All guidesCompliance

DCB0129 Explained for Care Software Buyers

What the DCB0129 clinical safety standard is, why it matters when buying care software, and the questions to ask a supplier before you commit.

What DCB0129 is

DCB0129 is a clinical risk management standard that applies to the manufacturers of health IT systems in England. In plain terms, it requires software suppliers whose products are used in health and care to identify, assess, and manage the clinical risks their software could introduce.

There is a companion standard, DCB0160, which applies to the organisations that deploy and use such systems. Together they set an expectation that clinical safety is managed across both the building and the using of care software, not left to chance.

Why it matters when you buy

For a service buying case management software, DCB0129 is a signal that the supplier takes clinical safety seriously enough to run a formal process around it. A system that records medication, risk, or safeguarding information can cause harm if it behaves unexpectedly, so how the supplier manages that risk is a legitimate procurement question.

It also matters for your own obligations. If your service is expected to manage clinical safety under the companion standard, buying from a supplier who already works to DCB0129 makes your side of the process far easier to evidence.

What a compliant supplier actually does

Working to DCB0129 is not a one-off certificate; it is an ongoing process. A supplier operating it properly will typically:

  • Appoint a suitably qualified clinical safety officer.
  • Maintain a clinical risk management plan and a hazard log for the product.
  • Assess the clinical risks of new features before release, not after.
  • Produce a clinical safety case report that documents the risks and how they are controlled.
  • Review clinical safety as the product and its use evolve.

Questions to ask a supplier

You do not need to be a clinical safety expert to test whether a supplier is serious. A few direct questions reveal a lot:

  • Do you have a named clinical safety officer, and can we speak to them?
  • Can you share your clinical safety case report or a summary of it?
  • How do you assess clinical risk for new features before they go live?
  • How do you communicate safety-relevant changes to customers?
  • How does your process support our obligations under the companion deployment standard?

Clinical safety as an ongoing commitment

The right mindset is that clinical safety is a shared, continuing responsibility between supplier and service, not a box ticked at purchase. A supplier who treats it that way will be able to talk about it openly rather than pointing at a document from three years ago.

GreenShoots is built for services handling sensitive clinical and risk information, and clinical safety is part of how features are developed rather than an afterthought. If you are evaluating suppliers, ask each of them the questions above and compare the answers.

Frequently asked questions

DCB0129 applies to the manufacturers of health IT systems, requiring them to manage clinical risk in their software. DCB0160 applies to the organisations that deploy and use those systems. They are designed to work together.

The standards are mandated under information standards frameworks in the NHS in England. For a buyer, the practical point is that a supplier working to DCB0129 demonstrates a formal approach to clinical safety and makes your own compliance easier.

Ask whether they have a named clinical safety officer, whether they can share a clinical safety case report, and how they assess clinical risk for new features. Willingness to answer openly is itself a good sign.

See how GreenShoots fits your service

Book a free demo and we'll walk through NDTMS, case management, or supported housing workflows — tailored to you.