Trust Centre Aligned with DCB0129 principles

Clinical safety approach

How clinical risk is managed: the controls in place, alignment with DCB0129 principles, and what a deploying clinician needs to do on their side.

Scope and positioning

Cogent Clinic is a Class I medical device under UK MDR 2002, registered with the MHRA. Its intended purpose is generating draft clinical documentation from clinician-provided content, reviewed, edited, and signed off by the clinician before being retained as a record. The device is classified under UK MDR 2002 (Rule 12, the residual rule for active devices); the technical documentation file additionally records a forward-looking analysis against the stricter EU MDR 2017/745 Rule 11 software rule that the draft Medical Devices (Amendment) Regulations 2026 would introduce, on which reading the device remains Class I. The DCB0129 work described in the rest of this document is independent of the MDR classification.

In addition to UK MDR 2002, software that sits in a clinical documentation workflow is within scope for clinical-safety considerations under:

  • DCB0129: Clinical Risk Management — the Application of Risk Management to the Manufacture of Health IT Systems (NHS Digital), which applies to Cogent as the manufacturer.
  • DCB0160: Clinical Risk Management — the Application of Risk Management to the Deployment and Use of Health IT Systems (NHS Digital), which applies to the deploying organisation (for the current target audience, this is the individual private-practice clinician rather than an NHS organisation), and which while not formally mandated for private-practice deployment carries principles that still apply.

Cogent Clinic's named Clinical Safety Officer is Dr Aisha Tariq, an HCPC-registered clinical psychologist (PYL30787). The manufacturer maintains a Clinical Hazard Log and a Clinical Safety Case Report under DCB0129; both form part of the technical documentation file and are available to procurement or clinical-governance reviewers on request. A summary of the hazards and the controls in place follows below.

1. Intended clinical use: documented and bounded

Cogent Clinic helps clinicians draft:

  • Session notes (six modality-specific templates)
  • Formulation letters
  • Assessment session notes (not neurodevelopmental assessment reports, which are out of scope)
  • Case reflections for supervision
  • Referral-letter support via the adjust-draft and reference-file features

Each generated document:

  • Is marked as an AI draft (amber-bordered review panel) until the clinician explicitly accepts authorship.
  • Carries a persistent "review before clinical use" warning until accepted.
  • Is the clinician's responsibility as author of record.

The product does not:

  • Diagnose
  • Recommend specific interventions
  • Predict, score, or stratify risk
  • Issue clinical decision support

These boundaries are enforced in the system prompt and tested by an automated sensitive-content verification harness, with both re-run before any beta cohort and after any prompt change.

2. Risk-control measures: in place

  • Client-side de-identification pipeline for names, NHS numbers, phone numbers, emails, postcodes, NI numbers, dates, URLs.
  • Clinician-review gate before any data leaves the browser.
  • Round-trip validator flags new high-risk detections and orphan tokens.
  • Server-side high-risk pattern scan on every streamed model response; flagged runs don't count toward the usage meter.
  • Two-factor authentication available on every account and strongly encouraged (required for administrator accounts); server-enforced when enabled.
  • Email verification required before sign-in.
  • Per-user daily cost cap + rate limits prevent runaway usage.
  • Append-only audit log with hash-chained rows.
  • Audit-chain verifier runs nightly, with alerts on any break.
  • Incident-response plan with ICO notification workflow.
  • Sub-processor register with annual review cadence.
  • UK-only residency for everything Cogent stores, with processing, storage, backups, and inference all running inside the United Kingdom.

3. What the deploying clinician should do (DCB0160)

For private-practice use, DCB0160 is not formally mandated but the principles still matter, and clinicians deploying Cogent Clinic in their practice should, as a minimum:

  • Record Cogent Clinic in their own processing register.
  • Complete a short local safety assessment before deploying Cogent in your service (a template is available on request).
  • Train themselves on the review UX and the de-identification promise.
  • Log incidents via the in-app feedback channel or support email.

These steps are good-practice alignment that a DPO reviewing the deployment would expect, rather than formal DCB0160 certification.