Clinical safety assurance for the safe, compliant use of digital health technologies in real care settings.
DCB0160 has been an NHS requirement for safe deployment of digital technologies for over a decade. While enforcement has historically been limited, regulatory expectations are now tightening. Organisations typically seek DCB0160 support for:
Fast and confident DCB0160 compliance for the safe implementation of a single digital health technology.
For a single technology, we will deliver:
Our team includes clinicians with frontline experience, so we design processes and controls that work in real practice settings.
We make sure your digital health technologies are understood, documented, and defensible, so you’re prepared for inspection.
We care about the future of digital health, and bring energy and creativity to solving problems, not slowing you down.
We co-author peer-reviewed research assessing NHS digital health technologies
We right-size compliance: pragmatic, proportionate, and defensible - prioritising real risk over paperwork and performative controls.
We work at scale across PCNs and networks, reducing cost per practice
Everything you need to know about your obligations and next steps, in 20 minutes
A Clinical Safety Officer (CSO) is a suitably qualified and experienced clinician, registered with a professional body (e.g. GMC, NMC, HCPC), who is responsible for overseeing clinical risk management for digital health technologies. They must have completed recognised training, have the expertise to assess and manage clinical risk in practice, and have authority within the organisation to ensure DCB0129 processes are implemented and maintained.
Yes. Much like a Data Protection Officer (DPO), your organisation must have a named Clinical Safety Officer (CSO) responsible for overseeing clinical safety activities. This is required to meet NHS clinical safety standards under Section 250 of the Health and Social Care Act 2012. The role can be shared across organisations or provided externally.
Any digital system used in publicly funded health or adult social care that could influence patient care in real time or near real time falls within scope. This includes clinical systems, patient-facing tools, administrative systems, and supporting technologies where failure or misuse could impact care delivery.
You can use our free CQC Readiness tool at assess.curistica.com to view example digital health categories and products to help build your DHT registry.
Yes. In England, DCB0160 is required under the Health and Social Care Act 2012 and the NHS Standard Contract. Enforcement has historically been inconsistent, but scrutiny is increasing, particularly through CQC inspections, and following DCB0160 is considered best practice across the UK.
Yes. DCB0160 is a local responsibility and reflects how your organisation uses the technology in its specific context. This cannot be completed centrally, as risks depend on local workflows, systems, and patient populations. Centrally shared clinical safety materials, however, can help each local organisation meet their own requirements more efficiently and consistently.
Suppliers are expected to provide materials from their DCB0129 safety case (e.g. hazard log and Clinical Safety Case Report as a minimum) so providers can complete their DCB0160 obligations. Without this, it is difficult to demonstrate safe and compliant use of the technology. If it cannot be provided, you should carefully consider the risks of proceeding and whether the technology meets your governance requirements.
Yes. DCB0160 applies regardless of device classification and focuses on how the technology is used within your organisation.
There is currently no single enforcement body. However, compliance is increasingly reviewed during procurement, audits, and CQC inspections, and expectations across the NHS are tightening.
© Curistica Ltd. All Rights Reserved.
