About IIM

About Integrated Identity Management

The Electronic Staff Record (ESR) and NHS Health and Social Care Information Centre (HSCIC) have developed a secure, scalable and streamlined system to capture and manage employee identity and control access to electronic staff and patient records. Integrated Identity Management (IIM) significantly improves information governance and patient confidentiality, while reducing the administration costs of managing employee identity in the NHS.

Meeting the QIPP Challenge

IIM delivers real efficiency and productivity savings in line with the NHS Operating Framework and supports the delivery of the quality, innovation, productivity and prevention (QIPP) challenge:

  • Implements best practice with secure and efficient Smartcard Registration processes.
  • Promotes better integration between Human Resources and Registration Authority functions, removing duplication and delivering proven efficiency gains.
  • Using the ESR interface to CIS, organisations can check employee identity and arrange Smartcard access at the same time  using a single IIM approach that avoids dual processing across HR and RA departments.
  • The ESR interface to CIS allows organisations to activate a new employees access to a Smartcard immediately, and to suspend it immediately when they leave. Any changes in employment, such as new starter, job change, leaver etc are reflected immediately in ESR, thereby providing the most responsive and efficient method of enabling, modifying or withdrawing access to computer systems linked to the NHS Spine. 

Controlling Access to Staff & Patient Data

The NHS is required to meet the NHS Employment Check Standards (September 2012) for all staff, volunteers, contractors etc. providing NHS services. Responsibility for these checks sits with the Human Resources (HR) department. Similarly, robust identity checks (using the same identity management standards) are carried out by an NHS organisation's Registration Authority (RA) to verify an individual's identity before allowing access to NHS Care Records Service (NHS CRS) applications.

IIM allows NHS organisations to make significant cost savings by combining these parallel activities, and allowing access to electronic patient records on computer systems linked to the NHS Spine.

This is achieved by implementing two new applications:

Care Identity Service (CIS) is the workflow software for managing access to NHS CRS Compliant Systems via Smartcards. It replaced the previous Registration software User Identity Management (UIM) from February 2015. 

Human Resources functions currently update ESR when changes are made regarding an employees assignment to an established position. The ESR interface to CIS is triggered by such changes and automatically updates an individuals access rights to NHS CRS compliant systems, reflecting the access requirements of their new position. It enables the management of access control via a single point of data  the change to the employees position within ESR.

The ESR Interface to CIS Current Status

As at the end of August 2015, 218 organisations have activated the ESR interface to CIS and 311,376 ESR positions are linked to NHS CRS Access Control Positions. This means that 266,523 staff members are now managed via the interface (i.e. person details and access rights managed via the interface). The interface also manages person detail updates for 475,542 staff members (i.e. those staff members not assigned ESR positions linked to NHS CRS Access Control Positions).

Spine 2 Care Identity Service

The Care Identity Service (CIS) project, formerly known as the Identity Access Management (IAM) project, has been delivered under the Spine 2 programme, to manage the exit from the current Spine contract. This project entails the development of a new replacement service for the current Registration Authority application and the transition from the services that was withdrawn at the end of the current Spine contract. Further details in relation to the Care Identity Service are available via the HSCIC website. (accessible only via N3)

The NHS ESR Interface to CIS has remained largely unchanged after UIM to CIS Transition.

  • HSCIC will maintain responsibility for the provision on training in relation to the decommissioning of UIM and the implementation of CIS.  
  • Key changes in the operation of the interface are summarised below:
    • Personal Detail Updates: Only changes to first name, middle name or last name will require a manual grant in CIS. All other changes to personal details will be automatically granted by CIS.
    • E-mail Addresses: Only e-mail addresses that have the following domains are stored in CIS; .nhs.net, .nhs.uk, .gov.uk, .mod.uk. Other e-mail address will not be stored within CIS,
    • Captivate e-learning training material is available by clicking here.

Please direct any queries in relation to the ESR interface to CIS to esr.smartcard@nhs.net.

Further information

For further details regarding the ESR interface CIS please e-mail esr.smartcard@nhs.net.

Further information regarding the Care Identity Service is available via http://systems.hscic.gov.uk/rasmartcards/cis

Any queries in relation to the Care Identity Service should be directed to HSCIC via accesscontrol@nhs.net.

Click here to find out more information about Implementing ESR Interface to CIS

Click here for Case Studies of Organisations that have activated the ESR Interface to CIS.