I'm a project manager asking how long onboarding takes, so I can relay back timelines to our development team

The onboarding process can sometimes be quite long, so it’s worth planning well ahead.

For some of our newer APIs, we use digital onboarding. With digital onboarding, you use our online service to submit the information we need to approve your software. For more details, and to get started, see Digital onboarding.

Hello Mr. Schonhut,

I am in the same boat and wonder if a tech company needs to interact with a physician as a clinical safety officer.

Thanks .

I’d say a lot depends on the clinical risks inherent in the APIs you choose to use.

(For a quick intro to clinical safety standards, see https://digital.nhs.uk/developer/guides-and-documentation/introduction-to-healthcare-technology/clinical-safety.)

If there is clinical risk involved in an API, the onboarding process will almost certainly involve you in completing a clinical “hazard log” as well as a more technically-oriented “risk log”.
As an example, see the templates for PDS FHIR API here:

Some older APIs insist on you identifying your “Clinical Risk Officer” early on as part of onboarding process.

Hope that helps answer your question?



Thank you for answering my question. Mr. Schonhut.

I have been asked from the API onboarding team to name the clinical safety officer which is a hurdle we face now.

In the long run, we are going to use the clinical APIs .
But at the moment, we need only administrative APIs .

In that case. this reason will be a justification to be approved by NHS onboarding team?

Burai Ltd

Hi again,

You don’t say which API you’re using, but for most APIs you have to explain your “use case” (ie what you’re using it for) to the onboarding team at an early stage.

In general, I would think this is when you would explain that it’s an “administrative” use case rather than a “clinical” one.

The onboarding team for the specific APIs you’re using should be able to advise you on whether your use case for that API carries clinical risk or not.

If it does, you’ll need a clinical safety officer sooner rather than later.

Hope that helps.


1 Like

Thank you for the helpful info! Mr. Schonhut, :slightly_smiling_face:

@greenbox03 I am the Product Owner for our Digital Onboarding Service. I am having a think at the moment about how we measure whether things are going well.

I was wondering what you would consider a long time?

Also, what if we were getting back to you quickly, but you needed a few months to build out your software, I guess onboarding taking that bit longer would not be such an issue for you? It’d be useful to know how you or your team feel about the subject?

1 Like

@Alex_Lord Thanks for your comment. Couldn’t agree more.
In your scenario, less tight timeline , a long time would not be a matter. :wink:


Does anyone know how long does the review of the Risk Log for the PDS FHIR API (Application-restricted access mode) typically takes?

We have submitted it about 2 weeks ago, and is hoping to schedule a go-live date.


I am awaiting for several weeks for the review of the risk log and clinical risk management. Any update here?

In relation to how long it takes to review a risk log, this is very much product specific, and is dependant on how much detail you have included in the mitigating actions and how easily you are able to evidence your mitigation in testing.
The risk log review will not commence until all the other previous sections are complete and approved as the testing team will refer to the earlier responses. If you would like to know where your specific product is in this process, please contact us via Service Now, requesting a response from the Partner Gateway Team, (you may need to create a portal account for this).


Thank you for clarifying.

Hey it would be AWESOME if anyone interested in this questions could contribute to our suggestion board, which directly drives our backlog and prioritisation…

Votes / specific suggestions VERY welcome!


Thank you for sharing it. I did it.