NHS Booking and Referral Standard

Guide v1.7.0 | Core v1.1.3 | Package v1.32.0

Requirements

Name Description
Conformance The solution conforms with the BaRS standards where applicable, within any Application
Safety The solution complies with NHS Digital Clinical Risk Management Standards, in particular 0129 (IT Supplier) and 0160 (Trust/Provider)
Security The solution resists unauthorised, accidental or unintended usage and provides access only to legitimate requests
Scalable and capacity The solution is designed to accommodate increased volumes, workloads and users
Availability and reliability The solution meets a service level agreement that includes a 99.9% uptime guarantee and a high Mean Time Between Failures (MTBF) The solution has adequate disaster recovery and fault tolerance enabling continued operation in the event of a failure
Auditability All of the solutions interactions are fully auditable for both sending and receiving
Data retention The Solution audits all API access attempts and actions, retaining all pertinent data therein
Deployment Solution providers release a new major version of their Booking and Referral APIs alongside a previous major version, until such time as consumers have migrated to the new major version. Alternatively, there is support for backward compatibility of requests to support consumers. Solution providers release a new minor or patch version, replacing the previous minor or patch version The Booking and Referral endpoints are independently deployable against unique Fully Qualified Domain Names (FDQN). This ensures support for limitations around sending and receiving messages between path-to-live and production environments. To increase availability, during upgrades and maintenance, the Booking and Referral APIs are load balanced across multiple servers In multi tenanted deployments, the activity of individual tenants are readily distinguishable


back to top