Enable secure access to NHS systems with 6B’s NHS CIS2 and Smartcard integration services. We help digital health providers and NHS organisations implement modern identity and authentication solutions that allow healthcare professionals to access critical patient data quickly, securely, and compliantly from any location or device.
Get in touchWhether you're developing a new digital health product or extending an existing solution with NHS CIS2 integration, Whether you're developing a new digital health product or extending an existing solution with
6B delivers seamless, standards-based integration with the NHS Care Identity Service 2 (CIS2), helping your application meet NHS requirements for authentication while enhancing the user experience for clinicians and care staff.
The NHS Care Identity Service 2 (CIS2) is the national authentication platform for health and social care in England. It provides healthcare professionals with a secure and consistent way to access NHS Spine-connected systems, whether they are working in a hospital, GP practice, care home, or remotely.
Historically, access was provided via physical NHS Smartcards – used at fixed locations with dedicated hardware. While secure, this model presented barriers to mobility and flexibility. CIS2 builds on this by enabling modern, multi-factor authentication that supports both Smartcard access and flexible, device-independent authentication methods such as biometric login, QR code scanning, and password-secured logins.
CIS2 supports federated identity access via OAuth 2.0 and OpenID Connect (OIDC), allowing seamless integration with third-party clinical applications and workflows. This enables healthcare workers to access Spine services such as PDS, SCR, and EPS without compromising security or clinical efficiency.
At 6B, we work with you to design and implement a CIS2-compliant authentication flow that fits your application, end user environment, and regulatory requirements.
We begin by identifying your application’s authentication needs, user access patterns, and platform compatibility. Whether your users authenticate from fixed NHS locations using Smartcards or need to log in remotely via modern devices, we help you implement the right blend of authentication mechanisms.
Our developers integrate your system with NHS Identity services using OAuth 2.0 and OIDC, ensuring support for multi-factor authentication (MFA) and federated identity management. We configure secure access tokens, implement user consent flows, and ensure all authentication is compliant with NHS security policies and Spine requirements.
We also support integration with Smartcard-based workflows where required, enabling users to authenticate and access clinical systems using physical Smartcards and associated Spine services. Throughout development and deployment, we assist with testing, registration, and assurance processes to ensure your authentication solution is ready for real-world use in live NHS environments.
Integrating with NHS CIS2 allows your application to deliver secure and user-friendly authentication, enabling healthcare professionals to access critical clinical systems quickly and reliably from any approved device or location.
With CIS2 integration, authentication becomes seamless – clinicians can log in using biometric methods or QR codes without compromising data protection or user accountability. Access to NHS Spine services becomes consistent across care settings, ensuring continuity of care even when users move between organisations or work remotely.
For NHS organisations, CIS2 improves governance, simplifies user provisioning, and enables wider adoption of digital tools without adding complexity to access control. For vendors, CIS2 integration ensures compatibility with NHS authentication infrastructure, streamlines onboarding, and improves trust with healthcare customers.
We have experience delivering CIS2-compliant solutions using OAuth 2.0, OpenID Connect, and NHS Smartcards. Our authentication integrations are built to NHS standards and aligned with real-world clinical use.
6B supports the full CIS2 integration lifecycle – from authentication design and platform selection to secure implementation, testing, and go-live. We manage stakeholder communication and NHS approvals throughout the process.
Whether your users rely on physical Smartcards or require modern, mobile-compatible authentication, we design flexible access flows that support both approaches in line with NHS security policies.
We are ISO 27001 certified, Cyber Essentials compliant, and experienced in delivering healthcare solutions that balance strict security requirements with intuitive user journeys.
We also deliver integrations with other systems and APIs like NHS Spine 2, NHSmail, MESH, GP Connect, SystmOne, EMIS, Cerner, and Epic – enabling us to ensure that your authentication model fits smoothly into a wider interoperable ecosystem.
