What's the best approach to Digital Consent?
Quick menu
What does “good” informed consent look like?
Four things a modern consent process should do well
Three main consent options organisations rely on today
Quick comparison table
How Radar Healthcare supports informed consent
Digital consent is one of the most scrutinised areas of clinical practice today.
Since the Supreme Court’s ruling in Montgomery v Lanarkshire Health Board (2015), clinicians have been under a legal duty to share all material risks with patients in a way they can genuinely understand.
Recent FOI data points to nearly £460m in consent-related payouts across the NHS and the independent sector combined between 2019 and 2025.*
For NHS Trusts, independent hospital groups and clinic owners weighing up how to modernise their consent process, the conversation is no longer about whether to move away from paper.
It’s more about which approach actually meets the standard now set by the GMC, the Royal Colleges, CQC and the courts, and which approaches may only look like they do.
This article sets out what good informed consent looks like in practice, the most common alternatives organisations rely on today, and where each of those alternatives can leave gaps that matter clinically, legally and operationally.
What does “good” informed consent look like?
Before comparing approaches, its worth understanding what informed consent is actually meant to achieve.
The GMC’s decision making and consent guidance frames consent as a process rather than an event, built on meaningful dialogue, shared decision-making, and a record that reflects what was discussed.
The GMC’s seven principles of decision making and consent
The guidance is organised around seven principles, and the first four in particular shape what a modern consent process should look like day-to-day:
1️⃣ All patients have the right to be involved in decisions about their treatment and care, and be supported to make informed decisions if they are able.
2️⃣ Decision making is an ongoing process focused on meaningful dialogue: the exchange of relevant information specific to the individual patient.
3️⃣ All patients have the right to be listened to, and to be given the information they need to make a decision and the time and support they need to understand it.
4️⃣ Medical professionals must try to find out what matters to patients so they can share relevant information about the benefits and harms of proposed options and reasonable alternatives, including the option to take no action.
Principles five, six and seven go on to cover presumption of capacity, proportionate assessments of capacity, and the role of those close to the patient where capacity is lacking.
The first four are where most consent processes are tested in practice, because they place the burden on clinicians to tailor the conversation to the individual patient rather than working from a fixed script.
Four things a modern consent process should do well
Sitting alongside the GMC principles, there are four practical things any modern consent process needs to do well:
✅ 1. Give patients information they can genuinely understand
Clear, accurate and accessible, available in the right language and format, and ideally shared before the day of surgery so patients have time to reflect, as the Paterson Inquiry recommended.
✅ 2. Capture consent consistently for every procedure
Across specialties, clinicians and pathways, so the same risks are documented in the same way for the same procedure, regardless of who is consenting.
✅ 3. Produce a record that stands up to scrutiny
Aligned with GMC, CQC, Royal College and NHS Resolution standards, retrievable on demand, and showing clear evidence that the patient was given material information and time to consider it.
✅ 4. Feed learning back into the organisation
Consent-related issues, including near misses, complaints and claims, should connect to wider risk, quality and governance processes so the organisation can spot patterns and improve over time.
Taken together, the GMC principles and these four practical tests set a high bar for consent.
The three main consent options organisations rely on today
Most organisations end up choosing between one of three existing approaches; paper, an EPR add-on, or a single-purpose digital consent platform.
1. Paper consent forms
Paper is still the default for a significant portion of NHS and independent procedures.
It’s familiar, low-friction to start with, and works in almost any environment.
That said, organisations relying on paper often describe a similar set of challenges:
✍️ Illegible handwriting can limit the evidential value of the form. If a clinician has noted a specific risk and the writing isn’t legible, it can be difficult to demonstrate later what was actually discussed.
📄 Missing or incomplete information is common, because paper forms rely on human discipline. Sections may get skipped, demographics may be left blank and additional risks may not get added.
⚖️ Inconsistency between clinicians is harder to manage on paper. Two surgeons consenting for the same procedure may list different risks, and there isn’t an obvious way to tell which version is right.
🕒 Lost forms can lead to consent being redone on the day, often under time pressure with a patient who has already changed into a gown.
💷 Operational cost sits on top of clinical time. Printing, scanning into the EPR, retrieving from archives and storing physical records all take resource.
🧠 Patient understanding can be limited when a dense paper leaflet is handed over at the end of a clinic appointment, particularly for patients with low health literacy or for whom English isn’t a first language.
Patient understanding is probably where paper finds it hardest to meet the post-Montgomery standard.
Signing a form isn’t quite the same as understanding what’s been signed.
2. EPR add-ons and bolt-on e-signature tools
A more recent alternative is to use a consent module bundled into an Electronic Patient Record (EPR) system, or a generic e-signature tool layered on top of a PDF form.
These remove the paper-handling problem and can feel like a digital solution.
There are a few areas where they may not go quite as far as organisations expect:
- The form is digitised, but the journey around it often isn’t
In many cases, these tools digitise the signature step, converting a paper form to a PDF the patient signs electronically. The conversation around risks, alternatives and patient understanding can still sit outside the tool.
- Procedure specificity may be limited
A bolt-on form rarely comes pre-loaded with structured benefits, risks and alternatives for each procedure. Clinicians may end up free-typing the same content they would have written on paper.
- Accredited patient information often isn’t included
EPR add-ons typically don’t ship with a library of patient information leaflets. Organisations are left to source, version-control and signpost their own content.
- Evidence of informed consent can be thin
A digital signature on a PDF tells you the patient signed something. It doesn’t always tell you what they were shown, whether they engaged with it, or how long they had to reflect on it.
- Integration isn’t quite the same as governance
Being inside the EPR can help with workflow, but it doesn’t always help with the quality, risk and learning processes that sit around consent.
For organisations focused mainly on removing paper, EPR add-ons can be a sensible step.
For organisations focused on the medico-legal standard set by Montgomery, there may still be a gap to close.
3. Single-purpose digital consent platforms
A growing category is the standalone digital consent application.
These are typically clinician-led products that give surgeons a fast, modern interface for building a consent form, sending it to the patient, and capturing a digital signature.
There are still some areas worth thinking carefully about when choosing one:
- Patient information may be signposted rather than provided
Many of these platforms are software-only and may not have an in-house editorial function. That can mean patient information is linked to external sources rather than written, accredited and maintained by the provider.
- Patient engagement can be difficult to see
Signposting information from external sources doesn’t necessarily tell you whether they opened the information, how long they spent on it, or whether they understood it.
- Accessibility features may be partial
Translation, Easy Read formats, voiceover and visual enhancements vary between platforms and sources of patient information used.
- Consent can sit outside the wider governance picture
When consent issues raised through complaints, incidents or claims live in a separate system, trends can be harder to spot, and the consent process doesn’t always get the benefit of organisational learning.
Single-purpose platforms can solve the form-building part of consent very effectively, but might not always extend that to the patient-understanding part, which is where the standard has shifted in recent years.
Quick comparison table
| Area to consider | Paper consent forms | EPR add-ons and e-signature tools | Single-purpose digital consent platforms |
|---|---|---|---|
| 📄 Patient information | Typically a paper leaflet, which can be dense/hard to read | Often not included. Usually signpost elsewhere. | Not always included. Usually signpost elsewhere. |
| 🌍 Accessibility (languages, Easy Read, voiceover) | Usually limited or organised separately | Often sits outside the tool | Varies between platforms. May be partial. |
| ✍️ Legibility and completeness | Open to illegible handwriting and sections being missed | Digitised form removes legibility issues | Digitised, structured form removes legibility issues |
| ⚖️ Consistency | Clinicians may list different risks/benefits for same procedure | Free-text online can carry same inconsistency as paper | Templates can help, but patient information may be inconsistent |
| 🧠 Evidence of patient understanding | Hard to tell if patient read information provided | If signposting, again, hard to tell if actually read information | If signposting, again, hard to tell if actually read information |
| ⚙️ Operational efficiency | Printing, scanning and storage take resource on top of clinical time | Removes paper burden, but still needs upload admin | Removes paper burden |
| 📊 Connection to wider governance | Difficult to fit inside wider risk and quality picture | Sits inside the EPR, but outside the wider risk and quality picture | Usually sits outside the wider risk and quality picture |
Why the choice matters more than it used to
It would be easy to treat consent as a checkbox and something to be done before surgery, captured somewhere, and retrieved if asked.
The legal and regulatory environment has moved on from that view.
The GMC’s principles place the burden on clinicians to find out what matters to each patient and tailor the conversation accordingly.
Montgomery established that material risks must be shared in a way the patient can understand, with the test being patient-specific rather than procedure-specific.
The Paterson Inquiry recommended building a reflection period into consent, moving away from same-day signing.
NHS Resolution and the Royal College of Surgeons have both flagged that consent-related litigation costs are likely to keep rising unless consent processes change in a more meaningful way.
Set against that backdrop, the difference between digitising the form and digitising the decision matters more than it once did.
What good consent looks like, in practice
For organisations weighing up their options, the more useful test isn’t whether an approach is digital.
It’s whether the approach covers all four parts of what good consent now means:
- Information patients actually understand, written by clinical experts, accredited, accessible, and available in multiple languages and formats.
- Consent captured consistently for every procedure, with structured benefits, risks and alternatives that don’t depend on which clinician is in clinic that day.
- A record you can trust, aligned with GMC, CQC, Royal College and medico-legal best practice, with evidence the patient engaged with the information.
- Consent that continuously improves, by feeding back into the wider risk, quality and governance ecosystem so the organisation learns from every issue raised.
Approaches that cover one or two of these are an improvement on paper.
Approaches that cover all four are increasingly what regulators, defence organisations and the courts are coming to expect.
How Radar Healthcare supports informed consent
Radar Healthcare’s digital consent solution, built on EIDO’s gold-standard patient information library, is designed around all four of these requirements.
It brings together court-recognised patient information, a digital consent platform that handles any procedure, a complete and auditable consent record, and integration with the wider Radar Healthcare risk, quality and governance ecosystem.
The patient information has been recognised in UK courts as gold-standard, written and maintained by an in-house editorial team with more than 25 years of expertise, and accredited by The Patient Information Forum and crystal marked by the Plain English Campaign.
If your organisation is reviewing how it captures consent, whether you’re moving away from paper for the first time or thinking about whether a digital tool you already use is doing enough, we’d be happy to talk through what good looks like for your specific setting.
Get in touch today*Source: Information and comparison analysis based on NHS Resolution Data: Number and Cost of CNST Claims Closed (or settled with a periodical payment order) between financial years ‘2019/20’ and ‘2024/25’ with a damages payment, where the Primary Cause is ‘Fail to Warn – Informed Consent’ (acknowledging that there will inevitably be gaps between incident occurrence and claim closure which may impact the timing of claims being captured, and due to the way data is recorded, claims may appear in more than one dataset).
