Background

NHS England and the Vaccination Digital Services (VDS) currently supports the recording and sending of COVID, Pertussis, Influenza (Flu) and Respiratory Syncytial Virus (RSV) vaccinations data to Suppliers via a DPS MESH Mailbox, and the receiving of Influenza (Flu), Respiratory Syncytial Virus (RSV) and Measles, Mumps and Rubella (MMR) vaccinations data from Suppliers via the same DPS MESH Mailbox.

The Immunisation FHIR API Solution is a disease type agnostic system that is being extended to include Childhood Immunisations, using the same backwards-compatible data transfer between Supplier Solutions and VDS. This approach enables Supplier Solutions to continue using their existing Solution and technology to transfer data in a scalable, disease type agnostic manner. 

The lawful basis supporting the new information flows has been confirmed to be the same as existing flows for RSV by Privacy, Transparency and Trust (PTT) colleagues.

The supporting Data Protection Impact Assessment (DPIA), which includes the lawful basis for the processing activity, will be reviewed and assured by PTT. The DPIA and all other relevant documentation will be uplifted before data flows begin.

This Roadmap Item will introduce:

• The sending of the following vaccination types from VDS to Suppliers:

  • Measles, Mumps, Rubella (MMR)

  • Human Papillomavirus (HPV)

  • 3 in 1

  • MenACWY

• The sending of the following vaccination types from Suppliers to a new IMMS API MESH Mailbox:

  • Respiratory Syncytial Virus (RSV)

  • Measles, Mumps, Rubella (MMR)

  • Human Papillomavirus (HPV)

  • 3 in 1

  • MenACWY

Leaving the following vaccination types to be sent from Suppliers to the existing DPS MESH Mailbox:

• Influenza (Flu)

See attachment for SNOMED codes for MMR, HPV, 3 in 1 and MenACWY.

Open

Open

Outline Plan

Supplier Solutions must be fully compliant with this change by the Effective Date.

Supplier Solutions must target a roll-out date of 31st August 2025, to align with the 2025/2026 school academic year, to ensure all vaccinations provided in these settings are covered by this change.

Summary of Change

Full Specification

• Patient Information Maintenance v9.0.0 Capability

• Digital Medicines and Pharmacy FHIR Payload v4.0.0 Standard

• Vaccination Extract Standard

Assurance Approach

Pre-Go-Live Assurance in Test Environment

Childhood Immunisations data inbound into the Core Clinical Solution from VDS

Assurance by the NHSE Vaccinations Digital Services (VDS) Team will be in line with the already established assurance process which was followed by the Supplier for the previous data flows e.g. RSV and Pertussis, a brief summary of the approach as below:

The assurance by the NHSE VDS Team of the ingestion of the Digimeds FHIR messages containing Childhood immunisations data would be to ensure that the data (add/replace) is processed correctly by the Core Clinical Solution without any data loss, data corruption and is displayed correctly to the system End Users and also that the Core Clinical Solution can handle the deluge of data sent in nightly feeds. The assurance would also cover the upload of this data onto Summary Care Record (SCR). The assurance will be done using the VDS team provisioned test scenarios for the identified risks along with supporting test data. The VDS team will have regular engagement sessions with the Core Clinical Solution Suppliers and provide the line of support to facilitate any clarifications, requests etc.

In addition to the above, the Core Clinical Solution Suppliers would also need to complete a Digital Services for Integrated Care (DSIC) Standards Assurance risk log submission for the end to end risks. This is supported by the required risks mitigation test evidence and self-certification statements (where applicable). These evidence that the childhood immunisations data will be available through the national interoperability standards such as IM1, GP Connect, GP2GP for consumption by the relevant recipient / consuming healthcare systems including Patient Facing Services applications as well as being made available in GP Practice migrations through their Practice data migration extracts. Through this risk log, the Core Clinical Solution Supplier would also need to confirm that impact assessment and regression testing has been done to confirm no adverse impact on compliance of any existing Capabilities, Overarching Standards and Non-Overarching Standards.

Childhood Immunisations data outbound from the Core Clinical Solution to VDS

Assurance will be in line with the assurance done for the previous data flows e.g. RSV and Pertussis.

Clinical Safety assurance

Suppliers will be required to submit a Clinical Safety Case Report and Hazard Log which has been signed off by the Supplier’s Clinical Safety Officer (CSO) in accordance with the NHS England Clinical Safety Group (CSG) requirements and in compliance to the safety standards (DCB 0129 or DCB0160). The NHS England VDS Clinicians and the CSG Assurance Leads will review the evidence provided to fulfil the assurance ‘asks’.

Go-Live Assurance in Production Environment

Smoke Tests will be expected to be done in the production environment for the pre-implementation phase. For the post-implementation phase, validation checks of live data flowing and acknowledgements will be done.