NHS England Health Apps Library. App Review Process



Similar documents
North American Electric Reliability Corporation. Compliance Monitoring and Enforcement Program. December 19, 2008

Early Intervention Central Billing Office. Provider Insurance Billing Procedures

Tuition and Fees. How are tuition and fees calculated?

WEBSITE CONTENT MANAGEMENT SYSTEM RFP QUESTIONS AND ANSWERS

National Institute for Health Research Coordinated System for gaining NHS Permission (NIHR CSP)

SEPTA eps FREQUENTLY ASKED QUESTIONS

Division of Long Term Care User Training System & Training Overview

How to sync Office 365 with Gmail

e-recruitment Guide Job Requisition

Before submitting claims online you must complete the following form(s): Online Provider Services Account Request Form (

European Code of Conduct on Data Centre Energy Efficiency

How To Help With Zap Support (For Free) On A Pc Or Mac Or Mac (For A Premium) On Pc Or Ipa (For An Unlimited Time) On Zap (For Pc Or Pc) On

WA Food Regulation: Temporary and Mobile Food Businesses

A Guide to Clinical Coding Audit Best Practice

(FOR THE HANDLING AND PROCESSING OF MOBILE PHONES AND OTHER MOBILE DEVICES SO AS TO ENSURE THAT THOSE DEVICES IDENTIFIED AS STOLEN ARE HANDLED IN

Data protection compliance checklist

Revised Code of Practice for Disclosure and Barring Service Registered Persons. November 2015

ACADEMIC (MONITORING COURSE) PROGRESS POLICY

GCSx Guide for Internal Users. How to send sensitive business and personal information securely

Guide for Applicants. Call for Proposal:

Evidence of Insurability

European Code of Conduct on Data Centre Energy Efficiency

GETTING STARTED WITH EDISS AND TOTAL ONBOARDING (TOB)

Secure - Customer User Guide How to receive an encrypted

Secure Provider Website. Instructional Guide

Invitation to Quote (ITQ) for STREET WORKS IT SOLUTION

First Steps in the Claims Process: Insurers

EXTERNAL GUIDE GUIDE FOR TAX PRACTITIONERS ON EFILING

Data Submission Manual

PROACTIS: Supplier User Guide Contract Management

Appendix P-0a: Suggested Implementation for All Performance Management Guidelines

How To Use Nest For An Employer

NetIQ Advanced Authentication Framework - Smartphone Applications

Mendix ExpertDesk, Change and Incident Management. Customer Support

FSPFCC04(SQA Unit Code-F88P 04) Ensure you comply with regulations in your financial services environment

HertSFX. User Guide V2.04. Hertfordshire s Secure File Exchange Portal. (Jan 2014) HertSFX User Guide V2.04 Jan 2014 Page 1 of 17

Higher audit threshold for charities

Gift Aid Charities Online - Schedule Spreadsheets Information Sheet

How To Know If A Mobile App Is A Medical Device

Integrated Warning System

COMPLETING PCI CERTIFICATION IN TRUSTKEEPER PCI MANAGER

Supplier Guidance on using Procserve

Extended Request for Quotation (RFQ) for. Provision of Delivered Catering Service

SafeWebApp QuickStart

RFP Milestones, Instructions, and Information

Internal Audit Hearing Sheet

GMass Getting Started Guide

Zinio FAQ. » I created a Library Collection account but I did not receive my confirmation . Why not?

RCN POSITION STATEMENT. The role of school nurses in providing emergency contraception services in educational settings

How to revalidate with the NMC Requirements for renewing your registration

Document 12. Open Awards Malpractice and Maladministration Policy and Procedures

Code of Practice. for Inspecting and Certifying Buildings and Works. Building Control Regulations 2014

Content Management Policy: Legal Aid NSW website and intranet

Advance with CIMA. Applying for CIMA Accreditation of Higher Education Programmes

NONPROFIT ORGANISATIONS REGISTER: WEBSITE INSTRUCTIONS

Honeywell Secure External User Guide August 2013

A Guide to the British Academy Electronic Submission System (e-gap2)

Guidance for sending and receiving an encrypted NHSmail

Quick Start Guide: NotifyLink for Symbian Series 60, 3 rd Edition

QCF. Residential childcare. Centre Handbook

Common position of national authorities within the CPC Network

Secure File Transfer Guest User Guide Updated: 5/8/14

FAST TEM Guide for Mail.XML

****************************************** **************ATTENTION************** ******************************************

The Business Inclusion Program (BIP) Outreach Process

Type of Personal Data We Collect and How We Use It

How To Pay A Bill At The Trust

Apple Newsstand. v 1.2 1/22

Got Workflows? How to Audit for Compliance

GiftWorks Online Donations

1 Login to your CSUF student account and click on the Settings icon ( ) at the far right.

QUESTIONS AND ANSWERS ABOUT THE AICPA PEER REVIEW PROGRAM

Provider Electronic Solutions Trading Partner Testing Packet

STATE OF CALIFORNIA DEPARTMENT OF INSURANCE 300 Capitol Mall, Suite 1700 Sacramento, California ADOPTED TEXT OF REGULATION

Client Training Manual


TurnerTalk Online Waste Tracking System User s Guide for Reviewers and Haulers. Version 3.0 Date: May 15, 2009 Turner Construction Company

Emdeon Claims Provider Information Form *This form is to ensure accuracy in updating the appropriate account

Applicant Online Guide

U.S. ELECTION ASSISTANCE COMMISSION

Managing the OATS Certificate

Select Account. The essential guide to your new account

IRIS International Railway Industry Standard

INTERMEDIARIES & INVESTMENT PROFESSIONALS ONLY: NOT FOR PUBLIC DISTRIBUTION

Recommendations for Improving Purchasing Card Procedures

Sales Dynamite / Mobile Prospector Jack

Cre-X-Mice Database. User guide

Transcription:

NHS England Health Apps Library App Review Process

Section 1 The numbering of each part below relates to the parts and numbering of the boxes in the process maps. Part 1 Submission of an app This part relates to validating an app submission once a completed form has been received in the submission inbox. The purpose is to ensure that the form has been filled in correctly in order for a full review to be completed. 1.1 Check that a name and email address have been supplied as a minimum. 1.2 Ensure that as a minimum an app icon 140px square has been submitted and at least 2 no. individual app images at least 320px height. If multiple screenshots have been submitted on a single image refer back to the submitter to supply them as separate images. 1.3 Verify the app store links submitted for the app, to validate the link to the app submitted and ensure they are not broken. If there are any discrepancies, submitters must supply correct links to ensure app is available for download should it be required during the review process. Part 2 Quality Assurance This section relates to checking whether an app is safe from a usability and data point of view. Whether it is relevant for the UK and demonstrating compliance with NHS HAL (Health Apps Library) policies and data protection. 2.1 Check submission form to clarify apps use of UK standard formats and Informational sources. 2.2 If it is determined that an app has not been localised for the UK, then check app description to gain an understanding of the app use and functionality. If evident that the UK public would still gain benefit from the app then it should be considered relevant. It may also be that the app can be used globally and is not limited to or specifically made for the UK, these apps should be considered relevant (for an existing example app see Wheelmate on HAL) 2.3 Check app description to ensure the app does not promote commercial products i.e. the app developed in conjunction with an organisation and only promoting the organisations products. If it is determined to be promoting commercial products then a judgement should be made as to whether it is suitable for HAL i.e. Durex promoting their own condoms through a condom finder would be considered promoting a commercial product, however in the context of HAL this would be an app promoting safe sex and could be considered a good app for HAL. 2.4 Schedule 1 of the HAL developers T&Cs outlines prohibitions to submissions, if the app contains any of these it will be considered non-compliant and rejected. 2.5 Check Storing Data section of the submission form, this will simply be answered as a yes or no. The definition of PID is the collection of data that can identify a living individual by name, email address etc. This is specifically relating to collecting PID data of UK individuals. 2.6 Data may simply be collected in-app and this would not fall under data protection, however this question should be referenced with 2.7 to decide upon an outcome.

2.7 If an app sends data to an external server outside of the app device, regardless of the geographic location of the organisation/server it would fall under UK data protection. If the data is simply held on the app device and not sent to a server outside of the app device the quality assurance review is complete, go to Part 3. 2.8 If an app developer holds PID outside of the app device then they need to register with the ICO. If the organisation is from outside of the UK they may be required to partner with a UK organisation to register with the ICO. An email should be sent to notify the submitter of this requirement; no further review should take place until a reply has been received from the submitter. 2.9 Upon receiving a reply from the submitter and evidence of ICO registration being received, the quality assurance review is complete, go to Part 3. If the submitter fails to register then notification of non-compliance should be sent and the app rejected. Part 3 Clinical Safety Review This section will determine the app type and clarify whether apps require a full safety review. It is to be read in conjunction with the CSG Mobile Medical Application in support of OTD Checklist v0.8 The numbers in the decision nodes correspond with the question numbering of the CSG Checklist v0.8, the answers will be determined by the outcome of the CSG checklist questions. Part 4 Final Validation This section relates to the final approval of apps. Apps that did not require CSG review will require further verification. This will be by ensuring the data sources are trusted and verifiable. Once apps have been verified by this process or via the CSG review they will successful and can be included in the library. 4.1 Was the app commissioned by an NHS organisation? 4.2 Was the app produced in conjunction with a Royal College? 4.3 Was the app produced in conjunction with the 3 rd sector i.e. voluntary organisations, charities etc. If the app was produced by or in conjunction with any of the sources mentioned above in 4.1, 4.2 & 4.2 then the app review is successful and the app can be published to the library. 4.4 Determine if the information source is a non-uk organisation. 4.5 If the information source is from the UK can it be considered trusted or verifiable i.e. is the information from a known provider or organisation, if yes then app review is successful and can be published to the library; if no then notify submitter of non-compliance due to information source credibility. 4.6 If an app has been reviewed by the CSG team and considered safe, then app review is successful and it can be published to the library; if not considered safe or organisation does not provide the information required by the safety group to make decision in an allotted time then app is rejected, notify submitter of non-compliance.

Section 2 This section contains the maps for the Health Apps Library app certification process. There are a total of 4 process maps split into parts as below: Part 1 Submission of an app Part 2 Quality assurance Part 3 - (to Be used in Conjunction with Mobile Medical Application in support of OTD Checklist v0.8 ) Part 4 Final Validation For clarification of each numbered process node, see Section 1.

NHS App Store Self Certification Process: Part 1 Submission of an app App Submission 1.1 Contact details present? Completed questionnaire received from developer Validate info received 1.2 App icon & images present? Refer to provider for further information 1.3 Links to app working? Continue to 2A

NHS App Store Self Certification Process: Part 2 Quality assurance 2A 2.1 Localised for the UK? 2.3 Promotes commercial products? 2.5 PID collected/ stored? Continue to 3A 2.2 Relevant for UK individuals? 2.4 Complies with Dev T&Cs Schedule 1? 2.6 Data stored in-app? 2.9 Evidence of registration received? Data protection 2.7 Data sent to other servers /services? tify ICO registration required. UK & non- UK organisations. tification to provider of noncompliance, app rejected 2.8 Registered with the ICO?

NHS App Store Self Certification Process: Part 3 (to Be used in Conjunction with Mobile Medical Application in support of OTD Checklist v0.8 ) 3A Continue to 4A Q1.1 Transactional Q1.2 Q3.3 Calculating and/ or Monitoring Q1.3 Transactional Q3.2 Q4.2 Informational Q1.4 Q2.1 Q3.1 Q4.1 Calculating and/ or Monitoring Clin. Decision Support Continue to 4B

NHS App Store Self Certification Process: Part 4 Final Validation 4A 4.1 Commissioned by NHS? App review successful publish to library Produced with Royal College? 4.2 4.6 CSG review pass? tification to provider of noncompliance, app rejected 4.3 Produced with 3 rd sector? 4.4 4.5 Information source non- UK organisation? Trusted/ verifiable information source? Send to CSG for review 4B

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information