Healthcare systems across the UK are riding a wave of digital innovation, from virtual triage and remote monitoring to AI-driven documentation and decision support. The promise is clear: improved access, reduced administrative burden, and more proactive, data-driven care.
Yet digital transformation carries a paradox. Digital and AI tools enable quality care but do not guarantee safety. The true differentiator lies in how these tools are governed, embedded, and continuously managed. National clinical safety standards provide a foundation for safe digital deployment, but their strength depends on the people and processes that protect patients from harm.
A gap between policy and practice
Recent research across Primary Care Networks (PCNs) reveals a concerning gap between national intent and local implementation. Fewer than half of PCNs studied had a designated Clinical Safety Officer overseeing digital clinical risk. More than half of staff involved in digital deployment reported no formal training in digital clinical safety, and nearly a third had never encountered the national standard DCB0160 in their work.
In many settings, digital tools are introduced without structured risk assessments, hazard logs, or regular safety reviews using recognised techniques such as HAZID (Hazard Identification), FFA (Functional Failure Analysis), or SWIFT (Structured What If Technique). Frontline teams often see safety frameworks as overly technical checklists or compliance exercises detached from their daily workflow. Without strong local governance, gaps appear: complacency, inconsistent practice, and missed opportunities to learn.
The real safety risks seldom come from the digital tool itself but from human and process factors, misuse, misconfiguration, weak oversight, misaligned workflows, and misinformation.
From compliance to culture
If digital systems are only tools, how can they be used safely? How can national standards, local leadership, workforce capability, and organisational culture align so that every system supports safety rather than creating hidden risk?
Delivering digitally safe care means anchoring safety in people, process, and purpose. If national standards provide the structure, human systems form the foundation through which governance, leadership, and learning make safety real.
Governance and accountability
PCNs deploying digital systems need a clearly defined Clinical Safety Officer role within a multidisciplinary governance structure that brings together clinical, digital, data, and operational expertise. This broader perspective during reviews supports leadership teams to treat digital clinical safety with the same rigour as other areas of clinical governance.
Simplifying the national landscape
Professionals responsible for implementing digital technology face a complex mix of overlapping frameworks such as DCB0129, DCB0160, NICE evidence guidance, and the Digital Technology Assessment Criteria (DTAC). Simplifying and aligning these frameworks through consistent language, shared templates, and streamlined processes would reduce duplication and confusion.
Standardised templates for hazard logs and safety cases for commonly used digital technologies could lower administrative burden while improving consistency and transparency across the system.
Building capability across the workforce
Digital safety training must be universal and practical. Everyone who interacts with digital systems should understand the specific risks and mitigations relevant to their role. Training should be role-specific, scenario-based, and regularly refreshed.
Workshops, peer reviews, and hazard identification exercises can turn abstract standards into practical habits and help create a shared understanding of what safe digital practice looks like. This builds both confidence and competence across teams.
Creating a culture of continuous learning
Safe systems depend on continuous feedback and adaptation. Healthcare providers should maintain regular cycles of hazard reporting, incident review, and shared learning. Findings should be shared across networks and fed into national systems such as the Learn from Patient Safety Events (LFPSE) service.
Staff should feel safe and encouraged to speak up when workflows or systems do not function as intended. Safety conversations should be routine and should focus not only on when things go wrong but also on identifying what good looks like and how it can be repeated.
Designing with people in mind
Digital systems must be designed around human factors and co-production. Safety depends on how people, tools, and organisations interact. Applying human factors principles ensures that systems support safe practice and fit naturally into real workflows. Co-design with clinicians, operational staff, and patients helps reduce unintended risks and ensures usability.
Evidence that it works
This approach is not theoretical. DCB0160 is a legal requirement under the Health and Social Care Act 2012, mandating that all healthcare providers manage clinical risk when deploying digital health technologies. Research across PCNs shows that where multidisciplinary safety governance is established, digital incidents are identified and managed more effectively.
Internationally, the World Health Organization’s Global Digital Health Strategy reinforces the same principle, identifying workforce competence, safety, interoperability, and ethics as inseparable foundations of digital transformation.
Embedding safety in every decision
The challenge ahead is not to invent new tools but to embed safety into every decision, deployment, and workflow. Digital transformation holds enormous potential, but without strong human systems it risks creating fragile processes and unseen hazards.
Digital should multiply capacity, not compromise care. When governance, frameworks, and competence align, digital health can deliver what it promises: smarter, safer, and more human-centred care.
In the end, safety will never come from an algorithm alone. It will come from the people and processes that surround it.
