Understanding DTAC and How Deviceology Can Help Clients Gain Compliance for NHS Integration

What is DTAC?

The Digital Technology Assessment Criteria (DTAC) is an initiative by NHSX, the digital transformation arm of the National Health Service (NHS) in the United Kingdom. This framework aims to provide assurance to staff, patients, and the public that the digital health tools they utilise meet the rigorous standards set by the NHS. DTAC serves as a comprehensive guide for both local and national NHS teams, as well as technology developers, to understand which digital health technologies should be adopted and recommended.

Core Areas of Assessment: An In-Depth Look

DTAC’s assessment process revolves around five core areas, each designed to ensure that digital health technologies meet the highest standards of safety, security, and effectiveness. Here’s a more detailed look at each:

Clinical Safety

Clinical safety is paramount in healthcare technology. Products are rigorously assessed to ensure robust clinical safety measures are in place. This involves a thorough clinical risk management process, which aligns with best practices and the DCB0129 standard for clinical risk management. The aim is to ensure that the technology does not pose any harm to patients and is in compliance with clinical safety norms.

Data Protection

Data protection is a critical aspect, especially in healthcare where sensitive patient data is involved. DTAC ensures that data protection and privacy are integrated into the product ‘by design’. This includes conducting a Data Protection Impact Assessment (DPIA) to evaluate how personal data is processed. Additionally, the Data Security Protection Toolkit (DSPT) is another key component that Deviceology can complete for clients, ensuring compliance with data protection laws and regulations.

Technical Assurance

Technical assurance focuses on the security and stability of the product. The technology is assessed to ensure that it is free from vulnerabilities that could be exploited, thereby posing a risk to users or the data it holds. Cyber Essentials, a UK government-backed certification, is often used as a benchmark to ensure that the technology meets the required cybersecurity standards. Additionally, Deviceology can arrange Penetration Testing for clients, fulfilling one of the key requirements in this area.


Interoperability is crucial for seamless data exchange between different systems and platforms within the healthcare ecosystem. DTAC ensures that the technology can effectively communicate data accurately and quickly, while also maintaining the highest levels of security. This is vital for integrated care and for enhancing the efficiency of healthcare delivery.

Usability and Accessibility

Usability and accessibility are assessed to ensure that the technology is not only user-friendly but also accessible to people with disabilities. This involves benchmarking the technology against good practice and the NHS service standard, as well as the Web Content Accessibility Guidelines (WCAG) to allocate a conformity rating.

How Deviceology Can Assist in Achieving DTAC Compliance

Comprehensive Assessment Services Including Full DTAC Assessment

Deviceology offers a full suite of services aimed at assessing your digital health technology against the DTAC criteria. This involves a gap analysis to identify areas where your product may fall short of NHS standards, followed by actionable recommendations to achieve compliance. Importantly, Deviceology can complete the entire DTAC assessment on behalf of clients, streamlining the process and ensuring a thorough and accurate evaluation.

Documentation Support

One of the key steps in achieving DTAC compliance is the preparation of comprehensive documentation that proves your technology meets the required standards. Deviceology can guide you through this process, ensuring that all paperwork is in order and stands up to scrutiny.

Procurement and Implementation Strategy

Navigating the NHS procurement process can be a complex task. Deviceology offers strategic advice and hands-on support to help you successfully complete the DTAC assessment as part of the NHS procurement process. This ensures that your technology not only meets but exceeds the NHS’s baseline criteria.

Ongoing Compliance Monitoring

DTAC is not a one-off process; it requires ongoing monitoring and updates to ensure continued compliance. Deviceology offers this as part of its service package, ensuring that your digital health technology remains up-to-date with any changes in NHS standards or regulations.


Achieving DTAC compliance is crucial for any digital health technology aiming for integration within the NHS. Deviceology, with its comprehensive services and deep expertise, serves as an invaluable partner in this journey. From initial assessment to ongoing compliance monitoring, Deviceology ensures that your technology not only meets but exceeds the stringent standards set by the NHS.

For more information, visit https://www.deviceology.info or contact us at info@deviceology.net