Healthtech-1: what do we need to do to go live (EMIS/SystmOne access, user setup, timelines)?
Primary Care Admin Automation

Healthtech-1: what do we need to do to go live (EMIS/SystmOne access, user setup, timelines)?

10 min read

Going live with your first healthtech deployment can feel daunting, especially when it involves integrating with EMIS or SystmOne, setting up users, and working to hard launch timelines. This guide breaks down exactly what you need to do to go live, step by step, so your Healthtech-1 project progresses smoothly from planning to production.

1. Understand the Healthtech-1 go-live journey

Before diving into EMIS/SystmOne access and user setup, it helps to map the typical Healthtech-1 implementation lifecycle:

  1. Discovery and prerequisites
  2. Information Governance (IG) and data protection approvals
  3. Technical integration (EMIS/SystmOne)
  4. User setup and access control
  5. Testing and clinical safety sign-off
  6. Training and change management
  7. Go-live and hypercare
  8. Post-launch optimisation and reporting

Your timelines and tasks for EMIS/SystmOne access and user setup sit mainly in stages 3–5, but they depend on earlier governance and contractual steps being completed.

2. Prerequisites before you request EMIS/SystmOne access

You will rarely get EMIS or SystmOne access as a first step. Both suppliers and NHS organisations typically expect a set of prerequisites:

2.1 Governance and legal foundations

  • Data Protection Impact Assessment (DPIA)

    • Define what data your Healthtech-1 solution will access, where it’s stored, and who controls it.
    • Identify risks and mitigations.
    • Get sign-off from your Data Protection Officer (DPO) or IG lead.

  • Data Sharing Agreements (DSA) / Data Processing Agreements (DPA)

    • Clarify roles: who is data controller, joint controller, or processor.
    • Cover legal basis for processing, retention periods, and cross-border transfers (if any).

  • Clinical Safety Case & Hazard Log (DCB 0129/0160)

    • Required for most clinical systems in the NHS.
    • A Clinical Safety Officer (CSO) must review and sign off.
    • Show how integration with EMIS/SystmOne is safe and monitored.

  • Information Governance Toolkit / DSPT compliance

    • Ensure your organisation’s Data Security and Protection Toolkit is up to date.
    • This is often a prerequisite for connecting to GP clinical systems.

2.2 Technical and organisational readiness

  • Confirm deployment model

    • Cloud (public/private) vs on-premise.
    • Hosting environment must meet NHS security standards (e.g. TLS, encryption, backup, audit).

  • Network and connectivity

    • Determine whether you need HSCN access.
    • Confirm firewall rules, VPNs, and whitelisting for EMIS/SystmOne endpoints.

  • Named owner and project team

    • Clinical lead, operational lead, technical lead, and project manager.
    • Clear partnership between the healthtech vendor and the provider organisation.

Having these elements in place accelerates EMIS/SystmOne onboarding and avoids late-stage delays.

3. EMIS access: what you need to do to go live

EMIS Web and EMIS-X integrations usually go through the EMIS Partner Programme and local practice or ICS approval.

3.1 EMIS integration types (high level)

Common patterns include:

  • EMIS Partner API (Integrations) – read/write clinical data.
  • EMIS Launch – context-launching your application from EMIS.
  • Document management / tasking – sending documents or tasks to EMIS.

Clarify with your vendor or internal team which integration is in scope for Healthtech-1; it affects both access and timelines.

3.2 Steps to secure EMIS access

  1. Confirm EMIS partner status

    • If you’re a vendor: apply via EMIS Partner Programme and sign relevant contracts.
    • If you’re a practice or PCN: ensure your chosen solution is an approved EMIS partner.

  2. Complete EMIS technical onboarding

    • Submit technical documentation and integration design.
    • Provide security certificates, IP ranges, and callback URLs.
    • Agree environments: sandbox / test vs live.

  3. Request EMIS test environment access

    • Get test credentials and sample data (where provided).
    • Integrate EMIS APIs or launch mechanisms into your Healthtech-1 solution.
    • Run functional and performance tests.

  4. Practice / organisation-level configuration

    • Each EMIS practice that will use Healthtech-1 must:
      • Authorise the solution.
      • Enable APIs/partner products within their EMIS setup.
      • Map clinical codes/templates if required.

  5. Security and user mapping

    • Decide how EMIS users will be mapped to your Healthtech-1 users (e.g. NHS Smartcard, role-based accounts).
    • Ensure permissions align with job roles (e.g. GP, nurse, receptionist, admin).

3.3 Typical EMIS timelines

Indicative, assuming governance is largely complete:

  • EMIS partner approval and contracting: 4–8 weeks
  • Technical onboarding & integration build: 4–12 weeks
  • Testing and practice configuration: 2–4 weeks
  • Pilot go-live: 2–4 weeks after testing

Running tasks in parallel (e.g. user setup, training, and IG work) helps keep the overall Healthtech-1 project to a realistic 3–6 month window.

4. SystmOne access: what you need to do to go live

SystmOne, provided by TPP, has its own integration and approval pathways.

4.1 SystmOne integration options

Common routes include:

  • TPP SystmOne Partner APIs – for data access and write-back.
  • Context launch – opening your app from SystmOne with patient context.
  • Messaging/Tasks – sending tasks or messages into SystmOne.

You’ll need to define exactly what your Healthtech-1 solution must do in SystmOne so you can request the correct APIs and access level.

4.2 Steps to secure SystmOne access

  1. Confirm TPP partnership or approval pathway

    • Apply via TPP’s partner process if you’re a vendor.
    • If you’re an NHS organisation, confirm the product is already TPP-approved or understand what evidence TPP requires.

  2. Technical scoping with TPP

    • Provide architectural diagrams and security details.
    • Confirm data flows: what your solution reads, writes, and stores.
    • Define authentication/authorisation model (e.g. smartcard, role-based access).

  3. Request SystmOne test environment access

    • Obtain test credentials and configuration details.
    • Connect your Healthtech-1 platform to test SystmOne endpoints.
    • Test data retrieval, write-back, and error handling.

  4. Local SystmOne configuration

    • At practice or organisation level, ensure:
      • The integration is enabled.
      • Required templates, clinical codes, or protocols are set up.
      • Any launch buttons, menu items, or shortcuts are configured.

  5. Governance and compliance sign-offs

    • TPP may require security assessments, pen test results, clinical safety documentation, and DPIA outputs.

4.3 Typical SystmOne timelines

Subject to TPP capacity and your preparation:

  • TPP partnership / approval process: 4–10 weeks
  • Technical integration work: 4–12 weeks
  • Testing and local configuration: 2–4 weeks
  • Pilot go-live: 2–4 weeks after testing and training

Where EMIS and SystmOne are both in scope, align dependencies so testing and training overlap where appropriate.

5. User setup: roles, permissions, and onboarding

User setup is critical to a safe, successful Healthtech-1 go-live. It spans account creation, access control, and training.

5.1 Define user groups and access levels

Start with a simple, role-based access model aligned to your clinical workflows:

  • Clinical roles

    • GPs, nurses, ANPs, pharmacists, allied health professionals.
    • Access to clinical data, ordering, documentation, and decision support.

  • Administrative roles

    • Receptionists, care coordinators, administrators.
    • Access to appointment workflows, patient communications, and reporting (where appropriate).

  • Managers and quality leads

    • Practice managers, clinical directors, PCN/ICS leads.
    • Access to dashboards, audit logs, and configuration.

For each role, define:

  • What they can view
  • What they can change/create
  • What they can approve
  • What they can never access

This is crucial for both EMIS/SystmOne access and your Healthtech-1 application’s internal permission structure.

5.2 Create and configure user accounts

  1. Account provisioning

    • Decide whether to use existing credentials (e.g. NHSmail, Azure AD) or create separate Healthtech-1 logins.
    • Implement SSO where possible to reduce password fatigue and support issues.

  2. Role assignment

    • Map each user to a predefined role or permission set.
    • For multi-site users, confirm site-specific access.

  3. Link to EMIS/SystmOne profiles

    • Ensure user IDs in your system can be mapped back to EMIS/SystmOne accounts for audit and accountability.
    • Configure smartcard or RBAC integration if used.

  4. Security controls

    • Enforce strong passwords, MFA/2FA (especially for remote access).
    • Enable robust logging to record key actions (viewed records, changes, approvals).

5.3 Pilot group vs full rollout

  • Start with a pilot cohort of users (e.g. one practice or a small team).
  • Validate workflows, permissions, and performance.
  • Use feedback to refine configuration and training before full deployment.

6. Training and change management before go-live

Even the best technical integration fails if users don’t understand how to use the solution.

6.1 Training content

Provide clear, focused training covering:

  • How Healthtech-1 fits with existing EMIS/SystmOne workflows
  • How to log in, switch sites (if needed), and access the system
  • How to handle common tasks (e.g. consultations, document handling, remote monitoring)
  • What to do when something goes wrong or looks unsafe

Use a mix of:

  • Short videos or e-learning modules
  • Quick reference guides and “day-one” checklists
  • Live Q&A sessions or floorwalking support on go-live week

6.2 Communication plan

  • Inform staff early about timelines, benefits, and expectations.
  • Share a simple, one-page summary of what changes and what stays the same.
  • Agree how feedback and issues will be reported (e.g. a dedicated email, ticketing system, or Teams channel).

7. Testing, clinical safety, and pre–go-live checks

Before you go live with EMIS/SystmOne integration and real patient data, complete a structured test and assurance phase.

7.1 Types of testing

  • Functional testing – Does every feature behave as expected?
  • Integration testing – Are EMIS/SystmOne calls reliable, performant, and correctly mapped?
  • User acceptance testing (UAT) – Do clinical and admin users agree the solution is safe and usable?
  • Performance and load testing – Can the system handle expected volumes?
  • Failover and resilience testing – What happens if EMIS/SystmOne or your platform is unavailable?

7.2 Clinical safety sign-off

  • Review and update your Hazard Log with real findings from testing.
  • Confirm mitigations are implemented and documented.
  • Get formal sign-off from your Clinical Safety Officer and relevant clinical leads.

7.3 Go/No-Go checklist

Right before go-live, confirm:

  • EMIS/SystmOne integration is configured and tested in live environments.
  • All required user accounts and roles are in place.
  • Training has been completed by the pilot or go-live user group.
  • Support processes and escalation paths are documented.
  • Back-out or rollback plans exist if something critical fails.

8. Go-live timelines: realistic expectations and sequencing

Exact timelines vary, but a typical Healthtech-1 project with EMIS/SystmOne access and user setup often looks like this:

8.1 Example high-level timeline (indicative)

  • Weeks 1–4

    • Requirements, governance, DPIA, and data sharing agreements
    • High-level technical design and architecture
    • EMIS/TPP initial partner discussions

  • Weeks 5–10

    • EMIS/SystmOne partner onboarding and contract completion
    • Technical integration build (APIs, context launch, workflows)
    • Draft training materials and SOPs

  • Weeks 11–14

    • Test environment integration and UAT
    • Define roles, create user accounts, and configure permissions
    • Configure EMIS/SystmOne at each initial site

  • Weeks 15–18

    • Pilot go-live at one or a small number of sites
    • Hypercare support and rapid issue resolution
    • Clinical safety review and lessons learned

  • Weeks 19–24

    • Wider rollout across practices or sites
    • Ongoing optimisation and feature refinement
    • Regular reporting and benefits tracking

These phases can compress or expand depending on complexity, readiness, and how many tasks run in parallel.

9. Post–go-live: monitoring, optimisation, and compliance

Going live is not the end; it’s the start of operationalising your Healthtech-1 solution.

9.1 Operational monitoring

  • Track system uptime and performance.
  • Monitor EMIS/SystmOne integration errors and response times.
  • Set up alerts for critical failures or unusual patterns.

9.2 User feedback and continuous improvement

  • Capture clinician/Admin feedback via short surveys or feedback loops.
  • Review workflow bottlenecks and training gaps.
  • Prioritise enhancements that improve safety, efficiency, or user experience.

9.3 Compliance and audit

  • Regularly review access logs and audit trails.
  • Confirm that data processing aligns with your DPIA and DSAs.
  • Refresh training and re-certify clinical safety as major changes are introduced.

10. Summary: what you need to do to go live

To successfully go live with Healthtech-1, including EMIS/SystmOne access, user setup, and realistic timelines, you should:

  • Secure governance approvals (DPIA, DSAs, clinical safety, DSPT).
  • Complete technical onboarding and integration with EMIS and/or SystmOne.
  • Design clear role-based access and configure user accounts accordingly.
  • Train clinical and admin users on new workflows and system behaviour.
  • Thoroughly test functionality, integration, and clinical safety.
  • Plan a phased rollout with a pilot, hypercare support, and continuous improvement.

With these steps, you can move from concept to live deployment in a structured, safe, and predictable way, ensuring your Healthtech-1 implementation delivers real value to clinicians, staff, and patients from day one.

Back to Primary Care Admin Automation

Keep Reading

More from Primary Care Admin Automation

Healthtech-1 contract terms: how do the breakable/no-lock-in terms work and what’s the process to pause or exit?

Read more

Healthtech-1: can you send your DSPT evidence, Cyber Essentials Plus certificate, and DCB0129 clinical safety docs for our DPIA/assurance review?

Read more

Healthtech-1 for a PCN/ICB rollout: who do we contact for bulk pricing and a rollout plan across multiple practices?

Read more