Digital Identity And The NHS

How the next generation of NHS Digital Identity Services is working to enable care workers to access vital holistic clinical information on the patients they are treating quickly, simply, securely and at the point of care – while ensuring only legitimate care workers can access patient data

Posted 27 November 2018 by Gary Flood

This Thursday, at Think Digital Identity For Government 2018, we’re delighted to announce that Anthony Wilson. Product Manager, Identity Services at NHS Digital, will be on-stage as a case study of how he has used technology from digital Identity Management platform supplier ForgeRock. We sat down with Mr Wilson to find out more.

Mr Wilson, hi: can you explain what being Technical Product Manager for Identity and Access Management at NHS Digital encompasses?

My role’s remit is to identify capability needs in the Digital Identity and Access space for care workers in the NHS. I also provide the strategy and direction for how the next generation NHS Digital identity platform will meet those needs.

Not everyone will be familiar, potentially at least, with what NHS Digital’s role is. Can you briefly explain?

NHS Digital is the national information and technology partner to the health and social care system. We use digital technology to help transform the NHS and social care. Some examples of the services we provide are the Electronic Prescription Service, the NHS e-Referral Service and the Summary Care Records Service.

You define part of your mission at NHS Digital as to ‘keep clinical information safe and secure whilst making access quick and simple for health care professionals’. Can you expand a little on that – for example, how does it help a) patients and their families and b) clinicians and care providers to do this?

Well, the world is a much more technology savvy place than it was 10 years ago. The healthcare sector wants to enable an holistic and relevant view of patient clinical data – potentially across several healthcare providers – to help increase correct diagnosis and treatments. This lowers the need to quiz patients about their previous health history. 

At the same time, patients and care workers are now much more likely to interact digitally as well as face-to-face. Although this is much more convenient and less time-consuming, it is also more imperative than ever that people can be reassured that the person they are interacting with is a nationally assured care worker. and that their information will only be used for legitimate reasons to do with their care.

Yes – patient data is a very hot topic in the NHS. Can you say what guidance and rules your team is following to reassure us all on that?

We have both security and governance leads as part of our programme team and they are there to ensure we meet the standards required of us. These include satisfying GDPR, Identity Standards such as GPG44/45 and Cyber-Security best practice. 

We believe you are working with supplier ForgeRock. Can you say a little more about what you needed its IDP tech to solve?

As the NHS is a diverse and complex body of organisations, we needed a set of identity technology products that would be flexible enough to allow many forms of authentication. We must also support this through industry standard interfaces and handle scale and performance to over two million health and social care workers (which will be our ultimate end target). ForgeRock has the product set we believe can handle this.

If we run a ‘Think Digital Identity for Government 2019’ – so, speak to you again in 12 months, if not sooner! – what would you like to have achieved in that timeframe?

I hope we would have achieved the following:

  • That paramedics are able to access summary care record information through tablet devices wherever they are
  • Pharmacists can, if they choose to, interact with and advise their customers more freely without technology chaining them to computers behind the counter
  • Health care workers are provided with a service that renders passwords obsolete and offers many highly secure logon mechanisms other than just smartcards.

Great stuff. Last question – thanks! Without blowing your great presentation, what do you hope to impart to delegates, at a top level, this Thursday?

That Digital Identity is key to enabling access to clinical information – and that real security should be almost invisible to the user and enable them to do their jobs, whilst keeping them and their data safe.

Thanks – and good luck for the conference, we’re really looking forward to hearing your presentation, Mr Wilson.

There are still a few places left for Thursday, and your chance to hear what NHS Digital and other organisations are doing in the UK’s ONLY Digital Identity conference that addresses public sector concerns: go here to grab that place!