Scope
Reference
P21.85
Description
OpenAthens Authentication for NHS Wales e-Library Users not based at a fixed location/IP address
Contract 1. OpenAthens Authentication
Supplier
Contract value
- £157,820 excluding VAT
- £189,383.99 including VAT
Above the relevant threshold
Date signed
23 July 2025
Contract dates
- 23 July 2025 to 30 June 2028
- Possible extension to 30 June 2030
- 4 years, 11 months, 9 days
Description of possible extension:
With the option to extend for a further two (2) years in annual increments.
Main procurement category
Services
CPV classifications
- 72000000 - IT services: consulting, software development, Internet and support
Contract locations
- UKL - Wales
Key performance indicators
| Name | Reporting frequency |
|---|---|
| Contract Management | 6 months |
Signed contract documents
KPI_Schedule_P21.85.docx
Other information
Conflicts assessment prepared/revised
Yes
Procedure
Procedure type
Direct award
Direct award justification
Single supplier - technical reasons
OpenAthens remains essential to ensuring continuous and secure access to NHS Wales e resources, a capability that has been in place since 2003 and remains fundamental to service delivery. The previous contract was due to expire on 30th June 2025, the awarded arrangement ensures there is no interruption to access or risk to operational continuity. OpenAthens is a trusted third party authentication solution that is already fully integrated within NHS Wales infrastructure and now works seamlessly with the Entra directory system. This integration continues to provide user friendly, efficient access by allowing staff to authenticate without repeated log ins when using authorised devices. Maintaining this level of accessibility after award is critical for supporting staff productivity and reducing technical barriers to resource use. The shift towards remote and flexible working across NHS Wales further reinforces the ongoing need for OpenAthens. Remote authentication capability is now a business critical function. Without OpenAthens, NHS Wales would lose the ability to support secure off site access to e Library resources, significantly affecting staff who rely on these tools for clinical decision making, training and daily operational tasks. Post award, reliance on alternative authentication methods particularly IP based access, would be inappropriate. IP authentication is outdated, insecure, and unable to verify user identity or support department specific access. Continuing to use OpenAthens ensures precise, auditable access control aligned with NHS Wales information governance and cyber security standards. Maintaining OpenAthens under the awarded contract therefore remains justified by the ongoing need for secure, flexible and remote access to NHS Wales digital resources. This supports both user security and the continuity of essential NHS Wales services.
Supplier
JISC SERVICES LTD
- Public Procurement Organisation Number: PZZC-9926-PRNM
4 Portwall Lane
Bristol
BS1 6NB
United Kingdom
Email: phil.leahy@openathens.net
Region: UKK11 - Bristol, City of
Small or medium-sized enterprise (SME): Yes
Voluntary, community or social enterprise (VCSE): No
Supported employment provider: No
Public service mutual: No
Contract 1. OpenAthens Authentication
Contracting authority
Digital Health & Care Wales
- Public Procurement Organisation Number: PHXM-8593-WBPZ
Ty Glan-yr-Afon
Cardiff
CF11 9AD
United Kingdom
Contact name: Stacey Jones
Telephone: +442920502108
Email: stacey.jones10@wales.nhs.uk
Website: https://dhcw.nhs.wales/
Region: UKL22 - Cardiff and Vale of Glamorgan
Organisation type: Public authority - sub-central government
Devolved regulations that apply: Wales