Skip to main content

Smartcards to access clinical systems

Find out about the services for smartcard users and registration authorities being delivered during the coronavirus pandemic.

We are making it easier for NHS bodies to bring new starters on board.

With thousands of professionals returning to practice, and more entering practice for the first time, it is important that they have access to the critical systems that they need to deliver safe and effective patient care.

We're also supporting clinicians working in the independent sector to get access to the systems they need as they step up to support the NHS. 

Smartcards for new starters

We're making it easy for  new starters to get the NHS smartcard they need to use NHS clinical systems.

We’ve changed the advice on how registration authorities can verify the identity of the person the card is being issued to, simplifying the process whilst remaining secure and trusted.

We’ve also introduced new virtual smartcards in addition to physical smartcards, which means getting a new smartcard should be a simpler and speedier process to support remote working and verification.

Read remote NHS smartcard identity verification advice.

Understanding how smartcards work

The smartcard is a unique card assigned to a specific user so they can access the systems they need to fulfil their role. It is allocated by a Registration Authority Manager and each card contains an electronic security certificate (the private key) which is unique to the user.

Physical smartcards

A physical smartcard is a piece of plastic with a smartcard chip built in. Similar to a credit card, it has its own secure enclave.

The user inserts the card into a smartcard reader when they want to access a system and enters their secret PIN to unlock the smartcard. The smartcard reader then uses software on the PC in order to confirm the smartcard is valid and the user has the authority to access the system.  

Virtual smartcards

The virtual smartcard is a digital form of the card and can be stored on a smartphone, in the cloud or on another physical device such as a secure USB key.

Virtual smartcards work in basically the same way as physical smartcards but the secure enclave can reside in other (non-physical smartcard) settings, such as the secure enclave of a mobile phone, a cloud based hardware security module (HSM), or a modern Trusted Platform Module (TPM). 

We have provided some frequently asked questions about smartcard secure access and authentication.

Read our frequently asked questions

Digital credentials

Both physical and virtual smartcards store a digital credential for a person.

Whether you use a physical or virtual smartcard, each time a person logs on to a system a smartcard must be present. Authentication methods for different types of digital credential are diverse, can be communicated via Bluetooth or over the internet, and can include biometrics, such as a fingerprint or face recognition.

In certain cases, one form of digital credential may be preferable to another. For example, biometric authentication, such as a fingerprint, may be impractical when wearing PPE but may work well in other scenarios such as those being piloted by the London Ambulance Service  who are using digital credentials on an iPad (assigned to specific individuals using fingerprint biometrics) to access the patient’s Summary Care Record.

Each of the virtual smartcard solutions may have different constraints and capabilities but all meet the same strict security requirements. 

Getting access to a smartcard

Physical Smartcards

As the numbers of people returning to NHS service and new recruits increase it is envisaged that some organisations may need additional support to print large volumes of smartcards in a short space of time.

Our physical smartcard printing service provides rapid printing of cards and a courier service to the destination.

The cards are printed locked and the local Registration Authority (RA) can unlock them and assign to users with relevant access.

We also have a stock of smart card printers we can provide to RAs to increase local printing capacity. Should you wish to print your own temporary access cards, we are able to allocate you temporary access card profiles (UUIDs) that have been centrally created that you are able to use to print against.

We have a stock of blank smartcards and readers that can be ordered here.

Access the bulk printing service

Virtual smartcards

In order to support the urgent deployment of smartcards, NHS Digital has permitted and centrally procured a virtual smartcard solution provided by Isosec. This service is available immediately and funded centrally for the first 12 months.

To request this service, contact Isosec directly via vsc@isosec.co.uk who will work with you to ensure that your use case and requirements can be fulfilled. Following this initial consultation, Isosec will provide you with a form that then needs to be completed and sent to NHS Digital via accesslogistics.hub@nhs.net for approval prior to the start of the commencement locally.

NHS Digital will continue to enable the provision of virtual smartcard products and will share more information in the coming weeks.

Read more on virtual smartcards

Temporary access cards for local printing

We can provide organisations with a list of pre-populated temporary access card profiles, which can be used to print smartcards locally. This is an alternative to using our national smartcard printing services

Contact accesslogistics.hub@nhs.net to submit a request.

Other smartcard queries

We want to ensure our processes are optimised so the large numbers of new and returning health and care workers can quickly and easily obtain smartcards and access patient information.

Help with other smartcard queries

Last edited: 5 May 2020 3:59 pm