This standard provides a set of requirements suitably structured to promote and ensure the effective application of clinical risk management by those organisations that are responsible for the development and maintenance of Health IT Systems for use within the health and care environment.

The standard includes implementation guidance and is supported by the related standard for the application of clinical risk management in the deployment and use of Health IT Systems - DCB0160.

This information standard is published under section 250 of the Health and Social Care Act 2012. An Information Standards Notice (see below) provides an overview of scope and implementation timescales, and the other documents provide further detail for those who have to implement the information standard.

April 2020: Update: In the current circumstances of the COVID-19 pandemic, organisations may defer full compliance with DCB0129. It is expected that the fundamental principles of the standard will be adhered to during this period and that organisations will work towards demonstrable compliance within 3-6 months of commencement of the pandemic (11 March 2020).  It is recommended that organisations  continue to follow and evidence Clinical Risk Management principles and that the Compliance Assessment Template is used to manage and track compliance.

This derogation does not apply to those organisations engaged in assurance activities with NHS Digital; specific arrangements will be in place to support such activities.