Skip to main content
Creating a new NHS England: NHS England and NHS Digital merged on 1 February 2023. More about the merger.

NHS smartcards for developers

Find out about NHS smartcards, how they work, and how to request and use them for testing in our path to live (PTL) testing environments.

Overview

This page explains what NHS smartcards are, how they work, the end user’s smartcard journey and testing with smartcards in our path to live (PTL) environments.


What is an NHS smartcard?

An NHS smartcard is a plastic card containing an electronic chip and is used along with a PIN. It looks like a ‘chip and PIN’ bank card.

NHS Smartcard

A smartcard is personalised by printing the end user's name, photograph and unique user identification number on it. The end users are typically the healthcare workers working for NHS England.

Smartcards were introduced in 2004 and are one of the ways for healthcare workers to strongly authenticate themselves. Once authenticated they can access the clinical and personal information of a patient via our national services such as PDS and EPS.


What are smartcards used for?

The primary purpose of smartcards is to strongly authenticate healthcare workers before they can access patient information. 

They can also be used to:

  • sign in to a Windows desktop, for example at an NHS trust

  • identify themselves as NHS staff, for example at a pharmacy

A smartcard combined with a PIN helps to protect a patient’s clinical and personal information securely. Smartcards are the most widely used means of access control for patient information.


Healthcare worker’s smartcard journey

The suppliers of the healthcare application or an IT support function within an NHS organisation are likely to be responsible for setting up the healthcare worker’s computer. They download the NHS Digital Identity Agent (IA) and the NHS Credential Management Software (CMS) from NHS Digital downloads (only available over HSCN connection). These software components are responsible for initiating the healthcare workers authentication process and interactions with the server-side components.

Once the computer is set up there are 4 stages in a healthcare worker’s smartcard journey.

Unlocking a smartcard
(self service)
Unlocking a smartcar...
If the smartcard gets locked due to incorrect PIN entry
If the smartcard gets lock...
Applying for a smartcard
Applying for a smart...
Applying for a smartcard reader
Applying for a smart...
Using a smartcard and reader
Using a smartcard an...
Healthcare
worker
Healthcare...
Applying for a smartcard
Applying for a smart...
Applying for a smartcard reader
Applying for a smart...
Using a smartcard and reader
Using a smartcard an...
Viewer does not support full SVG 1.1 Four steps to apply for an NHS smartcard are, Applying for a smartcard, Applying for a smartcard reader, Using a smartcard with reader and Unlocking a smartcard if the smartcard gets locked due to incorrect PIN entry.

Applying for a smartcard

Once a healthcare worker is employed by an NHS organisation, they need to provide their proof of identity to get a smartcard. Each NHS organisation has a person who is responsible for handling this, and they are known as the Registration Authority (RA) for that organisation. The RA carries out the identity checks of smartcard users and assigns an appropriate access profile to the healthcare worker.