DCB0129 / DCB0160
NHS Digital have two clinical risk standards. These are:
DCB0129: Clinical risk management: its Application in the Manufacture of Health IT systems
DCB0160: Clinical risk management: its Application in the Deployment and Use of Health IT systems
DCB0129 is for software suppliers, and DCB0160 is for healthcare providers. PKB complies with the DCB0129 standard, and this page is to help healthcare providers comply with DCB0160.
ReleasesÂ
PKB works in agile software development and releases a new version of PKB every two weeks as a minimum. These fast-release cycles and incremental upgrades ensure every user is using industry-leading software that is constantly developed around the latest standards and functionality with small changes that do not require retraining. As a cloud-hosted system, there are no legacy systems to support, and every user enjoys the latest software advances. Sandbox and Production environment upgrades are communicated well in advance and only occur during off-hours, yet require minimal downtime due to the modularity of the PKB solution stack.
This rapid development cycle benefits from automated end to end testing to ensure new releases do not result in degradation of old functionality that customers are used to. Users can choose to use of new functionality according to local plans.
PKB customers should subscribe to the PKB blog to read about planned monthly releases. They should also subscribe to PKB status mailing list to keep track of what PKB has just released.
Where PKB changes a large feature changes, or offers a new feature is offer, it develops in conjunction with customers. During System Testing, business involvement takes the form of regular demonstrations and reviews to validate functions and features as they become available. This early feedback loop can enable modifications to requirements at minimal impact to the overall delivery.
User Acceptance Testing (UAT) is a collaborative validation exercise that is supported and managed by the PKB team. We work with stakeholders and subject matter experts, including clinicians and patients, to help define test cases, schedule and support test execution and report on progress to enable informed decisions to be made. Part of this stage of the testing includes clinical solution testing.  Change management controls will be graded to reflect the magnitude of the change;
TestingÂ
In addition to all the information provided under point 1, all changes to PKB’s database, application, architecture and environment are authorised, reviewed and fully logged. PKB use a combination of JIRA and internal development Wiki to document bug fixes, releases, upgrades, maintenance and other elements that might impact our production environment. Additionally, database schema management is via Liquibase. PKB manages the Systems Development Life Cycle workflow for bug fixes, feature and change requests and architecture evolution principally with JIRA, involving collaboration between support, integration & project management, product, and development teams. PKB have a dedicated QA lead and uses both manual QA and automated unit/integration/end-to-end testing executed as part of continuous integration. PKB’s QA also includes thorough code reviews, API testing with automated test cases, and manual testing of features alongside whole system testing. PKB conducts performance testing in the context of peak testing and endurance testing. As a part of quality assurance procedures, PKB measures execution of software during daily usage.
The change workflow will depend on the nature of the change (bugfix, feature, etc.) however, the typical process is as follows:
Product Team and Dev Architect/Area Expert - Identification / Initiation
- Definition and business value documentation
- Specification and impact analysis; rough scoping and schedulingÂ
- Roadmap inclusion
- Acceptance criteria definitions and test/QA planning
Development Team (Core, Frontend)
- Detailed specification and test planning
- Iterative sub-task estimation and developmentÂ
- Test automation
- Metrics coverage
QA, code review and authorisation
- Product team review / acceptance (and manual testing)
- QA review: automated test evaluation
- Development team review: code quality, test coverage, metrics, scaling analysisÂ
- Rollback planning
- Pre-deployment checks
- Release candidate integration testing
Production Support Team
- Release
- Post-deployment checks
Complete
All code level changes are reviewed and approved before release. Pre-deployment and post-deployment checks are facilitated at various stages along the release journey.
Clinical riskÂ
PKB as a company, are compliant with DCB0129 to the manufacture of health software via our ongoing Clinical Risk Management processes which are applied to all PKB environments. PKB have a designated Clinical Safety Officer and any Clinical Incidents are logged on our Clinical Incident log with Times, Dates, Mitigation steps and outcomes are logged and visible. The Clinical Safety Report is updated monthly with the latest release versions and reviewed/signed off by our Clinical Safety Officer. This is applied to ongoing changes and releases ensuring all environments are maintained to this standard.