Clinical Risk Management
WELCOME TO THE INNOVATION HUT
Clinical Risk Management
Expert guidance for NHS DCB0129 and DCB0160 for safe, compliant digital health solutions.
NHS DCB0129?
DCB0129 sets NHS Digital’s requirements for patient safety. It requires Healthcare IT manufacturers to conduct a formal risk assessment to prove a product is safe for live clinical use. This assessment verifies the product’s suitability for deployment in live healthcare environments. As outlined on NHS Digital’s official documentation, compliance with DCB 0129 is obligatory under the Health and Social Care Act 2012.
NHS DCB0160
DCB0160 governs how NHS organisations implement and use health IT safely, requiring clinical risk assessments for deployed systems. This standard mandates that healthcare providers conduct clinical risk assessments on any digital system they deploy, ensuring it is used safely within a live care environment. As detailed in NHS Digital’s official guidance, compliance with DCB 0160 is a statutory requirement under the Health and Social Care Act 2012, making it an essential part of governance for all NHS organisations adopting digital technologies.
Clinical Risk Management
We support organisations in meeting the NHS’s DCB0129 and DCB0160 clinical safety standards — ensuring that digital health solutions are safe, compliant, and patient-centred. Our team helps develop safety cases, hazard logs, and governance processes that integrate seamlessly into digital transformation programmes, ensuring innovation in healthcare is both effective and safe.
DCB0129 & 0160 Requirements
If you are the manufacturer of a digital health product and wish to provide your product/platform to the NHS or you are a Healthcare organisation that wishes to implement one of these products or systems, then you need to be able to comply with the following. We advise that you consider this requirement as part of the initial design & development phase of your project:
Provide a Clinical Safety Officer (CSO)
You will need to appoint a Clinical Safety Officer who will be responsible for your clinical risk management requirements and will also be required to sign off specific documentation in line with DCB 0129. Your CSO will need to be a clinician, with a current registration with a recognised professional body, and have undergone training in Clinical Risk Management.
Define a Clinical Risk Management Process
Clinical risk management must be systematic, documented, and repeatable to meet NHS standards. The DCB 0129 standard has a structured approach to Clinical Risk Management, with specific deliverables stored in your Clinical Risk Management File. Within this file you need to show how your organisation is going to meet the requirements of the DCB 0129 standard. This process is documented in one of the required deliverables, the Clinical Risk Management Plan.
Undertake a Risk Assessment
The risk assessment reviews various aspects of the product/platform such as functionality and architecture and considers what harm could be done to a patient if something goes wrong. The CSO may facilitate clinical risk management workshops, which are generally multidisciplinary in nature, to help create the Hazard Log, the document where the risks assessment is recorded. This is also stored, as one of the DCB 0129 deliverables, in your Clinical Risk Management File.
Develop a Clinical Safety Case Report
One of the other requirements of the DCB 0129 is for the manufacturer to provide the Clinical Safety Case Report, a document that provides the justification that the product/platform, in a defined environment, is acceptably safe for the patient. This is signed off by your Clinical Safety Officer and stored in your Clinical Risk Management File.
Ongoing Maintenance of the Clinical safety Case Report (CSCR)
Once the Clinical Risk Management Plan has been developed, the Hazard Log populated and the Clinical Safety Case Report produced, and the platform/product is live, the Clinical Risk Assessment activities need to be maintained and and documentation updated in your Clinical Risk Management File. That is, new risks may become apparent with the addition of new functionality, reporting of bugs (if software), complaints from end-users and potentially clinical safety incidents. This is all overseen by your Clinical Safety Officer.
Our CRM Services
We can assist you in complying with these statutory requirements
Independent Clinical Safety Officers (CSO)
We provide Independent Clinical Safety Officers (fractional CSO) to lead your NHS compliance efforts. Contact us to discuss options."
Develop Your Statutory Documentation
We can work with you to develop your statutory Clinical Risk Management File
Provide Clinical Safety Training Workshops
Support your team to embed clinical safety risk management into your design process