Digital Technology Assessment Criteria

Digital technology continues to revolutionise healthcare. However, security, safety, and usability need careful consideration during development, testing, and procurement to spot vulnerabilities and mitigate risk.

What is DTAC?

The DTAC is a set of questions and criteria for organisations to use when introducing new digital health technologies. 


While the Digital Technology Assessment Criteria is not mandatory. However, legislation, best practices, and recognised standards are brought together to create a development process that allows health and social care providers, staff, and patients to assess digital products quickly and consistently.


Developers and digital health suppliers should consider the legislative requirements in any build. Products where the DTAC is invaluable, include patient and staff facing:


  • Apps
  • Digital tech
  • Web-based portals
  • Stock control systems
  • Health IT systems

How it works/How to use the DTAC form?

The Digital Technology Assessment Criteria is focused on five core areas. Parts one to four state the assessed criteria. Part five determines the conformity rating, which indicates the product or systems accessibility and usability:


  1. Clinical Safety – Clinical risk management is undertaken, and safety controls are in place
  2. Data Protection – Individuals rights and data are protected
  3. Technical Assurance – Products and systems are stable and secure
  4. Interoperability – Communication occurs quickly, and data is accurate, safe, and secure
  5. Usability and Accessibility – The product is given benchmarked rating against good practices and the NHS service standard


Digital tools will receive a pass or fail for the first four criteria and a usability and accessibility score.


The new criteria aim to equip NHS and social care teams with clear guidance on which health technologies and systems to buy or recommend to patients. DTAC helps innovators and developers understand the standards and controls they need to meet to offer their products to the NHS.


Hardware, software, apps, and digital technology already used by the NHS and social care are not subject to a retrospective assessment. However, developers and suppliers should be aware that an evaluation is required before future contract renewals and if the digital technology is to be considered by different organisations. 


You can download the form here.

Implementing and testing standards and cybersecurity

We recently covered the importance of cybersecurity in the health industry; click here to read it.

Contact us to learn more about how we can help ensure you are in line with these standards and other ways we can improve your cybersecurity such as Cyber Essentials Plus.

Contact us..

Related Articles