NHS assurance

Evidence before claims.

Vantora is being designed against the NHS standards that govern safe, secure and inclusive digital health technology. Assurance is tied to the exact product, version and deployment—not treated as a marketing badge.

Pre-deployment assurance status

Current applications are synthetic demonstrations. Vantora is not yet presenting them as DTAC-passed, DSPT Standards Met or authorised for live patient care.

Last reviewed 13 July 2026

Assurance programme

One evidence pack. Clear accountable owners.

DTAC, DSPT and clinical safety overlap, but they are not interchangeable. Vantora maintains a single evidence index while preserving each framework's distinct approvals and responsibilities.

DCB0129 · DCB0160 support

Clinical safety

Version-specific hazards, safety requirements, testing and a signed safety case before live use.

DSPT · UK GDPR · confidentiality

Data protection

Purpose-led data flows, DPIA, transparency, minimum access, retention and controlled secondary use.

Cyber Essentials · independent testing

Technical security

Secure development, MFA, privileged access, audit, monitoring, resilience and current penetration evidence.

NHS identity · open standards

Interoperability

Documented interfaces, reliable acknowledgement, provenance, reconciliation and deployment-specific conformance.

WCAG 2.2 AA · Accessible Information Standard

Inclusive use

Manual and assistive-technology testing, representative user research and an accurate accessibility statement.

NICE Evidence Standards Framework

Evidence and value

Proportionate evidence for performance, workflow benefit, unintended effects and economic impact.

Designed into the product

  • Synthetic-data demonstration boundary
  • Clinician-recorded decisions in the initial workflow release
  • Future patient-specific recommendations locked behind a separate demo mode
  • Traceable tasks, confirmations and external-system acknowledgements
  • Purpose separation for direct care, audit and research

Blocked before live care

  • Appoint accountable clinical-safety, information-governance and cyber-security roles
  • Complete DCB0129 records and the product DPIA for the exact pilot release
  • Publish the applicable DSPT return and obtain Cyber Essentials
  • Complete independent penetration, accessibility and representative-user testing
  • Implement and evidence production identity, logging, monitoring, backup and recovery
  • Submit the official DTAC 2.0 form and evidence to the adopting NHS organisation

Authoritative frameworks

Current sources, reviewed at decision points.

This page describes Vantora's assurance programme. It is not an NHS endorsement, certification or substitute for product- and deployment-specific assessment.