NHS service standard - 16. Make your service clinically safe

Digital information, tools and services have the potential to cause patient harm.

Make sure that you actively manage any safety risks associated with your content, service and processes.

Why it's important

Clinical risk management is key to creating safe digital services. Work with your clinical safety officer to consider what could go wrong, how serious it could be, and how likely it is, so that you can minimise the risk of harm.

What you should do

Your team should be able to show that you:

  • have a nominated clinical safety officer – in other words, a clinician with a current professional registration who has been trained in clinical risk management and is accountable for clinical safety
  • have qualified clinicians check your clinical information and make sure that it is accurate, evidence-based and clinically safe
  • meet the needs of your most vulnerable users, such as people who are homeless, have recently left prison, or are at risk of domestic or carer abuse, for example by:
    • flagging safeguarding needs and, where necessary, reporting concerns
    • identifying and meeting information and communication needs
  • if appropriate, work to DCB0129 (the safety standard for manufacturers of health IT software) or DCB0160 (the standard that helps health and care organisations manage the risks of using new or changed health software), or both
  • have processes for developing and maintaining your service and managing live safety incidents that comply with the relevant clinical safety standard
  • have processes to make sure that any data you collect is up to date and error free
  • where appropriate, comply with NICE's Evidence standards framework for digital health technologies

Use information on the AI and Digital Regulations Service website to help you:

  • review and understand the evidence for a technology before using it in a service
  • understand and comply with NHS clinical risk management standards
  • understand how the Care Quality Commission regulates health and social care services and whether you need to register with it
  • understand how developers determine if technology is a medical device using guidance from the Medicines and Healthcare products Regulatory Agency (MHRA)
  • understand your role in post-market surveillance of medical devices and reporting safety issues about medical devices to the MHRA

Guidance

GOV.UK

This point is not in the Government service standard.

Read more about this

Related service standard points

Help us improve this guidance

Share insights or feedback and take part in the discussion. We use GitHub as a collaboration space. All the information on it is open to the public.

If you've gone through a service assessment or peer review, we're especially interested to hear from you.

Read more about how to feedback or share insights.

If you have any questions, get in touch with the service manual team.

Updated: April 2025