Prior to the coronavirus (COVID-19) outbreak, the only way to access national systems has been with physical smartcards (apart for access to mobile SCRa on an iPad and soon to be available on a Windows 10 tablet).
Despite the work of the access and logistics hub to radically increase the rate of production of physical smartcards nationally, there are likely to be limitations to the speed of deployment as the requests increase. Physical smartcards and readers can also be a barrier in PPE and sterile environments and can be logistically complex to manage where the cards need to be deployed across a wide geography. We recognise the demand for virtual smartcards is increasing to accommodate requirements for authentication in VDI and complex IT ecosystems.
The use of the Isosec Virtual Smartcard solution is now permitted by NHS Digital. For the Electronic Prescribing Service (EPS) solution, Isosec are working rapidly with NHS Digital to develop an advanced electronic signature version.
NHS Digital is centrally funding Isosec licences to help accelerate implementation at this time. To request this service, contact Isosec directly via firstname.lastname@example.org who will work with you to ensure that your use case and requirements can be fulfilled. Following this initial consultation, Isosec will provide you with a form that then needs to be completed and sent to NHS Digital via email@example.com for approval prior to the commencement of the service locally.
- if you require a virtual smart card solution and require immediate deployment, NHS Digital permits the use of the Isosec solution
- NHS Digital has procured Isosec centrally and will make the licences immediately available to the NHS.
- security and information governance remain a key priority: 2FA will remain a requirement in order to provide evidence of sufficient robustness to support criminal evidence standards if an account was misused or used for accessing or updating information on the national systems, and to meet the level of verifiable identity required under primary legislation for electronic prescriptions
- emergency Guidance on remote identity registration has already been issued to the RA community
- NHS Digital will publish a full list of virtual smartcard products which meet national cyber security standards (along with the associated national services from NHS Digital)
All queries should be forwarded to the access and logistics hub email: firstname.lastname@example.org