Procurement framework strategy recommendations

Guidance for trusts when buying digital and IT goods and services in the NHS

NHS England has developed guidance to help simplify the digital and IT framework landscape, remove duplication, and reduce costs.

We have recommended which framework agreements should be used by NHS buyers when buying digital and IT goods and services.

Framework agreements are the most common way of buying digital products in the NHS. They enable buyers to place orders without running a lengthy full tendering exercise and to draw from a predetermined list of accredited vendors. It also means that buyers do not have to approach all vendors in the market, and should, as a result, make the buying process easier and more cost effective.

However, there are often multiple framework agreements to choose from for similar products or services, which can make the procurement process more complicated for both buyers and vendors to navigate. It can lead to buyers being unclear on the appropriate framework to use for their requirement; vendors applying to multiple framework agreements for the same things which can be both expensive and time-consuming; and buyers not always being reassured that the vendors on framework agreements meet the minimum standards that they expect.

We have developed a ‘6 pillar’ approach as a simple yet intuitive way to sub-categorise the varied digital landscape, grouped based on commonality of requirements and functionalities and supplier market capabilities. We have then mapped all the current framework routes to market for buying digital and IT against these and completed a comprehensive further analysis against key commercial criteria. We have engaged with framework providers, buyers and vendor stakeholder groups to understand current risks and challenges and have reflected these in our analysis of the quality of frameworks.

This has resulted in endorsement of 34 of the 57 frameworks currently used for procuring digital and IT, as the most optimal routes to market. This list ensures full market coverage in terms of the current products and services on offer.

We will continue to work with framework providers to ensure these frameworks are the most appropriate to use at all times and where necessary, support new or modified routes to market to replace any current frameworks that do not continue to meet required criteria.

The endorsed framework agreements are categorised into 6 ‘pillars’ according to the category of product that they offer in order to help make it easier for buyers to find the right framework agreement for what they need to buy. Individual pillar descriptions can be found below.

The key technical, data and digital standards have also been aligned to each pillar. As per standard procurement process, to be accepted onto a framework agreement, vendors must meet these standards aligned to the appropriate pillar(s) as a minimum. This will provide assurance to buyers that vendors meet the minimum standards that they expect. Further details on these standards can be found below.

Email england.ceopframeworks@nhs.net

Recommended routes to market for digital and IT spend across the NHS

We recommend trusts use the following 34 framework agreements:

Pillar 1 – Hardware – Clinical

  • North of England Commercial Procurement Collaborative (NOECPC): Link 3 IT Hardware and Services
  • NHS Shared Business Services (NHS SBS): Digital Workplace: Hardware (LINK 3)
  • NHS SBS: Technology Enabled Care Services 2 (lots 1 and 4)
  • NHS Commercial Solutions: Pharmacy Robots, Inventory Management Systems, Assets and Associated Services (Lots 4 and 6)

Pillar 2 – Hardware – Non-clinical

  • CCS: Network Services 3 RM6116 (Lots 1a, 2a)
  • CCS: Spark DPS RM6094
  • CCS: Technology Online Purchasing Content RM6147
  • CCS: Technology Products and Associated Services RM6068
  • NHS London Procurement Partnership (LPP): Information Management and Technology
  • NHS Commercial Solutions: Digital dictation, speech/voice recognition, outsourced transcription and associated services (lots 1 and 2)
  • NHS Commercial Solutions: Patient healthcare communications and related IT services
  • NOECPC: Total Technology Solutions (NOE.0552)
  • NOECPC: Link 3 IT Hardware and Services
  • NHS SBS: Digital Workplace: Hardware (LINK 3)

Pillar 3 – Software/SaaS/Apps – Clinical

  • CCS: AI DPS RM6200
  • CCS: Spark DPS RM6094
  • East of England Collaborative Procurement Hub (EOECPH): Ambulance EPR
  • LPP: Clinical Digital Solutions
  • LPP: Health and Social Care Apps DPS
  • LPP: IAPT Computerised Cognitive Behavioural Therapy (cCBT) Solutions
  • NHS Digital: GP IT Futures
  • NHS England: HSSF

Pillar 4 – Software/SaaS/Apps – Non-clinical

  • CCS: AI DPS RM6200
  • CCS: Automation Marketplace DPS RM6173
  • CCS: Back Office Software RM6194
  • CCS: G Cloud 13 (lot 2)
  • CCS: Technology Online Purchasing Content RM6147
  • CCS: Technology Products and Associated Services RM6068
  • LPP: Clinical Digital Solutions
  • LPP: Information Management and Technology
  • NHS Commercial Solutions: Digital dictation, speech/voice recognition, outsourced transcription and associated services (lots 1 and 2)
  • NHS Commercial Solutions: Patient Healthcare Communications and Related IT Services
  • NHS Commercial Solutions: Pharmacy Robots, Inventory Management Systems, Assets and Associated Services (Lots 1, 2, 3 and 6)
  • NHS England: HSSF
  • NOECPC: Total Technology Solutions (NOE.0552)

Pillar 5 – Services – Clinical

  • CCS: AI DPS RM6200
  • CCS: Spark DPS RM6094

Pillar 6 – Services/IaaS/PaaS – Non-clinical

6a. Network and Hosting

  • CCS: Cloud Compute RM6111
  • CCS: G Cloud 13 (lot 1)
  • CCS: HSCN Access Services DPS RM3825
  • CCS: Network Services 3 RM6116 (Lots 1a, 1d, 2a, 3b and 4a)
  • CCS: Quality Assurance and Test IT Systems 2 RM6148
  • LPP: Information Management and Technology
  • NOECPC: Total Technology Solutions (NOE.0552)

6b. Complementary Technology Solutions

  • CCS: AI DPS RM6200
  • CCS: Automation Marketplace DPS RM6173
  • CCS: Cyber Security Services 3 RM3764.3
  • CCS: Digital Capability for Health RM6221
  • CCS: Digital Inclusion and Support DPS RM6209
  • CCS: Software Design and Implementation Services RM6193
  • CCS: Technology Products and Associated Services RM6068
  • CCS: Technology Services 3 RM6100
  • LPP: Digital Documents Solutions
  • NHS Commercial Solutions: Digital dictation, speech/voice recognition, outsourced transcription and associated services (lots 1, 2, 3, 4)
  • NHS Commercial Solutions: Patient Healthcare Communications and Related IT Services
  • NHS England: HSSF

6c. Professional Services and Consultancy

  • CCS: Audio Visual Technical Consultancy and Commissioning DPS RM6225
  • CCS: G Cloud 13 (lot 3 for contract value below £250k, lot 4 for contract value over £250k)
  • LPP: Clinical Digital Professional Solutions
  • LPP: Clinical Digital Solutions
  • LPP: OneLondon Local Health and Care Record DPS
  • NOECPC: ICT Solutions Delivery

Back to top

Expected commercial adherence

Buyers in the NHS should use these framework agreements for all digital buying. This will support and encourage both commercial best practice and innovation in the market and help reduce unnecessary transaction costs.

Use of non-endorsed routes will also ordinarily preclude trusts or other buying organisations accessing shared or central funding for the services in question. Any increased risks of supplier performance or unwarranted costs incurred as a result of using non- endorsed routes would be the sole responsibility of the individual buying organisations.

We will give buyers all they need in terms of central support and guidance to enable buying through the recommended routes. The Digital Category Strategy and Policy Hub will be the first point of contact as we develop the support model further.

NHS buying organisations are reminded that it is their responsibility to ensure they are complying with the Public Contracts Regulations 2015 where they are applicable. Where buyers choose not to use one of the endorsed framework agreements, they should provide a rationale for that decision. This input will be used to constantly refine and improve our recommendations in line with user needs.

Vendors will be expected to show that they meet the relevant minimum standards required to be on any of the endorsed frameworks going forward. This will make vendor capabilities clear to buyers.

Framework providers are expected to follow the six-pillar approach and make sure that the vendors on their framework agreements meet the minimum standards at all times.

Back to top

Pillar descriptions

Pillar 1 – Hardware – Clinical

Tangible hardware items, that may be governed by MHRA Regulations and can only be used in a specific clinical setting, use case or environment. Such as, but not limited to, All in One Medical Computers/Theatre Consoles, Radiology Workstations and biometric medical items which are not included within a medical/clinical device category (covered by MHRA and NICE). Irrespective of whether procured as assets or subscribed Device as a Service (DaaS).

Pillar 2 – Hardware – Non-clinical

Tangible hardware items, which can be used in any setting, sector or use case and are not covered by MHRA Regulations. Such as, but not limited to, End User Computing and Mobile/Tablet Devices and Peripherals, Printers/Multi-Function Devices, Physical Servers and Physical Networking Equipment, Wireless Access Points and Controllers, Smart Screens and White Boards, Reception Consoles, and Information Screens. Irrespective of whether procured as assets or subscribed Device as a Service (DaaS).

Pillar 3 – Software/SaaS/Apps – Clinical

Software solutions, applications or Mobile Apps used in patient care in any setting/sector, including any system of record which may contain elements or all of a patient’s record, consultation notes, treatment plan and prescriptions. Whether procured as remotely/Cloud hosted, On Prem, licensed or Software as a Service (SaaS).

Pillar 4 – Software/SaaS/Apps – Non-clinical

Software solutions, whether procured as licences or Software as a Service, that can be used across a range of Non-Clinical or Back Office settings, such as Finance or Procurement, HR, Payroll, Information Governance and Risk, Legal Services or IT Services Management Systems and Business Intelligence or Analytical. Also includes Robotic Process Automation (RPA), Digital Dictation or Transcription Services, and other applications and mobile Apps which may support the utilisation of the software solutions used in this Pillar. Whether procured as remotely/Cloud hosted, On Prem, licensed or Software as a Service (SaaS).

Pillar 5 – Services – Clinical

Electronic assistive technologies (EAT) such as for environmental control systems and alternative means of access for complex disabilities; alarm technologies and services that support remote monitoring, enable supported living, e.g., fall monitoring; continuous monitoring services to enable clinical diagnosis of patients at home; scheduled and on demand remote services to manage and control chronic illness (TeleHealth, TeleConsultation); medicine optimisation services.

Pillar 6 – Services/IaaS/PaaS – Non-clinical

6a. Network and Hosting

Intangible solutions such as, but not limited to, mobile data, networking, cloud hosting, Infrastructure as a Service (Iaas), Platform as a Service (PaaS), telephony lines.

6b. Complimentary Technology Solutions

Intangible solutions such as, but not limited to, Cyber Security or Penetration Testing Services, Data Analysis or Business Intelligence Services, Technical Support or Data Migration Services.

6c. Professional Services and Consultancy

Professional services specifically regarding Digital and Technology (excluding Project Management or Temporary Staffing which falls under Workforce Category) technical consultancy and advice.

Back to top

Minimum standards applicable for each pillar

Pillar 1 – Hardware – Clinical

Pillar 2 – Hardware – Non-clinical

Pillar 3 – Software/SaaS/Apps – Clinical

Pillar 4 – Software/SaaS/Apps – Non-clinical

Pillar 5 – Services – Clinical

  • Cyber Essentials Certified OR ISO 27001 Certified
  • Hardware and software used in delivery of the service must conform to the relevant standards as set out in the appropriate pillars

Pillar 6 – Services/IaaS/PaaS – Non-clinical

6a. Network and Hosting

  • Cyber Essentials Certified OR ISO 27001 Certified

6b. Complementary Technology Solutions

  • Cyber Essentials Certified OR ISO 27001 Certified

6c. Professional Services and Consultancy

  • Cyber Essentials Certified OR ISO 27001 Certified

Back to top