What NHS CIS2 is
NHS CIS2, formerly known as NHS Identity, makes use of current technology to provide a number of ways for health and care professionals in England to authenticate their identity when accessing national clinical information systems.
This will help to transform the way mobile workers can securely access clinical information at the point of need using a range of devices.
All of our solutions will make use of multifactor authentication, which currently provides the most secure model of authentication. This incorporates the principles of "something the user has" in their possession, for example a Smartcard, an approved device, and "something the user knows or is", for example a pin code or biometrics.
Smartcard authentication needs a Health and Social Care Network (HSCN) connection, previously known as N3. The other aspects of secure authentication happen over the Internet, without the need for a HSCN connection. NHS CIS2 adheres to the NIST cybersecurity framework standards.
Benefits of NHS CIS2
NHS CIS2 provides benefits in the following areas:
Using a device that is associated with the user allows them to authenticate with biometrics (fingerprint and facial recognition) and smartcards. In the future there will be additional ways to be able to prove identity, using the latest secure technologies.
Supports modern health and care
Users can securely access clinical information at the point of need using a range of devices, for example tablets and laptops. This supports modern and mobile ways of working within health and care.
Uses OpenID Connect, the leading standard for single sign-on and identification on the internet.
NHS CIS2 uses the OpenID Connect and OAuth2.0 protocols, along with FIDO2 specification, which allows for biometric authentication. It also works with modern browser technology, making systems more secure and less vulnerable to malware and other malicious attacks.
Last edited: 21 January 2022 4:34 pm