Skip to main content
A hospital corridor

Case study

Giving back 30,000 care hours a year to the NHS

As important as a nice cup of tea is...

As important as a nice cup of tea is...

We've all had this experience: you arrive at work, power up your computer and enter your authentication details. Then you go and put the kettle on - because you know the authentication process is going to take its time. 

Annoying for the individual, those minutes waiting for access to applications soon add up across an organisation. In a hospital or care home, they represent hundreds of hours that could otherwise be spent looking after patients and service users.

Since Mastek was involved helping NHS Digital overhaul its identity and access management (IAM) system, a slick authentication process for clinicians is giving 30,000 care hours a year back to England's national health and care service.



The main reason for choosing Mastek was the cultural fit and the fact that NHS Digital simply thought: we can do business with you guys."

Adam Lewis, Head of Identity and Access Management, NHS Digital

    A Department of Health (DoH) arm's-length body, NHS Digital is the national provider of information, data and IT systems to commissioners, analysts and clinicians in the health and social care service.

    Critical systems in safe hands

    NHS Digital chose Mastek as one of its key delivery partners to:

    • Develop a more efficient, flexible and scalable IAM system (known as CareID) to meet complex authentication needs across hospitals, GP practices and other NHS organisations
    • Bring the NHS secure data warehouse known as Secondary Uses Service (SUS) back in house to deliver performance improvements and cost savings

    CareID and SUS are constituent parts of NHS Spine, one of the largest healthcare network platforms in the world, and both were previously provisioned under the same 12-year programme as the core Spine network.

    From the start, Mastek had supported development and delivery of the Spine programme by the main contractor, BT Global Services, gaining plenty of insight into what NHS Digital needed to achieve.


    The contribution that Mastek has made to the success of the NHS Spine Programme is substantial. The Mastek team has consistently maintained a professional yet flexible approach to ensure that collective success has been achieved"

    Patrick O'Connell, President, Major Programmes, BT Global Services 

    CareID and SUS

      CareID provides IAM to Spine users by managing identity registration, credential management, smartcard-based authentication, single sign-on and access control services.

      CareID combines the activities involved in:

      • Verifying user identity
      • Allowing access to healthcare-related applications linked to NHS Spine

      It also provides a secure audit trail of the information accessed, and allows for secure transfer of data between applications. 

      SUS is a comprehensive repository for healthcare data in England. It stores information collected when a patient is treated or cared for, allowing its use for secondary purposes (purposes other than direct or primary clinical care) such as:

      • Healthcare planning
      • Commissioning of services
      • Policy development
      • National tariff reimbursement

      500,000 users authenticated in 15 minutes

      Every morning, more than 500,000 employees log in to NHS systems during a single 15-minute period. Once Mastek had rebuilt CareID — using a combination of commercial off-the-shelf (COTS) software and open-source technologies — authentication became so efficient that 30,000 care hours are now restored to the NHS each year.

        CareID authentication is multi-factor, using smartcards, and Mastek is looking at adding biometrics (such as facial recognition) to make the authentication process even smoother. 

        Before the CareID rebuild, it used to take anywhere from 20 to 45 minutes, to register one new user and issue their smartcard. That was bad enough on an average day, when just a few users were registering. But on junior doctor intake days - when thousands came on board - the system often came to an almost grinding halt. 

        Today it typically takes just 2 or 3 minutes to register a new user and issue their smartcard. CareID is also immensely scalable. Already supporting 1.5m users, it has capacity built in to handle 1.8m users, allowing plenty of headroom for growth. 

        80% faster smartcard processing

        CareID allows a catalogue of user roles (and their permitted actions) to be defined at the national level. But the sheer size of the NHS means those roles can't account for every local variation. 

        That's why CareID allows individual organisations the flexibility to build on those national roles and define local 'positions', enabling them to respond quickly and easily to change as the NHS continues to transform and modernise.

        For example, if a hospital gives its doctors responsibilities that go beyond the standard defined 'doctor' role, the hospital can create a doctor 'position' with rights to access the additional applications, workgroups or other resources its doctors need. 

        2,000 national roles

        In designing and building CareID, Mastek took an Enterprise Agile approach that enabled rapid, iterative development and saved time and costs.

        However, Agile development demands agile testing - creating the need for a high degree of test automation. Mastek achieved: 

        • Up to 90% test automation for some development phases, cutting weekly unit and integration testing from 16 hours (when done manually) to just 4. 
        • 70% savings in time and effort needed to test multiple browser types and versions each time there was a change to user interface code.

        The cutover from the legacy IAM system to CareID took place over a single weekend, and went without a hitch. It was the same story for the transition of SUS to the in-house platform. And the measurable improvements to IAM and data warehouse processes speak for themselves. 

        Dev and test, Agile all the way

        Doing more with data

          SUS stores more than 70Tb of patient data, a volume that grows by 1.5Tb in a typical month. Mastek worked with NHS Digital and third parties to develop a secure in-house platform for SUS, and supported the extensive data migration project.

          As a result, NHS Digital is meeting its goals for:

          • Performance improvements — Mastek tuned the database and optimised use of system resources to deliver 1,000% faster performance.
          • Significant operational cost savings — by taking over management of SUS from the previous provider, and relying on Mastek for third- and fourth-line support.

          Mastek has also identified the potential for a further £100,000 of economies, to be delivered through a database reclamation plan that will save data space.

          >70 Tb of patient data – one of the ten largest global databases

          SUS doesn't just store data: it applies algorithms that enable hospitals to be reimbursed in line with the NHS national tariff for the care they provide. Mastek works with another DoH arm's-length body, NHS Improvement, to help define the tariffs and develop the algorithms.

          Each month, SUS calculates £2.5bn of reimbursements. Performance improvements delivered by Mastek ensure the on-time availability of the corresponding:

          • 21,000 payment extracts
          • 7,000 ad-hoc extracts

          Building on success


          NHS Digital won the iCMG Enterprise & IT Architecture Excellence Award 2015 (healthcare category) for the architecture, design and development of CareID."


          Building on the successful collaboration with NHS Digital, Mastek is now working with other DoH arm's-length bodies on further large-scale national programmes, all designed to support the continuing digitisation and transformation of the UK's health and care service. 

          Building on success

          CONTACT US

          How can we help your organisation?

          +44 (0) 1189 035 700

          +44 (0) 1189 035 700

          CONTACT FORM

          How will we use the information about you?

          When you complete this form and submit your details, you are trusting us with your personal data. Our Privacy Notice informs you of what personal data we collect, why we collect it, and of your rights in relation to your data. By pressing submit, you indicate that you have read and accepted the terms of our Privacy Notice and that you consent to our processing of your personal data as described in the Privacy Notice.