Apply for NHS CIS2

The purpose of this application process is to help you understand what is involved in authentication when using NHS CIS2, to make sure it fits your aspirations or those of your end users. We have a small but dedicated engagement and onboarding team, who are available to support you throughout the process.

This is the start of your process to integrate with NHS CIS2. The information on this page will tell you what you need to consider before you apply.

Understanding the authentication capabilities with NHS CIS2 will help you decide if it is the right tool for your users. You should read and understand the different ways you can authenticate using NHS CIS2 Authentication.

NHS CIS2 uses the OpenID Connect and the OAuth2.0 protocols. It also uses FIDO (Fast Identity Online) UAF specification, which improves the user experience by allowing biometric authentication.

Our guidance for developers includes information on the services offered and how to integrate with NHS CIS2, along with further help and support.

It is essential to understand how NHS CIS2 fits with your service. The best way to do this is to familiarise yourself with the developer guidance and build a proof of concept. You should research the needs of your end users and how they would like to authenticate.

This will help you understand how:

• your users expect to authenticate using NHS CIS2
• integrating with NHS CIS2 may impact your end users
• to create an interactive prototype

We will need to understand the levels of authentication required by your end users. This will help us to ensure there is sufficient capacity within the authentication service for the needs of your users at the appropriate time.

As part of your application, you will be expected to give us an idea of the patterns and volumes of user authentications required. This should include the estimated number of users and authentication volumes you will initially go live with. It should also include the predicted numbers involved in the roll out stages through to complete roll out.

Your plan should include rollout details through to your last site and information that demonstrates how you intend to do so in a controlled manner.

Your high level plan should include your anticipated date for:

• starting the conformance process
• submitting the initial Supplier Conformance Assessment List (SCAL)
• testing
• achieving conformance
• your first site to go live

We can provide you with a template for this information.

To use NHS CIS2 for authentication to access national clinical information systems, please complete the NHS CIS2 Service Assessment Questionnaire (SAQ).

We will review your application and contact you regarding the appropriate next steps. We may call you if we need more information. Next, you should find out what you need to prepare and plan for your integration if your application is successful.