case study
December 5, 2023
Approx 3 min read

Melo Achieves DTAC with Naq's Simplified Compliance Platform

The situation

50 million people across the world suffer a traumatic brain injury every year. Around 1 in 3 of these people will go on to develop challenging behaviours in the first 6 months of their recovery - leading to multiple issues for patients and their families.

To tackle this behaviour management problem, digital health company Decently built Melo, an AI driven platform which helps clinicians make better decisions through intuitive data collection, visualisation & predictive analytics - helping to improve understanding and increase the opportunity for prevention of challenging incidents.

Founders, James Burch and James Chapman, knew meeting the NHS Digital Technology Assessment Criteria (DTAC) commissioning framework would be essential in order to work with NHS organisations. Aware of this requirement and equipped with a high level understanding of this compliance framework, they aimed to build Melo in line with the DTAC criteria from the outset.

The challenge

Decently planned to work their way through the DTAC for Melo. It had gained its Cyber Essentials certification, one of the criteria within the DTAC standard,  and planned to work on the other elements, such as creating a Data Protection Impact Assessment (DPIA)and completing the DSP Toolkit. However, working in partnership with the NHS, it quickly became clear that to move forward, Melo needed full DTAC compliance straight away. The framework was also increasingly being discussed by its third and private sector clients.

Commenting on this requirement, Burch said “It quickly became clear that the bar set by many NHS Foundation Trusts is full DTAC compliance, even for very early-stage innovations that have not yet proven the clinical need or commercial market opportunity. We knew then that we needed to accelerate gaining DTAC compliance, as without it, progress would be held-up.”

The solution

To gain DTAC compliance, Decently knew it needed external help. In previous companies, Burch and Chapman had worked with a technology consultancy, but as that came with a £15k price tag, they wanted to research alternative options.

The team spoke to other DTAC consultancies, but everything was offline, which didn’t feel efficient. They were also quoting £2,000 a month to write Melo’s compliance documents for Trusts, which seemed steep.

But then Burch came across Naq, a platform that simplifies and automates compliance with the frameworks innovators and their solutions need to meet to work with the NHS and wider healthcare sector.

Looking at Naq, the team really liked the concept of a platform, a hub for its policies, a place for staff to go to do training, coupled with Naq’s compliance support. James recalls “The consultants we had spoken to were pretty expensive. They also didn’t have the concept of a platform. What was really attractive to us was Naq’s blend of a platform and the support of having someone hold your hand through the compliance journey."

The result

After a call when the Decently team explained their situation and goals, and Naq gave the team clear direction on the platform and what standards they should use the platform to achieve, the team were all set. 

Soon after, Melo met the Digital Security Protection Toolkit (DSPT), a DTAC requirement, followed by DPIA and all other DTAC criteria. Just 3 months after starting the process, Melo was fully compliant with DTAC.

Commenting on their experience, Burch shares ““The Naq team are not only cyber and GDPR specialists but specifically know and understand DTAC. Through the platform and with the support of the team,  we have met our NHS compliance requirements at less than half the cost of alternative routes. This has meant we haven’t compromised our product build or finances.”