Skip to main content
Smartcards to access clinical systems

Find out about the services for smartcard users and registration authorities being delivered during the coronavirus pandemic.

We are making it easier for NHS bodies to bring new starters on board.

With thousands of professionals returning to practice, and more entering practice for the first time, it is important that they have access to the critical systems that they need to deliver safe and effective patient care.

We're also supporting clinicians working in the independent sector to get access to the systems they need as they step up to support the NHS. 

Smartcards for new starters

We're making it easy for  new starters to get the NHS smartcard they need to use NHS clinical systems.

We’ve changed the advice on how registration authorities can verify the identity of the person the card is being issued to, simplifying the process whilst remaining secure and trusted.

We’ve also introduced new virtual smartcards in addition to physical smartcards, which means getting a new smartcard should be a simpler and speedier process to support remote working and verification.

Read remote NHS smartcard identity verification advice.

Understanding how smartcards work

The smartcard is a unique card assigned to a specific user so they can access the systems they need to fulfil their role. It is allocated by a Registration Authority Manager and each card contains an electronic security certificate (the private key) which is unique to the user.

Physical smartcards

A physical smartcard is a piece of plastic with a smartcard chip built in. Similar to a credit card, it has its own secure enclave.

The user inserts the card into a smartcard reader when they want to access a system and enters their secret PIN to unlock the smartcard. The smartcard reader then uses software on the PC in order to confirm the smartcard is valid and the user has the authority to access the system.  

Virtual smartcards

The virtual smartcard is a digital form of the card and can be stored on a smartphone, in the cloud or on another physical device such as a secure USB key.

Virtual smartcards work in basically the same way as physical smartcards but the secure enclave can reside in other (non-physical smartcard) settings, such as the secure enclave of a mobile phone, a cloud based hardware security module (HSM), or a modern Trusted Platform Module (TPM). 

We have provided some frequently asked questions about smartcard secure access and authentication.

Read our frequently asked questions

Digital credentials

Both physical and virtual smartcards store a digital credential for a person.

Whether you use a physical or virtual smartcard, each time a person logs on to a system a smartcard must be present. Authentication methods for different types of digital credential are diverse, can be communicated via Bluetooth or over the internet, and can include biometrics, such as a fingerprint or face recognition.

In certain cases, one form of digital credential may be preferable to another. For example, biometric authentication, such as a fingerprint, may be impractical when wearing PPE but may work well in other scenarios such as those being piloted by the London Ambulance Service  who are using digital credentials on an iPad (assigned to specific individuals using fingerprint biometrics) to access the patient’s Summary Care Record.

Each of the virtual smartcard solutions may have different constraints and capabilities but all meet the same strict security requirements. 

Getting access to a smartcard

Physical Smartcards

As the numbers of people returning to NHS service and new recruits increase it is envisaged that some organisations may need additional support to print large volumes of smartcards in a short space of time.

Our physical smartcard printing service provides rapid printing of cards and a courier service to the destination.

The cards are printed locked and the local Registration Authority (RA) can unlock them and assign to users with relevant access.

We also have a stock of smart card printers we can provide to RAs to increase local printing capacity. Should you wish to print your own temporary access cards, we are able to allocate you temporary access card profiles (UUIDs) that have been centrally created that you are able to use to print against.

We have a stock of blank smartcards and readers that can be ordered here.

Access the bulk printing service.

Entrust virtual smartcards

NHS Digital has centrally procured and integrated a virtual smartcard solution provided by Entrust with the NHS Digital Identity Agent client, Care Identity Service (CIS) and Card Management Service infrastructure (CMS). Entrust virtual smartcards work through an Entrust application that can be downloaded and installed on a user’s mobile device. This service is available immediately and funded centrally until March 2023.

Read more on Entrust virtual smartcards.

Development and assurance update for an Advanced Electronic Signature (EPS signing)

NHS Digital is currently working with end systems suppliers and the Electronic Prescription Service (EPS) to ensure that the virtual smartcard solution can be used with their products to authenticate and provide an Advanced Electronic Signature that meets NHS Digitals requirements. 

We will regularly review and update this page to provide progress. 

This table will show the solutions and systems that have integrated successfully. 

Virtual Smartcard Solution Provider System suppliers Development Assurance Pilot Live
NHS Digital with Entrust EMIS Complete Ongoing To be confirmed To be confirmed
NHS Digital with Entrust One Advanced Complete Ongoing Late September (planned) October (planned)

Update on Isosec solution

NHS Digital and Isosec have been working collaboratively to agree the design and implementation for an enhanced solution from Isosec that meets all of NHS Digital’s requirements.

The enhanced product has now been through that accreditation process - our cyber security team has confirmed that the design of the new solution now constitutes an Advanced Electronic Signature (AdES) and can be used for authentication. This requires specific versions of their solution and for it to be deployed in a specific deployment pattern. Further details can be found on the Isosec virtual smartcard page. 

We are currently assuring the enhanced service, to confirm it can be used to sign prescriptions for use with the Electronic Prescription Service (EPS).

Update on the Imprivata solution

Imprivata has approached NHS Digital with a request to review their Virtual Smartcard Solution, the Imprivata OneSign Spine Combined Workflow Plus, in line with our accreditation framework.

The solution is currently under review by NHS Digital but has not yet been accredited under the framework.

NHS Digital will provide a further update when the solution has successfully completed the framework accreditation process.

Temporary access cards for local printing

This service was provided as part of the initial COVID-19 emergency response when there was expected to be a large number of returning clinicians and is no longer available.

Other smartcard queries

We want to ensure our processes are optimised so the large numbers of new and returning health and care workers can quickly and easily obtain smartcards and access patient information.

Help with other smartcard queries

Last edited: 20 August 2021 4:26 pm