Data Set Change Notices (DSCN)
Data Set Change Notices (DSCN) are the mechanism for introducing an information requirement or information standard to which the NHS, those with whom it commissions services and its IT system suppliers, must confirm. The following two DSCNs relating to patient safety and safety implementation have recently been approved.
This standard sets best practice in clinical risk management requirements for suppliers of health software. It is a simple framework of documentation that is set out for suppliers to use during development of health systems, comprising:-
- Hazard assessment - review of the patient safety issues which the supplier's system may encounter
- Hazard mitigation - systematically designing controls for the identified hazards
- Evidence - ensuring the controls have been effective in managing the risk to the patient
Each health organisation should include this standard in any procurement or contractual documentation issued to suppliers. Compliance with this standard ensures that the supplier has implemented an effective best practise clinical safety programme during the design and build of the health system.
The standard draws heavily on the Medical Devices Directive. It provides a suitable interpretation of the controls needed for ehealth systems which are not currently identified as medical devices and not covered under the Directive.
This standard offers the health organisation a framework within which the patient safety hazards associated with the deployment and implementation of new ehealth systems can be managed.
The framework will guide the organisation through the process of establishing senior management policy and responsibilities for safety, hazard logs for the new systems and managing the safety aspects of the deployment and integration. The requirements combine to establish a Clinical Safety Management System which the health organisation can use to manage the safety of ehealth systems throughout their lifecycle.
If a health organisation implements this standard, it will have the procedures necessary to implement the new IEC80001 standard expected in 2010 - Clinical risk management of IT networks containing medical devices.