Every year, NHS organisations deploy, configure, and operate health IT systems that carry real risk of harm to patients. Electronic prescribing. Clinical decision support. Diagnostic software. These are complex, safety-critical systems — and their governance belongs at board level.
When things go wrong — and they do — the question asked is not whether the IT team knew. It is whether the organisation had adequate governance, leadership, and resource in place to manage the risk. That accountability sits with top management.
HSSIB's investigation into ePMA systems found wide variation in how NHS trusts implement legally mandated safety standards, under-resourced Clinical Safety Officers, and a systemic gap between digital safety and patient safety teams. This is not a technical failure. It is a governance failure.
DCB 0129 and DCB 0160 are not guidelines. They are legally mandated standards. Your organisation's compliance is your responsibility as a board.
The standards require that top management actively engages with clinical risk management — not as a sign-off exercise, but as a genuine governance function. That means resource, authority, and visible leadership.
Digital clinical safety is not an informatics concern. It is a patient safety concern.
DCB 0129 and DCB 0160 place explicit obligations on your organisation. Tick each item as you review your position.
Compliance with DCB 0129 and DCB 0160 is necessary — but not sufficient. Genuine safety culture is what closes the gap between ticking boxes and protecting patients.
Staff must feel safe raising concerns about digital systems without fear of blame. Silence is not safety.
Digital safety cannot sit in a silo. Clinical, informatics, and patient safety teams must work together.
Board-level engagement signals that digital clinical safety is a priority — not an afterthought.
Near misses and incidents are intelligence. Build systems for learning, not for finding fault.
Safety must be embedded from procurement through to decommissioning — not bolted on after deployment.
Some organisations want independent eyes on their position before committing to a programme of work. ORTHON offers a digital clinical safety readiness review — assessed by practitioners who have operated at national level within these standards, not a generic compliance team. Get in touch →
Free digital clinical safety e-learning for all NHS staff. Access directly via your NHS email account at the NHSE e-LfH Hub.
For those with a clinical safety role, ORTHON's CPD-certified courses provide structured, expert-led development.
Some organisations will want more than training. They want to know whether their clinical safety governance is genuinely robust — not just whether the documents exist, but whether they hold up.
For organisations that want independent assurance on where they stand, ORTHON offers a structured readiness review across your clinical risk management system, documentation, processes, and governance — assessed against DCB 0129, DCB 0160, and what demonstrably good practice looks like in the field.
This isn't a generic audit by a compliance team working from a checklist. The people doing this work are the same people who have operated inside these standards at national level, trained practitioners across the NHS, and understand the difference between a safety case that looks right and one that actually is.
The result is a clear, honest picture of your organisation's safety readiness — where the gaps are, what the risks are, and what needs to change.
Interested in independent assurance on your clinical safety maturity? Let's talk.
Enquire now