Mid and South Essex ICB has advised its GP practices to appoint a clinical safety officer (CSO) before using any medical transcription tools.
A letter issued earlier this month by NHS England further developed its guidance on the use of ambient voice technology (AVT) – the technical term for transcribing tools used during consultations – and stated that ‘all NHS organisations must ensure that any AVT solutions being used meets the specified NHS standards’.
In an email to practices, Mid and South Essex ICB’s information governance team laid out its interpretation of new NHS England guidance. It stated that while its advice did not amount to a ‘do not use’ order, failure to adhere to the NHS England guidance ‘does mean that the responsibility and liability for any risks, including clinical safety issues or data breaches, will sit entirely’ with the practice.
However, in October 2024, NHS England said it was ICBs that needed to identify digital CSOs to support general practice in implementing digital tools safely.
In April 2024, clinical lead for digital transformation in primary care at Cheshire and Merseyside ICB, Dr Tom Micklewright, called for PCNs to have access to clinical safety teams and data protection officers who are typically at the hospital trust level in order to avoid risk.
But the email seen by our sister title Pulse said that before using AVT, practices would need to appoint a CSO, who would need to be a trained clinician who understands the risks of introducing tech into clinical care, and that they will need at least two days’ training.
The NHS England letter said that the adoption of AVT ‘is to be encouraged to improve both the quality of patient care and operational efficiency’.
It said that providers should only use AVT that are compliant with its standards, and that ‘liability for using a non-compliant solutions sits with the deploying organisation (eg, general practice or trust) or individual user’.
The letter also said it was the responsibility of ‘NHS organisations’ to determine whether the specific AVT is compliant. These standards include compliance with data protection regulations, that the technology supplier has a clinical safety officer and that there is ‘appropriate NHS clinical system integration’ (see box below for full list of requirements).
The Mid and South Essex ICB information governance team sent an email stating: ‘If your practice wants to use an AVT solution, you are responsible for carrying out a local clinical safety assessment, which includes… appointing a CSO— a trained clinician who understands the risks of introducing tech into clinical care.’
It later added: ‘The CSO must be a registered clinician who has completed NHS-approved Clinical Risk Management (CRM) training… The training is typically delivered over one or two days by accredited providers and must be completed before a clinician can take on the CSO role.’
NHS requirements in full
- Core platform assurance requirements Digital Technology Assessment Criteria (DTAC), Data Security and Protection Toolkit (DSPT,) Cyber Essentials Plus, CREST-approved pen testing
- Data Protection Requirements as set by ICO – Local ICB / Trust governance approval including DPIA completion
- Clinical Safety Officer(s) named and accountable
- End-to-end encryption and GDPR compliance
- No unsafe functionality e.g. prompt injection access
- Appropriate NHS clinical system integration (API or FHIR/HL7 compliance and write-back capability).
- The responsibility for translation accuracy remains with the AVT supplier.
- Enhanced Requirements Medical Device Classification – All AVT solutions that undertake summarisation require, at least, MHRA Class 1 medical device status. Companies must NOT extend system capabilities to produce generative diagnoses, management plans, or other medical referrals and calculations without seeking at least MHRA Class 2a approval.
- Data Protection – Safeguarding Patient Information is paramount. Patient data from clinical sessions (e.g. immediate inference) should be automatically deleted unless legally or operationally required, in line with UK GDPR and DPA 2018 principles on data minimisation and storage limitation. Further guidance on this will be published shortly.
- System integration – Ensure appropriate integration with your IT infrastructure, systems and workflows. For example, in most general practice and hospital settings, AVT solutions will require integration with the principal electronic record system. This will enable automated workflow (e.g. diagnostic test requesting or prescribing presented within the system being used, for clinician validation and submission).
- Clinical and Operational Benefits Thresholds Evidence of real-world clinical validation of benefits in the NHS care setting proposed (e.g. enhancing clinical efficiency and workflow, reducing administrative burden; improving patient care by increasing face to face time with patients; improving accuracy of documentation;
- improving data quality and capture of structured data recorded in electronic patient record systems)
- Clear economic justification and workforce impact.
Source: NHS England letter to providers and ICBs, seen by our sister title Pulse
A version of this story was first published on our sister title Pulse.
