DTAC-Compliant Clinical Coordination for NHS Trusts
CAREFUL is a clinical coordination platform that meets the NHS Digital Technology Assessment Criteria. Every standard is verifiable.
CAREFUL is a clinical coordination platform that meets the NHS Digital Technology Assessment Criteria (DTAC). It is registered on the NHS Data Security and Protection Toolkit, holds Cyber Essentials Plus certification, complies with DCB0129 clinical safety standards and is ICO registered. The platform runs on Microsoft Azure UK with appropriate data sovereignty controls.
CAREFUL is the post-EMR coordination layer for NHS teams — answering the three questions that EMRs cannot: what's happening now, what's happening next, and who is responsible.
Clinical safety
CAREFUL has an active DCB0129 Clinical Safety Case with a named Clinical Safety Officer. DCB0129 is the NHS standard for clinical risk management of health IT systems used in NHS organisations.
- Clinical Safety Case maintained and current
- Named Clinical Safety Officer
- Hazard log maintained and reviewed
- Clinical risk assessments completed for all deployments
Data protection and information governance
- NHS Data Security and Protection Toolkit (DSPT) — registered and current. Verify →
- ICO registration — ZA249706. Verify →
- GDPR compliant — Data Processing Agreements available on request
- Data residency — Microsoft Azure UK; no patient data leaves appropriate jurisdiction
- No patient data stored on personal devices
- Role-based access controls throughout
Technical security
- Cyber Essentials Plus — current certification. Verify →
- Microsoft Azure infrastructure with enterprise security controls
- Data encrypted in transit and at rest
- Penetration testing completed
- Audit logs for all clinical actions, immutable
Interoperability
- FHIR R4 (read and write)
- HL7v2 ADT (admission, discharge, transfer)
- Mirth Connect integration engine
- NHS login compatible (where applicable)
- Direct API available
Usability
CAREFUL has been evaluated by clinical staff in NHS settings with published usability feedback. At Maidstone & Tunbridge Wells NHS Trust, a formal usability evaluation was completed with clinical staff. At Hywel Dda University Health Board, 98% of surveyed staff reported improved patient safety and 100% reported improved communication.
Native iOS and Android apps with full functional parity with the web interface. Designed for clinical workflows in acute and community settings.
Accessibility
CAREFUL is designed to meet WCAG 2.1 AA accessibility standards. The platform is optimised for use on mobile devices in clinical environments. Contact us for accessibility documentation. Accessibility statement →
Frequently asked questions
What is DTAC?
DTAC (Digital Technology Assessment Criteria) is the NHS framework for assessing clinical software procured by NHS organisations. It covers clinical safety, data protection, technical security, interoperability, usability and accessibility. CAREFUL meets all DTAC criteria.
Is CAREFUL registered on the NHS Data Security and Protection Toolkit?
Yes. CAREFUL is registered on the NHS Data Security and Protection Toolkit (DSPT). You can verify the registration →
Does CAREFUL hold Cyber Essentials Plus?
Yes. CAREFUL holds current Cyber Essentials Plus certification. Verify →
Is CAREFUL DCB0129 compliant?
Yes. CAREFUL has an active DCB0129 Clinical Safety Case with a named Clinical Safety Officer. DCB0129 is the NHS standard for clinical risk management of health IT systems.
Where is CAREFUL data hosted?
CAREFUL runs on Microsoft Azure UK, in appropriate data sovereignty zones for NHS use. No patient data is stored on personal devices or outside appropriate jurisdiction.