FibriCheck is proud to announce that in addition to being among the first to go through Orcha’s rigorous assessment process, we are leading the charge in digital health standards compliance, as evidenced by the 100% rating received by the leading global digital assessment agency.
With hundreds of health apps out there and regulations evolving constantly, it can be quite a task for both developers and those making buying and commissioning decisions to see the forest for the trees. That is why in early 2021, the NHSX – a government unit in the United Kingdom that drives the digital transformation of health and social care – developed the Digital Technology Assessment Criteria (DTAC).
By setting a national baseline, DTAC aims to improve the path between development and procurement so that the NHS and social care can fully realise the benefits that digital technologies bring.
Basically, DTAC helps developers ensure digital health tools are not only delivered to the standards that patients deserve, but also to provide confidence to adopting healthcare organisations.
Don’t assume, assess
In order to receive a DTAC rating, FibriCheck performed a comprehensive self-assessment. This assessment was then externally reviewed and stress-tested by Orcha, the Organisation for the Review of Care and Health Apps, which is the world’s largest health app review and distribution organisation. ORCHA assesses apps against 350+ standards including the new DTAC.
“The DTAC is still a new compliance standard and we work closely with our clients to navigate them through each requirement,” says ORCHA’s review and accreditations director, Paul S Weston. “FibriCheck’s approach to this whole process has been second to none. Our congratulations to the team for passing the DTAC with such high scores.”
Fibricheck met the DTAC standard for clinical safety, data protection, technical security and interoperability and scored 100% in the ‘usability and accessibility’ criteria.
The first 4 areas of the DTAC are assessed on a pass/fail basis. While for area 5, developers are given a score, based on how well they meet the standard.
1. Clinical safety
The clinical safety aspect verifies whether a rigorous clinical risk management is in place during development, deployment and use of health IT systems. Fibricheck was assessed to ensure that clinical risks are reduced maximally and patient harm minimised according to the ‘DCB0129 – Clinical Risk Management: Its Application in the Manufacture of Health IT’ systems as defined by NHS Digital.
2. Data protection
Correct data handling should be a prerequisite for all applications. Therefore, this section establishes that the product collects, stores and uses data (including personally identifiable data) compliantly. During our DTAC assessment, Orcha verified our compliance to the DSPT standards while also looking into our different data handling policies and procedures (including how rights of individuals are protected) as well as our data Protection Impact Assessment (DPIA).
Thanks to Extra Horizon’s medical Backend-as-a-Service which FibriCheck is built on, we achieved a passing grade in the Data Protection criteria, among other things as it ensures that Data Protection is an integral feature of our digital solution.
The fact that FibriCheck cares about data handling is further supported by our ISO27701 certification.
3. Technical assurance
Next, FibriCheck was extensively reviewed to confirm that the product is not only stable, but that it also meets industry best practice security standards and that our defences protect against the vast majority of cyber attacks. On our side we were very familiar with most of the controls as we have certifications in place that show we meet the best practice standards regarding information security (ISO 27001:2017) and privacy information (ISO 27701:2019). For these certifications, we are yearly reviewed extensively by an independent certification body during several days.
The interoperability section establishes how well FibriCheck exchanges data with other systems. Good interoperability reduces expenditure, complexity and delivery times on local system integration projects by simplifying integration. Smooth data exchange allows the FibriCheck implementation to be replicated as well as scaled and opens up the market for this innovation in remote cardiac monitoring.
5. Usability and accessibility
Usability and accessibility is a key part to ensure the product is suitable for use. The assessment sets a compliance rating where the organisation can improve on with regards to industry best practices. These best practices include:
- Involvement of a multidisciplinary team during product realisation
- Active user involvement during development to understand users’ needs in the context of their health
- Make the product easy to use
- Make sure everyone can use the the product
- Proactively monitor for product feedback once the product is released
- Work in agile fashion and improve frequently
Interested in working with us on a project or a clinical study?
Get in touch with us or read more about some of our previous projects with Barking Havering and Redbridge University Hospitals, West Suffolk Clinical Commissioning Group, DigitalHealth.London, Northern Care Alliance and Chelsea and Westminster Hospital NHS Foundation Trust.