🏥 HealthTechDelivered on Time📋 Fixed Price

NHS-Connected Mental Health App — DTAC Approved

UK Client6 min readUpdated June 2025
Region
UK Client
Contract
Fixed Price
Tech Stack
8 Technologies
IP
Ownership 100% transferred to client on delivery

Project Overview

NHS-Connected Mental Health App — DTAC Approved. A UK mental health technology company needed to build a patient-facing digital therapy support app connected to NHS syst...

Technology Stack

React NativeNode.jsFastAPIFHIR R4 UK CoreNHS Login OIDCAWS eu-west-2PostgreSQLTerraform

The Challenge

A UK mental health technology company needed to build a patient-facing digital therapy support app connected to NHS systems. The app needed: NHS Login for patient identity verification, FHIR R4 data model for clinical records, DTAC compliance across all 5 domains, and WCAG 2.1 AA accessibility. A previous developer had built a version that failed DTAC Domains 2, 3, and 5. ClickMasters was engaged for full remediation and rebuild of the failed components.

Our Approach

DTAC Domain 3 (Technical Security) Remediation: Achieved Cyber Essentials Plus certification (4 weeks). Commissioned CREST-certified penetration test (identified and remediated 2 High and 6 Medium findings). Implemented automated dependency scanning in CI/CD pipeline (Dependabot, 14-day patch SLA). DTAC Domain 2 (Data Protection) Remediation: Completed DSP Toolkit to "Standards Met" level. Implemented FHIR R4 data model for clinical data (replacing custom JSON schema). Completed DPIA for high-risk processing of mental health data (Article 9 special category). Revised Article 28 DPA with NHS organisations. DTAC Domain 5 (Usability & Accessibility) Remediation: WCAG 2.1 AA audit (automated + manual screen reader testing with NVDA). Identified 23 accessibility failures. Remediated all 23 over 3 sprints. Re-tested with screen reader users. Evidence pack compiled. NHS Login Integration: Completed NHS Digital supplier onboarding (P5 assurance level for mental health service). Implemented OIDC authorisation code flow with PKCE. Tested in NHS Digital sandbox and integration environments.

The Results

DTAC resubmission approved on first attempt following remediation. NHS App Library listed 14 weeks after ClickMasters engagement began. 1,200 NHS patient registrations in first 8 weeks. DSP Toolkit "Standards Met" maintained at annual renewal.

Client Testimonial
Sector: HealthTech / NHS Digital | Technology: React Native, Node.js, FastAPI, FHIR R4 UK Core, NHS Login OIDC, AWS eu-west-2, PostgreSQL, Terraform | Compliance: DTAC (all 5 domains), DSP Toolkit "Standards Met", Cyber Essentials Plus, CREST pen test, WCAG 2.1 AA, DCB0129, UK GDPR Article 9
ClickMasters Case Study Team
Reviewed by James Whitmore, CTO

Project Details

Sector
HealthTech
Country
UK Client
Status
Delivered on Time
Contract
Fixed Price
Tech Stack
8 Technologies
Reading Time
6 min
IP Ownership
Ownership 100% transferred to client on delivery
Last Updated
June 2025
Written By
ClickMasters Case Study Team
Reviewed By
James Whitmore, CTO

Related Case Studies

View All
🏥
HealthTech

Workforce Management SaaS — UK Healthcare Staffing Agency

A UK healthcare staffing agency placing 2,800 NHS-registered nurses, doctors, and allied health professionals ...

🏥
HealthTech

NHS Outpatient Referral System — FHIR R4 Integrated

An NHS Foundation Trust needed to replace a 2007 paper-based outpatient referral system. GPs referred patients...

🏥
HealthTech

HealthTech Wearable Integration Platform — NHS Remote Monitoring

An NHS Clinical Commissioning Group (now ICB) wanted to build a remote patient monitoring platform for 1,200 p...

Ready to Start?

Ready to Transform Your Business?

Let's discuss how our technical expertise can help you achieve remarkable results.

Start Your ProjectView All Case Studies