Operations

As IT Operations, we support the ‘maintain’ aspects of live service management. We work with three main parties: 

• NHS England, (this includes programmes, projects, subject matter experts and directorates)
• our technology partners, such as third-party system developers and suppliers and NHS England development teams
• health and social care organisations 

Our two core roles are transition and BAU operations. 

The primary role of the operations function is to provide a permanent home for products and services after they have been developed by programmes, projects or development teams and are ready to be made available to our external customers. Moving home involves a process called transition (to ops).  

Our second role is to put products, services and applications in the hands of health and care professionals, “to transform the NHS and social care”. There are various ‘BAU operations’ processes to achieve this, depending on the type of data or service and the external organisations involved. These include the following processes.

Onboarding

This process involves a technology partner requesting access to an NHS England dataset or service so that they can integrate it with their health and social care application or system. The onboarding process has a risk management and assurance focus to ensure that we, our partners and health and social care organisations take appropriate responsibility for using data safely to provide health and social care services.

Monitoring

Once an NHS England product, service or application is being used by an health and social care organisation, IT Operations continues to monitor partners and the organisations using their products, for compliance with core requirements, standards and specifications (these vary with the data, product or service and cover technical/functional, clinical safety, Information Governance and Security). As with the onboarding process, the emphasis is upon self-assurance by our partners and deploying organisations, but IT Operations provides an oversight and governance role.

Product management

As the demand on NHS England’s services changes, our products, services and applications need to evolve to meet those changing demands. Our product management role is to assess changes and developments and implement them based on impact and urgency. These changes may be mandated, imposed due to statutory changes or needed to improve functionality.

Onboarding is NHS England's process for allowing connecting Systems to integrate with national services. Connecting systems are developed by technology partners to provide healthcare organisations and individuals with access to national services, in support of the provision of direct care.

There are three main approaches to Onboarding and NHS England is working towards standardising these. GPIT, IM1 and full integration approaches are separate to the following 'self-declared compliance' approach, which uses a Supplier Conformance Assessment List (SCAL) and Connection Agreement (CA). We are currently transitioning the SCAL to the Digital Onboarding Service (DOS). 

The NHS England services and APIs that currently follow this onboarding approach include:

• Spine Mini Service Provider for Personal Demographics Service (SMSP-PDS), only available to existing users who will migrate to PDS FHIR before 1st Feb 2024  , new users must use PDS FHIR APIs.
• PDS FHIR APIs 
• Electronic Referrals Service APIs (e-RS)
• Electronic Prescription Service (EPS) Prescription Tracker API
• Electronic Prescription Service (EPS) HL7 and FHIR APIs
• GP Connect Products e.g Access Record: HTML & Structured, Appointment Management & Send Document.
• NHS login
• NHS App
• NHS App Notification & Messaging
• Summary Care Record 1-click (SCR 1-click) only available to existing users, new users must use National Care Record Service (NCRS) before 1st Oct 2023
• Care Identity Service 2 (CIS) - formerly NHS Identity
• National Event Management Services (NEMS) with PDS data 
• NEMS with Digital Child Health (NEMS-DCH)
• National Record Locator (NRL)
• Urgent & Emergency Care (UEC) Appointment Booking
• Ambulance Analytics API
• Message Exchange for Social Care and Health (MESH) API
• Child Protection Information Sharing (CP-IS)
• Booking and Referral Standard (BARS)
• National Care Record Service (NCRS) 
• Wayfinder (Hospital Appointment Information; Appointments; Documents & Questionnaires )
• Immunisation History - FHIR API 

The onboarding process is risk-based and:

• assesses the technical conformance of the connecting system with the integration standards and requirements of the service
• requires self-declared compliance with specified standards for data protection, clinical safety, information governance and security

The aim of the onboarding process is for all parties to work together to ensure the safe and secure transmission and/or sharing of data for healthcare purposes.

The parties involved in onboarding are:

• NHS England the owner of the National Service
• the connecting party an individual or organisation that develops, owns, and maintains the connecting system that connects to one or more national service or services - this is sometimes called a partner or supplier
• the end user organisation, the recipient or commissioning body wishing to use or commission a connecting system to access a national service or services - the end user organisation often represents individual end users for example, healthcare professionals or patients

Each party is responsible for their own information governance, data protection, information security, clinical risk management and incident management. The connection agreement explains the responsibilities, obligations and terms of use and is signed by the connecting party. The end user acceptable use policy explains the responsibilities, obligations, and terms of use for every end user organisation. 

Each national service also has a web page or portal, that contains the technical, functional, and non-functional standards and requirements that a connecting system must meet in order to integrate to the national service.

There is a Supplier Conformance Assessment List (SCAL), currently presented as a workbook. This is completed by the connecting party to create a record of the technical conformance of its connecting system with the technical requirements of the national service being integrated. It also contains declarations of organisational compliance with standards, regulations, and policies. 

We are in progress of transitioning all our SCAL's to the Digital Onboarding Service (DOS). Once a developer account has been set up, the connecting party must register their organisation, to which they may register multiple products, each product may onboard with multiple APIs within the one record. When an organisation, product and its associated APIs are added, the supplier will be presented with the appropriate question set for the APIs they are onboarding too and may commence completion of the assurance questions. Users can upload documents and evidence as directed by the question sets and the onboarding teams. The NHS England will review, request more information, and approve the question sets.