Indemnity and safety standards

eConsult adheres to all the required safety and indemnity standards

Laura Perring avatar
Written by Laura Perring
Updated over a week ago

This article covers:

The Clinical Negligence Scheme for General Practice (CNSGP)

  • The Clinical Negligence Scheme for General Practice (CNSGP) covers activities that are commissioned under a GMS, PMS or APMS contract (or related enhanced primary care elements under an NHS Standard Contract), and where a provider provides services directly or under a sub-contract.

  • The scheme coverage extends to nurses/ANPs and other practice staff who are carrying out activities in connection with the delivery of primary medical services. The location of the services being provided and whether they are digital or face-to-face will not affect the cover.

  • The services/consultations must be being provided via a GMS/PMS/APMS contract and the consultations themselves must be connected to the diagnosis, care or treatment of a patient.

NHS Compliance

  • All of our questionnaires are created by a range of clinicians and content is approved through our Clinical Governance process, designed in line with DCI0129 requirements.

  • The team meets regularly, led by our Medical Director and Clinical Lead for Urgent and Emergency Care. This allows for a multidisciplinary team approach that focuses on both clinical and patient safety.

  • We are DSP Toolkit compliant (for all mandatory sections and all optional sections)

  • We comply with the National Data Guardian recommendations.

  • Our platform is hosted on a Tier 3, ISO 27001 Data Centre, behind HSCN.

  • We are ITK compliant and certified to send data to the GPSoC providers over MESH.


  • We use consent as our lawful basis for processing patient data.

  • We have written our privacy notice in plain English and made clear the legal rights of the patient.

  • We have appointed a Data Protection Officer, in line with our responsibilities for handling sensitive data.

Platform security

  • We encrypt patient details for their entire journey into your practice.

  • We do not store any patient-identifiable medical information.

  • Built on top of a secure framework, our platform has protection against typical website attacks (e.g. XSS, SQL and HTML injections).

  • We score highly on regular pen tests with independent, external providers

  • CISSP-certified architect configured infrastructure.

  • All interactions with the website are via a secure connection, using up-to-date encryption techniques (TLS v1.2, strong key exchange and strong cypher).

Clinical Governance

  • eConsult is safe. eConsult always alerts patients who report a serious symptom or a medical emergency. Our red flag system immediately directs patients to seek the most appropriate care.

  • Our Clinical Governance board comprises NHS GPs, clinicians and specialists. The board meets regularly to undertake content reviews and ensure that eConsult always adheres to the latest guidance and the highest safety standards.

  • Our Clinical Governance Lead and Information Governance Lead meet monthly to maintain our hazard logs and safety case and identify any new potential risks or Data Protection Impact Assessment (DPIA) requirements.

  • Following the MHRA guidance on medical devices, we have appointed a Medical Safety Officer, and applied the standards defined in DCB0129/DCB0160 and will continue to do so.

  • We are proud winners and finalists of several Patient Safety Awards.

Our robust Clinical Governance process

From start to finish every new template follows the same rigorous and robust creation and sign-off process to ensure our platforms are both safe and effective.

Once the template has been signed off and goes live, it will then be monitored and reviewed yearly as a minimum to make the template more efficient in taking the needed clinical history and safer to ensure any other symptoms are included. Every template will undergo at minimum a yearly update, however, if any new NICE guidance is updated then our content gets updated accordingly.

  1. Every condition template is first drafted by a clinician.

  2. The template is reviewed by the governance board (minimum of 6 people, chaired by the eConsult Medical Director or the Clinical Director for Urgent and Emergency Care.

  3. The template is edited and approved by the governance board.

  4. The template undergoes our plain English language check.

  5. The template is sent back to the clinical governance board for a final review.

  6. The template is built into the product by our development team.

  7. A clinician signs off the template before it is made live.

  8. The live template will then be under constant review.

If you have any questions or you feel that this article could be improved, please feel free to give us some feedback by emailing us, pressing the emojis below or using the chat button on the bottom right-hand side of this page to speak to one of the eConsult team.

Did this answer your question?