Welcome to CURISTICA Hazard Log Visualiser
A cloud-based platform for managing medical device hazard logs in compliance with DCB0129, DCB0160, and ISO 14971.
đ Complete User Manual Available!
For detailed step-by-step instructions, workflows, and troubleshooting, see: USER_GUIDE.md
The guide covers everything from importing data to exporting regulatory reports.
đ Quick Start
First Time Users:
- Select a product from the dropdown in the header above
- Explore the tabs below to view your hazard log in different formats
- Import new data via the Import tab (Excel â Database)
đ¤ Need to import your hazard log?
Go to the Import tab â Select Excel file â Normalize â Convert â Upload to Database
đ Platform Tabs
2ī¸âŖ Hazard Log
Your main workspace âĸ View, Edit, Export âĸ Database persistence
What is this tab for?
View: Hierarchical display with search, statistics, and pagination
Edit: Click âī¸ EDIT MODE in the floating sidebar to add/modify/delete items
Save: Click đž Save Changes to write to database (all users see changes)
Export: Download JSON or Excel (Data format for analysis, Report format for presentations)
Protection: Auto-save every 30 seconds âĸ Undo/Redo (Ctrl+Z/Y) âĸ Warning on page close
3ī¸âŖ Bow-Tie Diagram
Simple visual: Causes â Controls â Hazard â Harm âĸ Best for presentations
4ī¸âŖ Network Graph (D3.js)
Interactive bow-tie with zoom/pan âĸ Risk color-coding (1-5 scale)
5ī¸âŖ Network Graph (Cytoscape.js) â
Advanced graph âĸ Shared control detection (orange border) âĸ Click controls to highlight
What makes this special?
Shared Control Detection: Automatically identifies controls that mitigate multiple causes (shown with orange border and count)
Interactive Highlighting: Click any control to see its relationships with golden highlights
Split Layout: Graph view (left) + Detail panel (right) for exploring complex relationships
Best For: Finding shared controls and understanding control-to-cause mappings
6ī¸âŖ Import
Convert Excel to database âĸ Normalize â Convert â Upload
7ī¸âŖ Settings
Database management âĸ View products âĸ Delete (requires typing "DELETE")
â Common Workflows
Adding New Hazards/Controls
- Go to Hazard Log tab
- Click âī¸ EDIT MODE in the floating sidebar (right side)
- Click â Add buttons to add new items
- Click đž Save Changes to write to database
- Switch tabs to see changes visualized
Editing Existing Items
- Enter edit mode (âī¸ EDIT MODE button)
- Click any field with blue dashed border to edit
- Type changes and click away to save to memory
- Use Ctrl+Z to undo, Ctrl+Y to redo
- Click đž Save Changes when ready
Importing New Product
- Go to Import tab
- Select Excel file (.xlsx)
- Click Normalize â Convert to JSON
- Fill in product metadata (name, version, DCB)
- Click Upload to Database
- Product appears in header dropdown immediately
Exporting Reports
- Go to Hazard Log tab
- Click đ Export Excel (Report) for NHS Standard format
- Or click đ Export Excel (Data) for flat analysis format
- File downloads with 4 tabs: Summary, Hazard Log, Risk Matrix, Controls
- Use Report format for regulatory submissions (DCB0129/DCB0160)
â ī¸ Deleting a Product (PERMANENT)
- Go to Settings tab â Click đ Refresh
- Find product in table, click đī¸ Delete
- Read warning carefully
- Type exactly DELETE (all caps) in the input field
- Press Enter or click Delete Project button
â ī¸ WARNING: Permanently deletes ALL hazards, causes, controls, evidence, and relationships. Cannot be undone! Export JSON backup first.
đĄ Key Features to Remember
- âī¸ Database Sync: Edits persist across sessions and are visible to all users instantly
- đī¸ Live Preview: See edits in all tabs before clicking Save Changes
- âļ Undo/Redo: Full change history with Ctrl+Z (undo) and Ctrl+Y (redo)
- đž Auto-Save: Browser backup every 30 seconds (not database - click đž Save for that)
- đ¨ Risk Color Coding: 1 Green 2 Yellow 3 Orange 4 Light Red 5 Dark Red
- đ Shared Controls: Orange border in Cytoscape graph = control protects multiple causes
đ Need More Help?
For detailed instructions, see USER_GUIDE.md
- Step-by-step workflows
- Troubleshooting guide
- NHS Risk Matrix explanation
- Compliance requirements (DCB0129, DCB0160, ISO 14971)
- Best practices and tips
⨠Ready to Start?
Select a product from the dropdown above or click the Import tab to upload your hazard log.
MCP Tools Guide
A practical guide to the Model Context Protocol (MCP) tool ecosystem available within the Claude Desktop app for CURISTICA Nexus.
What are MCP Tools?
MCP is an open standard that allows AI assistants like Claude to connect securely to external data sources and services. Rather than copying data into prompts manually, MCP servers give Claude direct, structured access to databases, APIs, and registries.
You simply describe what you need in natural language, and Claude selects and calls the right tools automatically.
Why MCP Matters for Clinical Safety
Clinical safety work involves cross-referencing multiple data sources: hazard logs, prescribing data, CQC ratings, DSPT compliance, company records, and more. MCP tools let you query all of these from a single conversation, reducing context-switching and manual lookup.
Setting Up MCP Servers
MCP servers are configured in the Claude Desktop settings file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
Each server entry specifies how to launch the server process and any required credentials. A typical configuration block looks like this:
{
"mcpServers": {
"hazard-log": {
"command": "node",
"args": ["path/to/hazard-log-server/index.js"],
"env": {
"API_KEY": "your-api-key-here"
}
}
}
}After editing the configuration file, restart Claude Desktop for changes to take effect. If a server fails to connect, check the Claude Desktop developer console (Help > Toggle Developer Tools) for error messages.
Where to Find the CURISTICA MCP Servers
All CURISTICA MCP servers are available from the CURISTICA GitHub organisation. Each repository contains installation instructions, environment variable requirements, and example configurations.
- Hazard Log (CURISTICA Nexus) — Full hazard log database access
- Clinical Safety Case Analyser — DCB0129/DCB0160 assessment engine
- OpenPrescribing — NHS prescribing data
- Fingertips (OHID) — Public health indicators
- NHS GP System — GP practice IT system lookup
- DSPT Checker — Data Security and Protection Toolkit
- CQC Checker — Care Quality Commission inspection data
- Companies House — UK company information
- DPIA (Nexus Data Tool) — Data Protection Impact Assessment management
Tool Reference
Hazard Log (CURISTICA Nexus)
The core of the Nexus platform — full read/write access to your clinical safety hazard log database covering the entire DCB0129/DCB0160 data model.
View capabilities
Products & Metadata: List products, retrieve summaries with entity counts and statistics, update metadata (name, description, version, DCB standard), create new products or import full V2 normalised JSON.
Hazards: Full CRUD operations. Fields include description, title, category, harm, clinical impact, initial and residual risk scores (severity, likelihood, justification), status, and notes. Filter by minimum risk score with pagination.
Causes, Controls & Evidence: Full CRUD for each entity type with relationship data. Controls include mechanism, type, category, and responsibility fields. Evidence includes type, URL, and source file.
Risk Analysis & Compliance: Calculate and validate NHS Risk Matrix scores, get risk reduction recommendations, analyse control coverage and identify gaps, check compliance against DCB0129, DCB0160, and ISO 14971.
Gap Detection: Identify hazards without causes, causes without controls, controls without evidence, and high-risk hazards (residual risk score of 4 or above). List shared controls used by multiple causes.
SPID & SCID Documents: Full CRUD for Structured Product Information Documents and Structured Context Information Documents with v1.0/v2.0 schema support and product linking.
Clinical Safety Officers: List all CSOs and retrieve detailed profiles including assigned products.
Hazard Validation: Validate individual hazards for completeness, quality standards, and regulatory compliance with scored reports and recommendations.
Clinical Safety Case Analyser
Assessment engine for evaluating clinical safety documentation against NHS standards (154 criteria across 8 sections).
View capabilities
Section-by-Section Assessment: Eight discrete tools covering product definition (12 criteria), safety case narrative (18 criteria), hazard log and risk assessment (32 criteria), controls and mitigation (25 criteria), deployment readiness for DCB0160 (27 criteria), post-deployment monitoring (18 criteria), governance (9 criteria), and AI/ML/SaaS considerations (13 criteria).
Submission Assessment: Assess manufacturer submissions against DCB0129 and deployment readiness against DCB0160, with support for different organisation types.
Gap Analysis & Validation: Identify missing or incomplete documents and critical gaps. Validate NHS Risk Matrix calculations across an entire hazard log. Compare uploaded documents with the database version.
Reporting: Generate executive summaries, section summary tables (markdown, JSON, or HTML), lists of critical findings, prioritised recommendations, and full 10-section assessment reports.
OpenPrescribing
NHS prescribing data from the OpenPrescribing project, covering GP practice-level prescribing across England.
View capabilities
Drug Search: Search for drugs, chemicals, and products by name or BNF code. Returns BNF chemicals (with section), products, and product formats.
Organisation Search: Search for NHS organisations (Sub-ICB Locations, GP practices) by name or code.
Spending Data: Retrieve total national prescribing spending by month, filtered by BNF code at any level. Break spending down by organisation type with optional filtering.
Organisation Details: Get list size (registered patients) and ASTRO-PU data for GP practices or Sub-ICB Locations.
Fingertips (OHID)
OHID Fingertips public health data platform, covering hundreds of indicators across GP practices, Sub-ICB Locations, ICBs, regions, and more.
View capabilities
Area & Indicator Discovery: Search for areas by name or code (GP practices, ICBs, regions, counties, PCNs), list all area types, profiles, and retrieve indicator metadata.
Practice-Level Data: GP Practice Summary data (demographics, deprivation, life expectancy, QOF points) and QOF disease prevalence data by ODS code.
Flexible Queries: Get latest data for specific indicators at any area level, retrieve child area data, historical trends as CSV, and profile group data for specific areas.
NHS GP System
Look up GP practices and their IT system suppliers (TPP, EMIS, CEGEDIM, MICROTEST).
View capabilities
Practice Lookup: Search by ODS code or name. Returns practice name, IT system supplier, and ICB commissioner.
System Filtering: Get all GP practices using a specific IT system for understanding coverage and planning integrations.
Statistics: National distribution of GP IT systems across England with total practice count and breakdown by system.
DSPT Checker
Check Data Security and Protection Toolkit compliance for NHS organisations.
View capabilities
Search: Search for NHS organisations by name or ODS code and get their current DSPT status, publication date, primary sector, and ICB.
Detailed Status: Full details for a specific organisation by ODS code, including name, address, sector, and optionally the full publication history across all years.
CQC Checker
Care Quality Commission inspection data for health and social care providers in England.
View capabilities
Search: Search the CQC Care Directory by name, postcode, or ODS code (~120,000 locations).
Location Details: Comprehensive information including overall rating, key question ratings (Safe, Effective, Caring, Responsive, Well-led), service-level ratings, inspection reports, and rating history.
Provider Details: Organisation type, ownership, Companies House and charity numbers, CQC ratings, location IDs, regulated activities, and reports.
Companies House
Search and retrieve UK company information from Companies House.
View capabilities
Company Search & Profile: Search by name or number. Full profiles with registered office, incorporation date, company type, status, SIC codes, and accounts information.
Officers & Filing History: List directors, secretaries, and other officers. Retrieve filing history with optional category filtering.
Persons with Significant Control: PSC data including individuals or entities with significant control (e.g. owning more than 25% of shares or voting rights).
DPIA (Nexus Data Tool)
Manage Data Protection Impact Assessments linked to products and deployment sites.
View capabilities
DPIA Management: Full CRUD operations. List all DPIAs with summary information, get DPIAs linked to a specific product, or find the DPIA for a specific product-deployment site combination.
Validation & Compliance: Validate completeness (0-100 score with recommendations). Check compliance against ICO template requirements, GDPR Article 35, and WP248 guidelines.
Risk Analysis: Analyse all risks including unmitigated risks with recommendations. Evaluate whether processing triggers the DPIA requirement based on WP248 criteria.
Cross-Referencing: Find hazard log entries that relate to data processing described in a DPIA. Compare DPIA risk assessments with clinical hazard risk assessments for alignment.
Best Practice
Start with Discovery
Before diving into detailed queries, use summary and listing tools to orient yourself. For example, call get_product_summary before exploring individual hazards, or list_dpias before drilling into a specific assessment.
Be Specific in Your Requests
Rather than “tell me about the hazard log,” try “list all high-risk hazards for product 1 with a residual risk score of 4 or above” or “check DCB0129 compliance for product 3.” The more specific you are, the fewer round-trips are needed.
Combine Tools for Richer Insight
The real power of the MCP ecosystem is cross-referencing. You might look up a GP practice by ODS code, check its CQC rating, verify its DSPT compliance, review its QOF prevalence data, examine its prescribing patterns, and identify the IT system it uses — all in a single conversation.
Use Compliance Tools Regularly
Do not wait until a submission deadline to check compliance. Run compliance checks periodically during development. Use gap detection tools — hazards without causes, causes without controls, controls without evidence — as a regular hygiene check.
Understand the Data Sources
Each MCP server connects to a different upstream source with its own update cadence. OpenPrescribing data is typically a few months behind due to NHS processing timelines. CQC ratings reflect the most recent published inspection. DSPT status is published annually.
Security & Access
MCP servers run locally on your machine and connect to external APIs using credentials you configure. Treat API keys as sensitive data: do not commit them to version control, and use environment variables rather than hardcoding them in configuration files. Review each server's required permissions before granting access.
Quick Reference: Common Tasks
| Task | What to Ask Claude |
|---|---|
| View all products | “List all products in the hazard log” |
| Check compliance | “Check DCB0129 compliance for product 1” |
| Find gaps | “Show me causes without controls for product 2” |
| Assess a safety case | “Assess this CSCR against Section 2 criteria” |
| Look up a GP practice | “Look up GP practice G84015” |
| Check CQC rating | “What is the CQC rating for practice G84015?” |
| Verify DSPT status | “Check DSPT status for ODS code RJ1” |
| Search prescribing data | “Show metformin prescribing trends nationally” |
| Look up a company | “Search Companies House for Curistica” |
| Review a DPIA | “Validate completeness of DPIA dpia-001” |
| Cross-reference risks | “Compare DPIA risks with hazard log for product 1” |
| Find public health data | “Get QOF prevalence data for practice A81001” |
Further Reading
Import Hazard Log JSON
v2.0 normalized format
Drag & drop JSON file here
or click to browse
Supported: .json
Selected:
Import DPIA JSON
ICO-compliant DPIA schema
Drag & drop DPIA JSON here
or click to browse
Supported: .json
Selected:
Import SPID
Structured Product Information Document
Drag & drop SPID JSON here
or click to browse
Supported: .json
Selected:
Import SCID
Structured Context Information Document
Drag & drop SCID JSON here
or click to browse
Supported: .json
Selected:
Import Excel Hazard Log
Convert Excel to JSON format
Auto-detects column structure
Drag & drop Excel file here
or click to browse
Supported: .xlsx, .xls
Import Controls
Add controls to existing product
Drag & drop controls Excel here
or click to browse
Supported: .xlsx, .xls
Please select a JSON file to view
đ No Hazard Log Data
Load a hazard log to start reviewing controls in Workshop mode.
Please select a JSON file to view
âŽâŽ
Detail View
Detail View
Click on a node or edge to view details
Please select a JSON file to view
Please select a JSON file to view
Data Analyser
Load a hazard log file to see detailed statistics.
Export Options
Export your hazard log data in various formats. Customize filenames or use defaults with timestamp.
đĄ Tips
- Leave filename blank to use default format:
hazard_log_YYYY-MM-DD - Custom filenames will automatically add the appropriate extension (.json or .xlsx)
- Timestamps ensure unique filenames and prevent overwriting existing files
- All exports use the currently loaded hazard log data
đī¸ DATABASE
Manage products, SPID documents, and SCID documents
đĻ Products
Click "Refresh" to load products
đ SPID Documents
Click "Refresh" to load SPID documents
đ SCID Documents
Click "Refresh" to load SCID documents
đ Convert DCB 0129 to DCB 0160
Create a new DCB 0160 product by duplicating a DCB 0129 product and filtering for TRANSFERRED status hazards only. This workflow is commonly used when transitioning hazards from DCB0129 to DCB0160 standards.
Refresh to load available DCB 0129 products
New Product Metadata (DCB 0160)
âšī¸ How Conversion Works
- Only hazards with STATUS = "TRANSFERRED" will be included
- All causes linked to transferred hazards will be copied
- All controls linked to those causes will be copied
- All evidence linked to those controls will be copied
- The new product will have DCB = "0160"
- Original IDs will be preserved for traceability
- The source product remains unchanged
đĨ Health Information Technology Log
Manage health IT products used across deployment sites (from SCID documents Section E)
đ Select Organisation
đ Health IT Products
Select an organisation and click "Load HIT Log"
âšī¸ About HIT Log
The Health Information Technology Log tracks all IT products and systems used by healthcare organisations. This data is part of the SCID (Safety Case Information Document) Section E.
- View all HIT products for a selected organisation
- Edit product details including DCB compliance status
- Add new products to track
- Export data to Excel for reporting
- Track integration status with GP systems
- Monitor contract end dates and procurement details
đ¨ââī¸ Clinical Safety Officers
Manage Clinical Safety Officers responsible for hazard log oversight and product safety. CSOs are assigned to products and sign off on safety assessments.
Loading CSO list...
Settings
Choose between light and dark color schemes
Choose a color palette optimized for color vision deficiency (red-green color blindness)
Color-blind mode uses blue-orange scale instead of green-red, with added icons for clarity
Choose which tab opens by default when loading a product
Default: Workshop tab (recommended for hazard review)
Choose your preferred font family for the entire application
Note: Font changes apply instantly across the entire application and are saved automatically.
Choose between collapsible sidebar or classic horizontal tabs
đĄ Sidebar navigation offers keyboard shortcuts (Ctrl+B), drag-to-resize, and pinnable tabs
â ī¸ Page will reload to apply navigation style changes
Customize ID prefixes for hazards, causes, controls, and evidence. ID format will be [PREFIX]-XXX where XXX is a 3-digit number (e.g., HAZ-001).
Note: These preferences will be used when generating new IDs for hazards, causes, controls, and evidence. Changes will take effect immediately after saving.
đ Admin Settings
Administrative functions for user management and audit logging
Manage user accounts and product access permissions
View system activity and compliance audit trail
Track all changes to entities and rollback to previous versions
đ
Select a product to view version history
Configure where user feedback is sent
Note: User feedback submitted via the header button will be emailed to this address. Default: support@curistica.com
đ Structured Product Information Document (SPID)
View and edit SPID documents - manufacturer-side product documentation for clinical safety compliance.
đ Structured Context Information Document (SCID)
View and edit SCID documents - deployer/organization-side documentation for clinical safety compliance.
đ Data Protection Impact Assessment
View and navigate DPIA documentation for your products and services.
Add New Hazard
Add New Cause
Add New Control
Add Evidence
âī¸ Edit Cause
âī¸ Edit Control
âī¸ Edit Evidence
đ Link Existing Cause to Hazard
Preview:
Select a cause to see details...
đ Link Existing Control to Cause
Preview:
Select a control to see details...
đ Link Existing Evidence to Control
Preview:
Select evidence to see details...
Confirm Deletion
Are you sure you want to delete this item?
â ī¸ Delete Project
Are you sure you want to delete this product?
This will permanently delete all associated:
- Hazards
- Causes
- Controls
- Evidence
- All relationships
This action cannot be undone.
Type DELETE to confirm:
đ Duplicate Project
Enter metadata for the duplicated project:
* Required fields
â Create New Hazard Log
* Required fields
đ Convert to DCB 0160
This will create a copy of this project configured for DCB 0160.
All hazards, causes, controls, and evidence will be copied to the new project.
This will be added to the project name: "Project Name 0160 @ [Location]"
What will be created:
âĸ DCB: 0160
âĸ Date: Today's date
âĸ Description: "draft 0160 created from [source project]"
đŦ
đ NHS Risk Matrix
This risk matrix shows how severity and likelihood combine to determine risk scores (1-5).
