Onboarding Overview of the Digital Services for Integrated Care (DSIC) Non-Overarching Standards and Requirements
ID | R9 |
|---|---|
Version | 2.0.1 |
Type | Reference |
Introduction
Suppliers must get their software onboarded before it can go live. The onboarding process can sometimes be quite long, so it's worth planning well ahead.
The integrations relating to the Non-Overarching Standards each have specific onboarding processes.
This page provides an overview of the onboarding for the various Digital Services for Integrated Care (DSIC) Non-Overarching Standards. The guidance assumes that suppliers are within the DSIC onboarding process and have been allocated a supplier manager. If you have not entered the DSIC onboarding process or have not been allocated a supplier manager, then please reach out to your key point of contact who should be able to assist.
This page does not describe the complete onboarding journey for DSIC Contracting Vehicles, that will be detailed elsewhere.
Onboarding / Assurance Processes
Supplier Conformance Assessment List (SCAL)
Supplier Conformance Assessment List (SCAL) is the checklist and record of both organisational and technical/product compliance. It is used by onboarding teams to capture declarations from connecting parties (CP) on adherence to healthcare system development standards, statements on risk management practices, and evidence of functional and non-functional assurance e.g, test reports. There are currently 2 forms of SCAL in use:
SCAL - Digital Onboarding Service
SCAL - Excel Worksheets
The SCAL can be broken down into two main sections:
Baseline assurance, a set of assurance questions asked for all integrations, that have been defined as appropriate for all services/APIs. The baseline questions can be broken down further into
Questions that only need to be asked on the first occasion of onboarding (e.g. what is your Organisation Data Service (ODS) code).
Questions that need to be asked on every occasion of onboarding (e.g. has appropriate penetration testing been undertaken for this integration).
Service/API specific assurance; assurance set by the specific service/API team SMEs, including questions to support the specific service requirements. These questions may require the partner to provide evidence to support their response and may, where applicable, require witness testing. The SCAL allows additional risk controls to be cross-referenced or indexed e.g. additional clinical testing or Deployment Verification Period (DVP).
Tailored Assurance
A Tailored Assurance approach will be taken when the SCAL is not considered to be the most effective or efficient method for onboarding a service provider to a service or API. It defines the assurance approach with a focus on the activities to assure technical and clinical risks associated to integrating with that service or API. It is often further underpinned by the assurance executed as part of the Overarching Standards work.
Interoperability Toolkit (ITK)
The Interoperability Toolkit (ITK) conformance process is designed to be straightforward, focusing on demonstrating conformance to relevant technical specifications and standards.
Further information on ITK is available at the following URL: 
Interoperability Toolkit - NHS England Digital
External Assurance
Assurance of these Interoperability Requirements are managed and executed outside of NHS England e.g. MHRA Yellow Card Reporting.
Not Directly Onboarded
These interoperability requirements have no direct onboarding / assurance approach.
Assurance Approaches / Toolkit
Each of the Non-Overarching Standards below will have a defined assurance approach or toolkit for achieving compliance with each specification. As these are used beyond Digital Services for Integrated Care (DSIC) then they cannot be held centrally, therefore the Digital Services for Integrated Care (DSIC) Supplier is advised to speak to the nominated point of contact listed for each standard to ensure that they have been sent the latest version of the approach or toolkit.
Non-Overarching Standards
111
NHS 111 is a free 24/7/365 call centre service for Patients with urgent medical concerns. The service is provisioned on a regional basis and run by several different organisations nationally.
111 call handling services use specific software systems that are outside the scope of the Digital Services for Integrated Care (DSIC).
A call to 111 may result in an ambulance call out, or a referral to one of several care settings:
a local emergency department
an Out of Hours (OOH) service
the Patient's registered GP
For GP Solutions, patient encounters with 111 will result in a 111 report message (Post Event Message) being sent to the Patient's GP Practice. If the patient is referred back to their GP then the referral will additionally trigger a 111 referral message (also known as a Transfer of Care) to the GP Practice.
For Community Pharmacy Solutions, patient encounters with 111 leading to pharmacy referral will result in the trigger of a 111 referral message (also known as a Transfer of Care) to the Community Pharmacy Solution.
111 PEM messaging is assured via tailored assurance incorporating Interoperability Toolkit (ITK3) and end to end clinical assurance. An adapter has been developed and assured by NHS England, using the adaptor means that the Supplier does not need to undertake ITK3 assurance*
A Digital Services for Integrated Care (DSIC) Service Provider who chooses not to use the adapter must undertake ITK3 accreditation themselves.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on integrating with 111 PEM can be found at the following URL: NHS 111 API standard - NHS England Digital
*Further ITK (ITK2) and local assurance may be required where older standards have been defined and are being used at a local level. Suppliers will need to speak to their customers to understand the requirements.
NHS CIS2 Authentication
Use this integration to access Care Identity Service (CIS) - the national service for verifying the identity of healthcare workers in England, such as NHS staff, when they access national clinical information systems. You can also get basic profile information about these end users.
You can authenticate the healthcare workers using a range of authenticators, including:
smartcards
Windows Hello
passkeys
security keys, including YubiKeys
iPads
Microsoft Authenticator
http://NHS.net Connect
Digital Services for Integrated Care (DSIC) Providers will be onboarded via the Digital Onboarding Service.
Key programme and assurance contact is via iamplatforms@nhs.net
Further information on integrating and onboarding can be found at 
CIS2 Authentication - NHS England Digital
Booking and Referral Standard (BaRS)
The Booking and Referral Standard (BaRS) is a Non-Overarching Standard that enables digital Patient journeys or operational processes for Patients, healthcare workers and carers. It allows relevant information to be shared quickly, safely and in a format that is useful. It will eventually be available in all care settings.
Digital Services for Integrated Care (DSIC) Providers will be onboarded via the Digital Onboarding Service.
Key programme and assurance contact is via Bookingandreferralstandard@nhs.net
Further information on integrating and onboarding can be found at BaRS FHIR API onboarding support information - NHS England Digital
Clinical Document Architecture (CDA)
CDA is an XML-based HL7 standard for exchange of clinical information.
The only mandated use of CDA in general practice IT is receipt of 111 CDA referrals and reports. However many localities have implemented solutions to ingest external documents in various formats including CDA. For this reason Suppliers may consider implementing CDA handling functionality for other use cases and payloads.
CDA is assured alongside 111 PEM (including ITK).
Any assurance activities are carried out alongside 111 so engagement for CDA will be made at the same time as engagement for 111.
Further information on integrating with CDA can be found at the following URL: NHS 111 API standard - NHS England Digital
Digital Diagnostics and Pathology Messaging
Digital Diagnostics and Pathology Messaging supports the electronic transmission of results of pathology tests to GP Solutions in response to a test request placed with laboratories
Pathology messages are sent and received via MESH.
NHS England have also developed and assured an adapter to support Pathology messaging.
Digital Services for Integrated Care (DSIC) Suppliers may use the adapter or alternatively develop their own (which will require additional assurance).
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on integrating with the Pathology Edifact API can be found at the following URL: Pathology Messaging - EDIFACT - NHS England Digital
Digital Medicines and Pharmacy FHIR Payload
The Digital Medicines initiative aims to positively transform the way that Patients manage their medicines, promote new models of care as well as improve the medicines supply chain and the provision of medicines data.
Digital Medicines messages are sent and received via MESH.
Digital Medicines can be split into 2 distinct categories, each assured by different teams:
Emergency Supply of Medications
Sender
Receiver
Vaccination Administration
For Emergency Supply of Medications Sender (Pharmacy) or Receiver (GP), Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via Tailored Assurance Approaches including Technical (ITK3) and Clinical assurance. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on integrating with Emergency Supply of Medications can be found at the following URL: GP Connect - Emergency Supply of Medications (ITK3)
For Vaccination Administration, Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage with the various teams who support integration with this Non-Overarching Standard, at this point assurance lead(s) will be allocated.
Directory of Services (DoS) - Urgent and Emergency Care
The urgent and emergency care Directory of Services (DoS) is a database of NHS services in England. It works with NHS Pathways, the decision support system behind 111 and some 999 providers, to provide real-time information for Patients about the right place to go.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on the DoS Urgent and Emergency Care REST API can be found at the following URL: Directory of Services - Urgent and Emergency Care - REST API - NHS England Digital
e-Referral Service (eRS) FHIR API - Primary Care Referrer
The e-RS is a digital platform that provides an easy way for referrers and service providers to manage their Patients’ journeys. Users can:
create referrals for Patients
book appointments or select services for triage
change or cancel appointments
have advice conversations with other users
add to and select from the Directory of Services (DOS)
download and create reports and extracts
It's designed to help professionals make more informed choices and manage referrals end-to-end.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a SCAL (Excel).
Assurance key contact for the eRS programme is via the mailbox ersapi.assurance@nhs.net
Further information on integrating and onboarding with the eRS FHIR API can be found at the following URL: e-Referral Service - FHIR API - NHS England Digital
Electronic Prescription Service (EPS) - Prescribing
Digital Services for Integrated Care (DSIC) Suppliers can access the Electronic Prescription Service (EPS) - the national service used to allow prescribers (like those using GP Solutions) to send Prescriptions electronically to a dispenser (such as a Pharmacy) of the Patient's choice. Health or Care Professionals can prepare a prescription for signing, create a prescription or cancel a prescription.
EPS Subsequent Cancellation Response messages are received via MESH.
All integrations with the EPS FHIR API will be onboarded via a SCAL (Excel).
Assurance key contact for EPS will be allocated and engaged via the programme onboarding team epsonboarding@nhs.net
More information on integrating with the EPS FHIR API can be found at the following URL: https://digital.nhs.uk/developer/api-catalogue/electronic-prescription-service-fhir
Digital Signature Service API (DSS)
EPS utilises the Digital Signature Service API (DSS)
The DSS has been developed to take away the complexity of Suppliers having to develop their own signing solution, it also allows changes to be managed centrally e.g. hashing algorithms. The first use case for the DSS is with the EPS FHIR API.
Assurance key contact for DSS will be allocated and engaged via the EPS programme onboarding team epsonboarding@nhs.net
More information on integrating with the DSS can be found at the following URL:
Digital Signature Service API - NHS England Digital
Electronic Yellow Card Reporting
The Medicines and Healthcare products Regulatory Agency (MHRA) collects reports of suspected adverse drug reactions (ADRs) via the Yellow Card Scheme. These provide a source of information on potential drug safety issues allowing the agency to take regulatory action to protect public health. Healthcare professionals report ADRs either by completing a paper form or a form on an external website/App.
Electronic Yellow Card Reporting is onboarded via an external organisation (MHRA).
Assurance key contact for Digital Services for Integrated Care (DSIC) is via the MHRA mailbox pharmacovigilance@mhra.gov.uk
There are two ways to meet the secure email standard. Organisations must select one of these methods to comply.
Implement an already compliant service such as NHSmail, Office 365 or Google Workspace for all staff at your organisation.
Demonstrate your own service is compliant with the secure email standard by following the secure email accreditation process.
Further information on The Secure email Standard can be found at the following URL: The secure email standard - NHS England Digital
eMED3 (Fit Notes)
The Statement of Fitness for Work (known as a Med 3 form or ‘fit note’) is used throughout Great Britain. Fit notes are issued by doctors, usually GPs, for Statutory Sick Pay or Social Security purposes. As a part of a medical consultation, a GP may assess a Patient’s medical condition to determine their fitness for work. The fit note provides return to work advice for the Patient and their employer and can also be used to support a claim to health-related benefits.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a SCAL (Excel).
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
External Interface Specification
Integration utilising the External Interface Specification is now deprecated.
General Practice Appointments Data Reporting (GPAD)
General Practice Appointments Data Reporting (GPAD) supports the collection and submission by Suppliers to the NHS of Appointment data to support capacity planning and management.
GPAD files are sent to NHS via the Secure Electronic File Transfer (SEFT) service.
GPAD is assured via tailored assurance incorporating a number of deliverables including Traceability Matrix, Risk Log and extract assurance.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Generic FHIR Receiver
The Generic FHIR Receiver is a component which will receive messages into GP Practice Solutions which are:
Delivered using MESH
Structured using FHIR STU3 messages.
Which meet the ITK3 specification.
The Generic FHIR Receiver will obtain messages from the MESH Client or API depending on the Workflow ID within the MESH message header.
Various types of messages are received into GP Practices via MESH; some other component (referred to in the documentation as a Message Distributor) will usually handle all the incoming messages for the Practice MESH "mailbox", and distribute them to the appropriate handler for processing according to a workflow identifier and/or other metadata in the MESH header. The Generic FHIR Receiver will, therefore, receive its messages from this Message Distributor.
In summary, the responsibilities of the Generic FHIR Receiver are:
Receive incoming ITK3 FHIR messages.
Verify the message is a well-formed XML.
Verify the message is a valid FHIR message conforming to the ITK3 specification.
Match the message subject to a known Patient.
Send Infrastructure and Business Acknowledgement messages (which are also FHIR messages which conform to the ITK3 specification) where these have been requested.
Raise workflow tasks as appropriate using the data in the payload.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
GP2GP (including GP2GP Sending Adaptor/GP2GP Requesting Adaptor)
Digital Services for Integrated Care (DSIC) Suppliers can use GP2GP to transfer Patients' electronic health records between old and new practices when they change GPs.
NHS England have also developed and assured adaptors to support GP2GP.
Digital Services for Integrated Care (DSIC) Suppliers may use the adaptors or alternatively develop their own (which will require additional assurance).
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
GP Connect (Patient Facing) Access Record
Use this API to access structured and coded information from a Patient's GP Practice record to consume in a Patient facing service. The API accesses GP Core Clinical Solution and provides a consistent interface and data model.
You can retrieve Patient record data for the following:
medications
allergies
immunisations
consultations
problems
investigations
reviewed attachments/documents
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect (Patient Facing) Access Record can be found at the following URL: GP Connect (Patient Facing) Access Record - FHIR API - NHS England Digital
GP Connect (Patient Facing) Prescriptions
Use this API to manage a Patient's prescriptions as held by their GP Practice.
You can:
request a new instance of a repeat prescription
view all of a Patients medications, whether acute or repeat, past or present
cancel a repeat prescription request
check the status of a current prescription request
request a new instance of a repeat prescription to a one off nomination pharmacy
The end user must be a Patient who is:
registered with the GP Practice
registered with NHS login to P9 identity verification level
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect (Patient Facing) Access Record can be found at the following URL: GP Connect (Patient Facing) Prescriptions - FHIR API - NHS England Digital
GP Connect (Patient Facing) User Permissions
Use this API to list and manage the permissions a Patient has to their medical record and a selection of services provided at their GP Practice.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect (Patient Facing) Access Record can be found at the following URL: GP Connect (Patient Facing) User Permissions API - NHS England Digital
GP Connect Access Record HTML - Provider
GP Connect is a national service that's integrated with all major GP Solutions. It routes requests to the appropriate GP Solution, based on the Patient's registered GP.
Use this API to view a Patient's registered GP Practice record, with read-only access.
You can:
view a Patient’s primary care record by requesting sections or headings
define a date range to filter larger sections
incorporate these views directly into Electronic Patient Record systems
For example:
GP Practices can view all of the Patient’s primary care records even when they are held on a different GP Solution
care settings such as NHS111, ambulance and emergency care, primary care networks (PCNs), secondary care, pharmacy, care homes, community and dentistry can view the records held by the Patient’s GP Practice to better inform any care decisions they make for a Patient
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect Access Record HTML can be found at the following URL: GP Connect Access Record: HTML - FHIR API - NHS England Digital
GP Connect Access Record Structured - Provider/Consumer
GP Connect is a national service that's integrated with all major GP Solutions. It routes requests to the appropriate GP Solution, based on the Patient's registered GP.
Use this API to access structured information from a Patient's registered GP Practice record. Structured information is Patient data in a coded format that a consuming system can import and process.
The API accesses GP Core Clinical Solutions, provides a consistent interface and data model, and is brokered through Spine.
For GP Connect Access Record Structured - Provider requirements, Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
For GP Connect Access Record Structured - Consumer requirements, Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a SCAL (Excel).
Assurance key contact for the GP Connect programme is via the mailbox england.gpconnect.operations@nhs.net
Further information on GP Connect Access Record Stuctured can be found at the following URL: 
GP Connect Access Record: Structured - FHIR API - NHS England Digital
GP Connect Appointment Management - Provider
GP Connect is a national service that's integrated with all major GP Solutions. It routes requests to the appropriate GP Solution, based on the Patient's registered GP.
Use this API to enable administrative and clinical end users to book and manage Patient appointments held in any of the principal GP Practice systems.
You can:
retrieve a Patient’s appointments
search for free slots
read an appointment
book an appointment
amend an appointment
cancel an appointment
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect Appointment Management can be found at the following URL: https://digital.nhs.uk/developer/api-catalogue/gp-connect-appointment-management-fhir
GP Connect Send Document - Receiver
GP Connect is a national service that's integrated with all major GP Solutions. It routes requests to the appropriate GP Solution, based on the Patient's registered GP.
Use this integration to send a PDF consultation summary to a registered GP Practice - using GP Connect Messaging.
For example, use it to send a document containing a Patient's consultation notes to their GP Practice when a Patient is seen:
at another GP Practice than their own
by an out of hours service
by a district nurse at home
Each message sent using this integration uses the GP Connect Messaging components, MESH, and ITK3 to deliver the message.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on GP Connect Send Document can be found at the following URL: GP Connect: Send Document - FHIR - NHS England Digital
GP Connect Update Record - Sender/Receiver
GP Connect is a national service that's integrated with all major GP Solutions. It routes requests to the appropriate GP Solution, based on the Patient's registered GP.
Use this integration to update a Patient's GP record from a Community Pharmacy with structured data.
Each message sent using this integration uses the GP Connect Messaging components, MESH, and ITK3 to deliver the message.
For GP Connect Update Record - Receiver requirements, Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
For GP Connect Update Record - Sender requirements, Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a SCAL (Excel).
Assurance key contact for the GP Connect programme is via the mailbox england.gpconnect.operations@nhs.net
Further information on GP Connect Update Record can be found at the following URL: GP Connect: Update Record - NHS England Digital
GP Data for Planning and Research
This Non-Overarching Standard has now been retired.
General Practice Extraction Service (GPES)
The General Practice Extraction Service (GPES) collects information for a wide range of purposes, including provision of direct care, GP payments and planning & research purposes. It works with the Calculating Quality Reporting Service (CQRS) and GP clinical Solutions as part of the GP Collections service.
GPES messages are sent and received via MESH and GPDC.
Digital Services for Integrated Care (DSIC) Suppliers will be assured against each extract as described in the Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Assurance key contact for Digital Services for Integrated Care (DSIC) is via the GPES team mailbox england.gpses@nhs.net
Note: Although GPDC requirements fall under GPES, there is a separate tailored assurance process. Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Interface Mechanism (IM1)
IM1 is a mechanism for accessing data held in GP Systems (Systems providing one or more Foundation Capabilities).
A system or application is required to provide IM1 interfaces if it offered IM1 interfaces under GP IT Futures and/or if implementing an IM1 interface is mandated within the Capabilities and Standards.
A system or application may wish to consume IM1 interfaces where they have a requirement to access data held in GP Systems and the Provider Solution does not offer a GP Connect interface.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Assurance key contact for Digital Services for Integrated Care (DSIC) is via the IM1 teams mailbox england.im1.team@nhs.net
Interoperability Toolkit (ITK)
ITK2
These API standards cover a set of messaging specifications known as the Interoperability Toolkit (ITK). Primarily consisting of ITK Release 2 (ITK2), they also include earlier versions.
They're used, for example, for sending messages about the admission, discharge and transfer (ADT) of a Patient.
They are based on HL7 V2 and HL7 V3 standards. For example, ITK2.2 includes specific messaging domains based on HL7 V2, and also a number of message domains based on HL7 V3 - most notably the CDA messaging specifications which are used by NHS 111 domain messaging.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on ITK2 can be found at the following URL: Interoperability Toolkit 2 Messaging API standards - NHS England Digital
ITK3
These API standards cover a set of generic FHIR messaging components we developed using FHIR STU3 running over MESH to create a unified approach to NHS message and document flows across England.
Payloads are not specified as these components can carry any payload.
These components, along with the FHIR Message and FHIR Document Specifications, make up the Interoperability Toolkit 3 (ITK3) solution which is accompanied by an ITK3 Test Harness.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on ITK3 can be found at the following URL: Interoperability Toolkit 3 Messaging Distribution FHIR API standards - NHS England Digital
Message Exchange for Social Care and Health (MESH)
The Message Exchange for Social Care and Health (MESH) is a centralised message transfer service provided by The Authority using the Spine Services Core infrastructure.
The service supports the secure transfer of both clinical and business data flows between NHS Organisations and affiliated organisations.
There are 3 options for Suppliers when implementing MESH, these are:
MESH UI - Ideal for the transfer of small files. This is pre-assured so there is no further assurance required.
MESH Client - Ideal for the transfer of large files. This is pre-assured so there is no further assurance required
MESH API - Ideal for the transfer of large files. This is an option for those service providers who have the technical skills to integrate MESH into their systems, suppliers will be onboarded via the Digital Onboarding Service.
Assurance key contact for MESH API will be allocated and engaged once a Supplier registers for MESH via the Digital Onboarding Service.
Further information on MESH API is available at the following URL: Message Exchange for Social Care and Health (MESH) API - NHS England Digital
Note: This is a key pre-requisite to many other Non-Overarching Standards so should be prioritised.
Multicast Notification Service (MNS)
Use this API to publish or and subscribe to healthcare-related events. This API is currently only live with Patient-related event. However, it is intended as a robust service that could support many types of future event e.g. changes related to healthcare organisations or staff.
The events do not contain clinical information; they simply describe what type of event occurred to whom/what and where. A pointer is provided for retrieval of the data that the event refers to.
This API is for systems that need to share healthcare information with other systems that need to stay up to date with changes to that information.
You can:
Publish events.
Subscribe to events based on event type and optional corresponding criteria filter.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Assurance key contact for MNS will be allocated and engaged once a Supplier registers for MNS via the Digital Onboarding Service.
Further information on MNS is available at the following URL: Multicast Notification Service API - NHS England Digital
National Care Record Service (NCRS)
The National Care Records Service (NCRS) provides a quick, secure way for health and care workers to access national Patient information to improve clinical decision making and healthcare outcomes.
The service provides a summary of Health and Care information for care settings where the full Patient Record is not required to support direct care for Patients.
Compliance with NCRS will be onboarded via a SCAL (Excel).
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on NCRS is available at the following URL: National Care Records Service integration - NHS England Digital
National Data Opt-Out (NDOP)
Digital Services for Integrated Care (DSIC) Suppliers can use the National Data Opt-Out Service to identify Patients' preferences and control sharing of their data by healthcare organisations for planning and research purposes.
NDOP messages are sent and received via MESH.
Compliance with NDOP will be onboarded via a SCAL (Excel).
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on NDOP via MESH is available at the following URL: National Data Opt-out - MESH - NHS England Digital
National Event Monitoring Service (NEMS)
The National Event Monitoring Service works with other interoperability services including the National Record Locator which allows authorised users to find specific Patient records that are held on different health care systems.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Assurance key contact for NEMS will be allocated and engaged once a Supplier registers for NEMS via the Digital Onboarding Service.
More information on integrating with NEMS FHIR API can be found at the following URL: National Events Management Service - FHIR API - NHS England Digital
Important Note - It is planned to migrate functionality offered by NEMS to the Multicast Notification Service. Suppliers should seek guidance from their Supplier Manager as to how to proceed with this Non-Overarching Standard.
NHAIS HA / GP Links (Primary Care Registration Management (PCRM))
PCRM has now replaced the NHAIS HA / GP Links as a National System although the Supplier requirements for NHAIS are still applicable.
Digital Services for Integrated Care (DSIC) Suppliers can use the PCRM API to manage GP registrations and other Patient data.
PCRM messages are sent and received via MESH.
NHS England have also developed and assured an adapter to support PCRM messaging (may still be referred to as the NHAIS adaptor in diagrams etc.)
Digital Services for Integrated Care (DSIC) Suppliers may use the adapter or alternatively develop their own (which will require additional assurance).
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
NHS Login Service
Use this API to enable Patients and the public to access multiple digital health and social care services with NHS login, a single re-usable login.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service and assured using the NHS Login Integration Toolkit
Assurance key contact for Digital Services for Integrated Care (DSIC) will be assigned upon engagement with NHS Login team. To apply for NHS Login integration please go to the following URL:
Apply for NHS login - NHS England Digital
NHS Message Implementation Manual (MIM)
Integration with the MIM is now deprecated.
NHSBSA Claims & Reporting
The NHS Business Services Authority (NHSBSA) allows Health or Care Organisations to claim payments for services provided.
NHSBSA Claims & Reporting Standard is a series of APIs that provide reporting and claims services.
DSIC Assurance approach is to be confirmed and will be provided soon.
Personal Demographics Service (PDS)
The Personal Demographics Service is the national electronic database of NHS Patient details such as name, address, date of birth, registered GP, and NHS number.
New Digital Services for Integrated Care (DSIC) Suppliers are expected to integrate with the PDS via the PDS FHIR API. There are 3 modes of access, these are:
Restricted Access - This access mode is application-restricted, meaning we authenticate and authorise the calling application but not the end user. This access mode is not designed to be accessed by an end user.
Healthcare Worker Access - This access mode is user-restricted, meaning an end user must be present, authenticated and authorised.
Patient Access - A citizen may access their record and update a restricted list of fields. This access mode is user-restricted, meaning an end user must be present, authenticated and authorised.
All integrations with PDS FHIR API will be onboarded via the Digital Onboarding Service.
Assurance key contact for PDS will be allocated and engaged once a Supplier registers for PDS on the Digital Onboarding Service. .
Further information on integrating and onboarding with the PDS FHIR API can be found at the following URL: Personal Demographics Service - FHIR API - NHS England Digital
Note: This is a key pre-requisite to many other Non-Overarching Standards so should be prioritised.
Primary Care Clinical Terminology Usage Report
The purpose of this report is to collect data from each Foundation GP IT Solution Supplier on the frequency of use of clinical coded terms, both terminology (SNOMED CT, Read v2, CTV3) and local codes, recorded through their Solution for fully registered Patients over a 12 month period for all entries which are part of the GP record, aggregated across the selected Practices.
This data on the frequency of usage of clinical terms is to inform which codes are in actual use to:
support the clinical assurance process with respect to data migration and GP2GP
support the production, maintenance and clinical assurance of the cross maps for primary care
facilitate the development of guidance with respect to terminology codes and local codes
Elements of the data submitted will be published and made publicly available once processed to protect any Patient and commercially sensitive data.
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via a Tailored Assurance Approach. The approach will detail the technical and clinical assurance activities to be carried out by NHS England alongside the service provider.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Register with a GP Surgery Service
Use this API to access registration applications using the Register with a GP Surgery service.
This API provides:
operational parameters
a set of codeable observations
questionnaire response relating to a Patients registration request.
You can use this API to:
retrieve a registration application
Digital Services for Integrated Care (DSIC) Suppliers will be onboarded via the Digital Onboarding Service.
Suppliers should contact their Supplier Manager when they want to engage, at this point an assurance lead will be allocated.
Further information on integrating and onboarding with the Register with a GP Surgery API can be found at the following URLs: