through other routes will, subject to accreditation processes, feed into the existing National Patient Safety Alert process in the case that an event or its context requires action by providers. The LFPSE system aims to support better reporting rates in settings where patient safety incident reporting has been historically low, such as primary and community care, and among patients and the public. Encouraging this uptake will be a priority to support long term improvement in data capture.

Furthermore, the MHRA’s Yellow Card collects information on suspected side effects or adverse incidents involving medicines and medical devices, acting as an early warning system. Yellow Card is open to professionals and members of the public, and authorisation holders and manufacturers are also required to report events defined in the Human Medicines Regulation and Medical Device Directive (MDD). In the case where an incident or risk is relevant to LFPSE and also meets Yellow Card reporting criteria, LFPSE will prompt users to submit a Yellow Card report if they have not already done so, or collect a Yellow Card reference number if they have, to enable data linkage.

Options for more comprehensive integration of the two services using application programming interfaces will be explored in due course. This aims to address fragmentation in digital clinical safety reporting and improve the analytical capability between patient safety reporting, software risk reporting and medical device reporting. A data flow map will help clarify the appropriate reporting routes for information about digital clinical safety risks that require review and response.

The importance of all information captured in LFPSE and Yellow Card is the ability to derive themes from the data for learning and improvement. This will be enhanced by linkage to clinical record systems, as well as the potential to respond to any individual incident that might indicate a system-wide risk. An ambition will include aligning this with other existing datasets including data that is collected about safety incidents in individual programmes to develop more comprehensive intelligence for digital clinical safety.

Incident reporting has traditionally focused on health and care staff and professional reporting. There will also be an opportunity for patients and the public to report safety incidents and risks via the LFPSE and MHRA Yellow Card either directly or through, in the case of Yellow Card, integration with the NHS App. This will build on the integration delivered to support COVID-19 vaccine surveillance and include transfer of Yellow Card data and safety messages back to electronic healthcare records, enabling a greater ability to generate insights from patients and the public.

However, learning requires more sources than incident data alone. Other sources such as complaints narratives, HSIB recommendations, claims details, IT help desk queries, system downtime reports, insights from CQC inspection reports and, when possible, patient and public stories should be considered in a triangulated way. This will ensure that digital clinical safety insights are a product of multiple perspectives, including those of patients and the public. The promotion of complaints processing tools, some of which rely on digital technologies themselves, that help organisations identify and share learning from complaints, can enable this locally.

Learning from best practice

Insights for digital clinical safety will be proactive as well as reactive with a focus on capturing concerns or risks related to digital systems before they become incidents. This type of risk mitigation is explained in the existing clinical safety standards. However, it is important that learning from risk mitigation processes are shared to support system-wide knowledge. Meeting the clinical safety standards requires manufacturers and deployers to produce a clinical safety case report (CSCR) which contains a hazard log that details mitigations and additional controls. The CSCR is a live document that is maintained throughout the life cycle of the health IT system and its use and sharing is critical to system-wide learning. All documents produced to meet the health IT safety standards should be freely available and not classed as commercially sensitive, so that risk mitigation information is shared among deploying organisations to improve safety and support learning.

Insights regarding digital clinical safety can also be obtained through reviews of existing digital programmes. In order to support the NHS Patient Safety Strategy’s aim of creating a culture of learning, digital clinical safety will not only obtain insights from incident reporting, but also from a review of what has worked well and why. Review of best practice will be supported by the NHSX What Good Looks Like Guidance for digital systems, which has a dedicated section on digital safety. For instance, the What Good Looks Like guidance will highlight positive digital safety solutions, such as scanning technologies and traceability work. It will be bolstered by actionable blueprints of best practice that are designed to share information about how an intervention to support digital safety worked and why. The LFPSE will also collect examples of good care that can be learned from.

The goal is for insights about digital clinical safety to support a learning health system (The Healthcare Learning Project, 2021) that evolves and progresses in response to incidents and best practice. Feedback loops will be embedded in the national assurance system so that learning from incident information can be shared more widely. This will be inclusive of digital clinical safety data, but account for extensive patient safety insights, in order for digital clinical safety information to be understood in a wider system context. Finally, the adoption of embedded research and evaluation in digital transformation teams will measure benefits from digital programmes.

Insight priorities

Involvement 

The NHS Patient Safety Strategy defines Involvement activities as:

“Equipping patients, staff and partners with the skills and opportunities to improve patient safety throughout the whole system.”

The priorities for Involvement include the following:

• Expanding and enhancing training for digital clinical safety across the health and care and supplier workforce.
• Providing clear access to digital clinical safety documentation including optimised standards, implementation guidance and blueprints of best practice through co-production and collaboration.
• Promoting user groups for major health technologies and the transparency of safety cases.
• Raising the profile of digital clinical safety across the health system nationally and internationally.

Training and capability building

Just like patient safety, digital clinical safety is everyone's responsibility. It is an evolving field and ensuring it requires the training and educating of the wider system.

Digital clinical safety can too often be the responsibility of a small subset of people, namely those involved in design and manufacturing of technologies, as well as those involved in commissioning and deployment. While these roles are critical and require specialist training, there is a much wider range of stakeholders who require a different type of learning to be able to proactively engage with digital clinical safety.

Expanding involvement around digital clinical safety requires building capability and understanding across different aspects of the workforce. Strengthening digital clinical safety will require continuous and iterative capability building across those involved in the development, commissioning, implementation, assurance and use of digital systems. Delivering this will require refreshing content from existing training packages as well as conducting a skills audit in relation to digital clinical safety and responding to system-wide needs.

Training related to the clinical safety standards already exists in the form of e-learning provided free of charge by NHS Digital on the Health Education England (HEE) website, as well as more advanced face to face Clinical Risk Management Training. These clinical risk management courses include a focus on application of learnings, which will be augmented through the strengthening of networks of professionals including, but not limited to, the existing CSO network, the patient safety specialists and Patient Safety Collaboratives. Clinical risk management training will continue to be available to non-clinical and clinical staff. However, it will be important to promote this training to additional groups working at the intersections of digital clinical safety, including those working in industry and patient safety professionals who have not before been involved in digital transformation, as well as the primary users of health technologies.

Furthermore, the future of training delivery will move to a ‘train the trainer’ model whereby the standard for training and accreditation of courses is still set by NHS Digital, however, the ability to provide training to health and care staff is developed devolved to ICSs, who can offer training opportunities grounded in the national training standard, but relevant to local practices. This model is intended to proliferate the availability of training and avoid backlogs in members of the workforce requiring training.

Priority workforce groups for training have been identified as those most closely involved with digital clinical safety. At the national level, these will include teams working on digital transformation programmes as well as those involved in regulating them. At a local and regional level it will include, but not be limited to, the patient safety and digital health workforce including patient safety specialists, chief clinical information officers (CCIOs), chief information officers (CIOs), chief nursing information officers (CNIOs) and other clinicians and allied health professionals (AHPs) provider-based safety teams. At a wider level, it will include manufacturers, commissioners and provider-based ICS and primary care network (PCN) teams. In addition to training, it will also be important to ensure that the role of the CSO is clarified and that CSOs are supported in their professional requirements and have functional networks across the system.

Layers of training and curricula will be required to familiarise different sections of the workforce with principles of digital clinical safety. Further training separate to clinical risk management training will be developed for specific staff groups based on their needs and preferences, including the development of educational tools available to local organisations. It will also be necessary to support more targeted training for key improvement areas, such as better integration of existing digital systems in primary care. The development of these tools will require discovery work to build an evidence base for what training is required, how it should be delivered and to what professional groups, as well as how it will align to existing programmes.

Furthermore, user testing will support the development of effective learning materials that are fit for purpose across different user groups, including patients, carers and the public. Tools will be intentionally aligned to the Patient Safety Syllabus and WHO Patient Safety Action Plan, focusing on developing learners’ familiarity with key concepts, such as human factors and systems thinking, over successive phases of training.

Consolidated source of digital clinical safety information

Involvement in digital clinical safety relies on clear, accessible and relevant guidance for all stakeholders, including professionals, patients and the public. As part of this, existing standards will need to account for how certain digital systems might impact inequalities and they should mitigate against potential digital exclusion.

Given the technical and complex nature of existing standards, guidelines and advice, a consolidated source of digital clinical safety guidance should be co-produced across sectors. This will involve regulatory input, and will require patient, public and staff participation to yield information tailored to different groups. The result will be a published source of clear definitions of commonly used terms related to digital clinical safety, information regarding what is mandated versus what is recommended and real life blueprints of best practice following established clinical safety standards. It will provide guidance related to medical software and its safety classification and clinical risk management as well as support tools (including compliance checklists, assessment and assurance frameworks for existing and emerging technologies). 

This information is envisaged to sit alongside other relevant health and care guidance and be a regularly updated and simple to navigate access point. It is intended to provide information about digital clinical safety, and will be co-produced with patients and frontline professionals to ensure its contents are targeted to the right people. This should align to other sources of guidance which would also be relevant to digital health technologies.

Raising the profile of digital clinical safety

Raising the profile of digital clinical safety through collaborative involvement is key to the success of all sections of this strategy.

A dedicated effort is needed to connect the users of digital systems, whether they are patients, public or health and care staff, to the developers of these systems. User groups for widely used digital systems in the NHS are also encouraged to provide open fora for people to speak up about risk, user centred design and normalise patient and user input into digital clinical safety risk mitigation.

Specifically, raising awareness of the importance of digital safety and the potential for digital to drive safer care will help engage clinicians and patients in digital transformation and safer use of digital health systems, and in turn support more meaningful incident reporting and learning. Involving wider, cross-sector and international groups in this effort, including patient groups, academia, industry and regulators will also help digital patient safety ascend up the policy agenda locally and nationally.

Involvement priorities

Improvement

The NHS Patient Safety Strategy defines ‘Improvement’ activities as:

“Designing and supporting programmes that deliver effective and sustainable change in the most important areas.”

The priorities for Improvement include the following:

• Generating evidence for how digital technologies can improve safety.
• Supporting the Medical Devices Safety Programme to accelerate the adoption of digital technologies to record implanted medical devices and develop a new information system to collect, link and analyse outcomes.
• Surfacing novel opportunities for digital solutions to solve patient safety problems.
• Embedding digital clinical safety in policy and regulatory documents.

Using digital technologies to improve safety will in part, be a product of the implementation of the Insight and Involvement sections of this strategy, however there are also areas for immediate focus. Improvement will not only include building an evidence base for which digital systems work best for safety and why, but also promote the design, development and implementation of digital systems equipped to tackle common and complex safety challenges. For instance, there will be a specific focus on the Medical Devices Safety Programme, including the expanded use of digital technologies to record and track medical devices implanted in patients at the point of care.

Systemic improvement will require multi-dimensional involvement to embed the principles of digital clinical safety in the policies and regulations that govern the health service.

Generating evidence for Improvement

Using digital as a tool for patient safety Improvement starts with testing and building evidence about when and how digital technologies can make care safer. A robust evidence base is required to demonstrate what works, what does not work and where investments are best placed to scale up promising technologies.

An example is Scan4Safety, in which evidence generated from demonstrator sites provided the intelligence for other sites to take it up and has led to larger scale scanning programmes like the Medical Devices Safety Programme.

The development of this evidence will be twofold, including scientific research as well as continuous discovery and review of best practice from the UK and internationally. This will involve working both with national research bodies like NIHR, the Accelerated Access Collaborative (AAC) and groups responsible for patient safety research to support the testing and trialling of digital solutions for safety, as well as partnerships with national digital transformation teams to measure safety benefits across digital programmes. Linking to the ‘Insight’ section of this strategy, it will be imperative to ensure that relevant data, including patient safety data, can be used in AI to evaluate safety interventions for improvement and provide continuous learning. Evidence generated through both formal and informal research and evaluation will be communicated to professionals and the public to promote clinical and public awareness about the specific benefits of digital technologies to patients.

Medical Devices Safety Programme and Promoting Innovation

The heart of digital clinical safety is translating safer care into improved outcomes for patients’ health, quality of life, experience and journey through the health service. To achieve this, there needs to be an ambitious national focus on surfacing and scaling opportunities for digital to improve safety. The Medical Devices Safety Programme (MDSP) brings together the DHSC, NHSX, NHS Digital and NHS England and NHS Improvement’s Getting It Right First Time (GIRFT) programme to collaboratively support commitments to medical device and implant safety.

Baroness Cumberlege’s First Do No Harm report on potential harmful side effects of certain medicines and medical devices explicitly recommended that:

The MDSP will work towards this objective first by accelerating adoption of digital technology to improve the recording of medical devices implanted in patients at the point of care. It will also establish a new information system/infrastructure to collect, link and analyse outcomes by procedure. This will enable the tracking of implanted medical devices and the provision of appropriately rich datasets for outcomes analysis. Finally, MDSP will develop registries to support increased analysis of outcomes data to drive improvements in device, patient care and safety, and enable informed, shared decision making between clinicians and patients.

In addition to the MDSP, there are currently substantial efforts underway to develop digital solutions to safety challenges including the scaling up of scanning and monitoring technologies, development of interoperable standards and expansion of shared care records. Improvement efforts should build on these digital improvement programmes. However, there are still many safety challenges where digital solutions could support safer care. It is necessary to objectively understand what safety issues could be prevented with appropriate digital technologies.

Promoting innovation of this kind requires caution and proactive risk assessment to mitigate risks of new technologies, including rigorous testing. It will be critical to work across industry, the health and care service and with the public to identify the most pressing safety challenges requiring digital innovation, develop bespoke or optimised solutions to address them and support those solutions across successive phases of solution development and testing. A focus on the safe implementation of digital systems in practical organisational contexts needs to be sensitively integrated with local practice and organisational process.

Raising the profile

Improvement will hinge on raising the profile of digital clinical safety in national policy and regulatory discourse, so that it is recognised in policy and assessed as a component of quality by regulators and policymakers. This will require closer partnership with regulators to support systematic investigation of digital clinical safety across organisations, as well as support to the frontline to build capabilities, as discussed in the ‘Involvement’ section of this strategy.

Improvement priorities

PART 3: Delivery and networks for digital clinical safety

Delivering the strategy

Delivering progress in relation to the priorities listed in this strategy relies on collaborative working and mutual commitment. To oversee this, a National Digital Clinical Safety Board will be established with responsibility for strategy implementation. In addition to NHSX, NHS Digital, NHS England and NHS Improvement and the MHRA, this board will have representation from patients and carers, suppliers of digital technologies and other relevant stakeholders and major digital programmes. It will work with other stakeholders including regulators to develop processes to benchmark and monitor performance.

The group will take forward the priorities listed in this strategy, providing a clear outline of roles and responsibilities and any further consultation required.

Measuring benefits

Central to delivering the strategy will be measurement of its benefits and evaluation of priorities. For each of the priorities listed in the strategy, evaluation metrics will be derived to monitor progress.

There will be an opportunity through the LFPSE data to identify the role digital technologies play in patient safety incidents. Monitoring this will provide new intelligence for measurement. As with all patient safety incident reporting, it is expected that increasing reporting rates will be a signal of positive reporting culture, whereas declining reports of harmful incidents will be used to understand the benefit digital transformation has achieved.

Challenges and risks

The strategy’s foundation in shared leadership is both its greatest strength and main challenge. To deliver this strategy, it will be crucial for stakeholders to work together, upholding their individual responsibilities.

Further challenges relate to aligning digital clinical safety standards and practice with existing, often entrenched, systems and practices for other aspects of patient safety.

A challenge of the current climate is the ability to focus resources on digital clinical safety in the aftermath of the pandemic. While on the one hand the pandemic has expanded digital ways of working and delivering clinical care, it has also absorbed unprecedented amounts of time and resources and will continue to dictate NHS priorities for many years to come.

These challenges do present a risk to delivery, but can be managed through communication and coordination across the principal stakeholders in this strategy as well as other relevant groups. Enhancing the priority of patient safety, specifically digital clinical safety, will also help demonstrate the value of this strategy and associated programmes of work and enable our proposed activities.

Digital Clinical Safety Networks

Development of this strategy presented one very strong theme, the need for strengthened networks to support digital clinical safety. It is clear that generating a culture of digital clinical safety across the NHS starts by nurturing this enthusiasm and empowering existing networks to guide change towards digital safety systems. Networks, communities and user groups have been mentioned in a variety of ways throughout this strategy, but it bears repetition. Delivering this strategy will involve working with existing networks for patient safety including Patient Safety Collaboratives, the CSO network, the Patient Safety Specialist network, and the Patient Safety Learning Hub among others. It will also support the organic development of more specific digital clinical safety groups.

Updates

Similar to the NHS Patient Safety Strategy, the priorities within this strategy will be updated iteratively.

PART 4: Call to action

Patient safety has long been recognised as a cornerstone of quality health systems, and accordingly, as a moving target, responsive to the evolving needs of the health service. The infrastructure for safety in the NHS has been strengthened through the NHS Patient Safety Strategy and initiatives like the implementation of new national safety event learning systems, Patient Safety Collaboratives, a more highly trained workforce and the advent of dedicated Patient Safety Specialists deployed across organisations.

While the profile of safety has expanded, so too have the areas requiring specialist focus. This strategy provides a call to action for national teams as well as local actors to prioritise digital clinical safety. It starts with national commitments designed to support patients, the public and the frontline.

The proliferation of digital technologies across the NHS, and their rapid establishment in day to day clinical practice and NHS workflows, demands specific attention. Such technologies are at the heart of the care the NHS provides and therefore have the potential to help, harm and hinder patient safety. Digital clinical safety is vital to ensuring the NHS optimises digital technologies.

A national effort is required to embed digital clinical safety across health and care. This strategy focuses first on the role of national teams in setting the direction for improving the safety of technology in health and care and second on how that technology will be applied to safety challenges.

Instilling a culture of digital clinical safety across the NHS starts with this strategy. This forms the basis for a roadmap to take the NHS on its next steps to becoming a world leader in safe, digitally-enabled care.

Appendix 1: Digital clinical safety priorities

The commitments made in this strategy are listed below, including who will be responsible for their completion and within what timescale.

Insight

We will clarify all avenues of patient safety event recording, including their capability to capture digital clinical safety information and medical device safety. This will be led by NHSX, NHS Digital and NHS England and NHS Improvement and completed in 2022.

We will ensure LFPSE provides a standard method for frontline patient safety event recording (across all settings of care) to capture information about digital systems as a contributing factor and that necessary information is relayed from LFPSE to NHS Digital and NHSX, and that it is responded to appropriately. This will be led by NHS England and NHS Improvement in partnership with NHSX, NHS Digital and MHRA and completed in 2022.

We will establish a digitally-enabled approach for data from incident reporting to be reviewed and analysed in conjunction with other sources of patient safety data (including data produced for Clinical Safety Standards, HSIB recommendations, patient complaints and feedback, claims information and patient and staff surveys) to provide a comprehensive picture of safety and enable learning. This will be led by NHSX and NHS Digital in partnership with NHS England and NHS Improvement and completed in 2023.

We will review recent digital transformation initiatives and other commissioned services to build evidence for best practice in digital clinical safety, including blueprinting exemplary case studies of best practice in digital clinical safety to support shared learning. This will be led by NHSX on an ongoing basis.

We will ensure the transparent nature of documentation used to build a safety case for existing clinical safety standards. This will be led by NHS Digital and industry partners on an ongoing basis.

We will promote embedded research for digital clinical safety and examine the clinical safety maturity across the digital transformation landscape, including in national programmes, in partnership with Academic Health Science Networks, Patient Safety Collaboratives and academia. This will be led by NHSX, Academic partners, industry and universities on an ongoing basis.

Involvement

We will assess the workforce needs for digital clinical safety and refresh existing training packages to meet these needs. This will be led by NHS Digital, NHSX and HEE and will be completed in 2023.

We will roll out a digital clinical safety training programme both in national teams as well as the wider workforce that is aligned to existing patient safety training standards, including the Patient Safety Syllabus. This will be led by NHS Digital, NHSX and HEE and completed in line with the Safety Syllabus timeline.

We will ensure a ‘train the trainer’ model is developed to enhance training availability across ICSs. This will be led by NHS Digital and NHSX and completed in 2023.

In a single information source, we will co-develop the main messages related to key standards, guidelines and best practice to support digital system development in safer boundaries alongside existing codes of practice. This will be led by NHSX, NHS Digital, NHS England and NHS Improvement and completed in 2023.

We will establish a single source of new patient safety guidelines for emerging technology and innovative use cases. This will be led by NHSX and completed in 2022.

We will clearly map how all relevant standards and regulations align to each other and how they apply to different industry and health and care actors, including review of the Clinical Safety Standards, and ensure this is integrated with a larger national catalogue of standards. This will be led by NHSX in partnership with NHS Digital, MHRA and NHS England and NHS Improvement in 2022.

We will promote user groups for major digital health technologies to facilitate the reporting, escalation and feedback related to digital clinical safety risks. This will be led by NHS Digital, NHSX, industry and local providers and completed in 2023.

We will create learning communities for digital clinical safety with research institutes, Royal Colleges, AHSNs, academia, frontline and patient groups and work through existing professional networks like the Patient Safety Specialists, Medicines Safety Officers and Clinical Safety Officers. This will be led by NHSX, NHS Digital, and NHS England and NHS Improvement on an ongoing basis.

Improvement

We will invest in evidence generation related to what digital interventions are most effective in improving patient safety nationally and internationally. This will be led by NHSX on an ongoing basis.

We will review digital interventions, design strategies, implementation practices and organisational resources required for safe integration of digital systems, to establish a benchmark for future work. This will be led by NHSX and NHS Digital on an ongoing basis.

We will ensure existing digital technologies used widely in health and care are evaluated for safety benefits at local and national levels. This will be led by local providers and manufacturers on an ongoing basis.

We will support the Medical Device Safety Programme to accelerate adoption of digital technology to improve the recording of medical devices implanted in patients at the point of care. This will be led by NHSX, NHS Digital, NHS England and NHS Improvement and DHSC on an ongoing basis.

We will support the Medical Device Safety Programme to establish a new information system to collect, link and analyse outcomes by procedure, and use registries to enable analysis of outcomes data and support shared decision making between clinicians and patients. This will be led by NHSX, NHS Digital, NHS England and NHS Improvement and DHSC on an ongoing basis.

We will surface opportunities for digital to improve safety through targeted work with industry, patient safety experts and the public. This will be led by NHSX, on an ongoing basis.

We will partner with existing networks like Patient Safety Specialists, AHSNs and Patient Safety Collaboratives to facilitate organisations’ adoption of digital clinical safety standards and setup of novel, grassroots improvement programmes. This will be led by NHSX, NHS England and NHS Improvement and AHSNs on an ongoing basis.

We will disseminate evidence about the impact of digital technologies on patient safety in a targeted way. This will be led by NHSX, NHS Digital, and NHS England and NHS Improvement on an ongoing basis.

We will ensure new and evolving digital products and services are assessed against the NHS Service Standard which includes clinical safety as a key criterion. This will be led by NHSX, NHS Digital, and NHS England and NHS Improvement on an ongoing basis .

Appendix 2: Acknowledgements

This strategy is a joint publication of NHSX, NHS Digital and NHS England and NHS Improvement. Its development was overseen by all three organisations, as well as the MHRA. A strategy development group of senior safety leadership at these organisations was responsible for ensuring the consistency and quality of the strategy, as well as its direction and engagement with stakeholders.

The strategy has been developed with input from a wide range of experts and stakeholders, including patients and members of the public. The strategy is written with many thanks to all of the patients, NHS and social care staff and digital clinical safety experts who participated in workshops, completed surveys, undertook interviews and reviewed content to support the development of this strategy.

This publication can be made available in a number of other formats on request. Please email nhsxdigitalsafety@nhsx.nhs.uk.