Clinical safety

Clinical safety is about keeping patients safe. It applies not only to us in the NHS, or social care organisations, but to you when building healthcare software.

The law requires you to ensure your software is clinically safe, which means minimising the potential for harm to patients.

This page explains what you need to know about clinical safety when building healthcare software.

To make your software clinically safe, you need to identify potential hazards and provide suitable mitigations against the associated risks. We call this 'clinical risk management'.

At the NHS, we have published two clinical risk management standards. They are established in law through the Health and Social Care Act 2012.

These standards explain how to manage clinical risk effectively:

• DCB0129 is for organisations building software, and applies to you

• DCB0160 is for care organisations that are deploying and using software, so does not apply to you

For more details, see Clinical risk management standards.

You need to nominate, or hire, someone to be your Clinical Safety Officer (CSO). That person is responsible for making sure that you address the requirements of DCB0129.

As part of onboarding your software, to integrate it with our APIs or services, you need to declare its compliance with DCB0129.

We reserve the right to appraise your compliance as part of this.

To support you, we provide a "hazard log" of potential clinical risks for the API or service you are integrating with.

Our clinical safety team are available to help you with any questions you might have.