A major national investigation has raised concerns about the safety of digital prescribing systems used across NHS hospitals, warning that inconsistencies in software design, oversight and regulation are creating risks for patients.

The findings come as the government continues to pursue an ambitious programme of digital transformation across the health service, including plans to expand the use of integrated patient records and increase reliance on digital clinical systems. Investigators cautioned that weaknesses in current prescribing technology must be addressed before further expansion takes place.

Electronic Prescribing and Medicines Administration systems, known as ePMA systems, are now widely used in hospitals to manage prescriptions and record the administration of medicines. However, the investigation found that there is no single national approach to the design, procurement or operation of these systems. As a result, hospitals across England use a wide range of software products that often function in different ways. Investigators said this variation creates challenges for clinicians, particularly doctors, nurses and pharmacists who work across multiple organisations. Temporary staff and rotating trainees may be required to use unfamiliar systems, increasing the risk of mistakes when prescribing or administering medication.

The report highlighted concerns that healthcare professionals are carrying a growing cognitive burden as they move between different digital environments. While many systems are intended to improve safety, inconsistencies in layout, terminology and workflows can create opportunities for error. The investigation also reviewed the current standards and legal obligations that oversee interoperability and digital clinical safety. Although frameworks are in place, investigators found significant differences in how they are applied across the NHS.

The report concluded that responsibility for interpreting and implementing safety requirements often falls to individual hospital trusts. Without stronger national coordination, organisations are left to make their own judgements on compliance and risk management. This has resulted in varying levels of software assurance and different approaches to patient safety.

Investigators said that a lack of central oversight has contributed to an uneven landscape in which some organisations have greater capability than others to identify and manage digital risks. The findings suggest that the quality and reliability of systems can vary considerably depending on local resources and expertise. Questions were also raised about the regulatory framework surrounding digital prescribing software. The investigation identified uncertainty among organisations regarding which agencies hold responsibility for overseeing safety risks associated with ePMA systems.

Particular concern centred on whether certain prescribing platforms should be classified as medical devices. The absence of clear guidance has created ambiguity over regulatory obligations and accountability. Investigators warned that this uncertainty could leave gaps in oversight and make it more difficult to ensure consistent safety standards across the health service.

The report further found that lessons from previous incidents and successful safety improvements are not being systematically shared between organisations. Rather than relying on formal national mechanisms, healthcare professionals often exchange information through informal networks and professional contacts. Investigators said this approach limits the ability of the NHS to learn from experience on a wider scale. Without a structured process for collecting and disseminating information, there is a risk that similar problems could emerge repeatedly in different parts of the health service.

Responsibility for monitoring and managing digital safety risks currently rests largely with local hospital leadership. The investigation found that many trusts face significant challenges in fulfilling these duties. Limited funding, shortages of specialist staff and growing operational pressures can restrict an organisation's ability to assess complex software systems effectively. Some trusts may lack the technical expertise needed to identify weaknesses, investigate incidents or implement improvements.

To address these concerns, investigators called for a more centralised approach to digital safety. The report recommends the introduction of a national safety framework that would apply consistently across all electronic prescribing systems used within the NHS. It also calls for greater clarity over regulatory responsibilities, including a definitive position on medical device classification where applicable. In addition, investigators urged the creation of stronger national support structures, including technical expertise and financial assistance, to help local organisations manage digital risks.

The report concludes that patient safety must remain a central consideration as digital technology becomes increasingly embedded in healthcare delivery. Investigators warned that without stronger coordination and clearer accountability, existing weaknesses could become more significant as digital systems continue to expand across the NHS.