Interoperability for DTAC Compliance in the NHS

In the healthtech space, being compliant with industry standards is hugely important, especially when aiming to integrate your product into the National Health Service. Central to this journey is becoming DTAC compliant, where proving you have an approach to interoperability is critical. 

Due to the vast and varied landscape of Electronic Health Records (EHRs) and associated middleware deployed across the NHS, interoperability presents a significant challenge to innovators. While initiatives like the UK FHIR core aim to standardise practices, their impact is currently, still limited.  

This is why, when undertaking the interoperability challenge, you must consider the NHS trust specific formats and practises you wish to aim for. Some Primary Care systems like EMIS and SystmOne follow procedures outlined in the IM1 compliance framework and NHS Digital Service Manual. However, due to most trusts having unique setups, this is not enough to guarantee interoperability. 

We recommend including a comprehensive interoperability strategy in your DTAC evidence file. This strategy should articulate your innovation’s envisioned data flows and highlight the data items that will need to flow to the patient’s record held on the EHR. In addition to consideration of data flows, you should also articulate how you’ll engage NHS Trusts or GP practices within your interoperability strategy document. This will assist NHS organisations in their own planning, ensuring the appropriate resources are available, system changes and uplifts are considered, and testing is planned effectively. 

While some NHS trusts may request implementation of interoperability to enable a pilot of your innovation, simply having the strategy with awareness and proof of readiness to integrate is sufficient to pass the DTAC . The key part of this strategy is it must be clear and understandable for the assessors at the NHS trust. 

Other aspects of the DTAC interoperability section will require you to ensure your APIs have been created in line with the UK Government Digital Services API best practices. Requirements include comprehensive documentation, following the current best practices for APIs, and conforming to secure standards like OAuth 2.0. This will help ensure that your product falls in line with the NHS's commitment to data security and interoperability. 

For patient-facing applications, innovators should prioritise well-documented APIs and consider implementing authentication and patient identification by using the NHS login. This will ensure a simple, federated way for users to access your innovation. During the Covid-19 pandemic, there was widespread adoption of tools like the NHS app. By using the NHS login, you’ll be able to simplify authentication for your users, and at the same time, streamline your path to DTAC compliance!

In summary, the best way to maximise your chances of achieving DTAC compliance in terms of interoperability, is to have a clear interoperability strategy, adhere to API best practices, and keep up with the evolving authentication strategies and requirements. Remember, interoperability is central to patient safety. Ensuring clinicians have the right information at the right time saves lives.

Thanks for reading!

If you wish to speak with us further on interoperability, book a discovery call!