Ashford and St Peter’s Hospitals NHS Foundation Trust (the Trust) is a local Registration Authority (RA) authorised to carry out on behalf of the NHS the registration of individuals and issuance of NHS Smartcards.

The local RA ensures that individuals providing healthcare services to the NHS directly, or indirectly, have access to NHS Spine connected applications and information in accordance with their role. It is the Trusts’ responsibility to ensure that the requirements of RAs are met and maintained, to adhere to the NHS Confidentiality Code of Practice and the NHS Care Records Guarantee.

From April 2008, NHS Employment Check Standards became a requirement in the NHS as part of the annual health check. Similarly, robust identity checks were also enforced using the same identity management standards carried out by an NHS Registration Authority (RA) to verify an individual’s identity before allowing access to Spine connected applications. Combining these two parallel activities into a single Integrated Identity Management (IIM) process has proven to deliver significant benefits through HR/RA process integration and the move to Position Based Access Control (PBAC).

Integrated Identity Management significantly improves access control to Spine connected applications containing person identifiable information through revised business processes and the introduction of new software applications.

Based on the significant benefits and improved governance, the Trust has implemented the integrated PBAC through the Electronic Staff Record (ESR) interface alongside Care Identity Management (CIM).

Failure to adhere to this policy constitutes a breach of employment Terms and Conditions and could result in disciplinary action and/or revocation of system access.


Policy Details

Download: PDF version
Compiled by: Nicki Rayment, Head of Digital Programme Delivery & RA Manager
Ratified by: Information Governance Steering Group
Date Ratified: December 2023
Date Issued: December 2023
Review Date: December 2026
Target Audience: All staff and non-ASPH staff using Smartcards, including those from any defined child organisation
Contact name: Nicki Rayment, Head of Digital Programme Delivery (RA Manager)


See also:

  • Information Governance Standard Operating Procedure No.4 - User Access Management
  • Registration Authority Standard Operating Procedure No.1 - Access Control Position Management
  • Registration Authority Standard Operating Procedure No.2 - Annual Review of Spine Positions
  • Registration Authority Standard Operating Procedure No.3 - Child Organisation Process
  • Patient Safety Incident Response Policy (PSIRF)
  • Temporary Access Card (TAC) Standard Operating Procedure


Protecting Your Online Privacy
Protecting Your Online Privacy

This Ashford and St Peter's website uses cookies to track visitor numbers. Find out more in our Cookies Policy and Privacy Policy. You can also read our Accessibility Statement and Privacy Notice for your information.