HIPPO LABS LTD

Hippo Recaller

Hippo Labs delivers digital health software solutions for primary care. Our Hippo Recaller platform analyses patient clinical data to identify patients with care needs and then automates the messaging / recall process to drive uptake. This improves patient outcomes and reduces workload for providers.

Features

• Automated identification of patient care needs
• Consolidation of all outstanding patient needs
• Automated patient messaging and follow up
• Drip-fed, intelligent messaging service with online booking links
• Tracking of success and failure for messaging
• Manual recall/phoning of patients
• Dashboarding of target progress
• Real-time reporting of clinical indicators
• Gather data from patients through questionnaires
• Automatically write data back to EHR

Benefits

• No more running searches - patients automatically identified
• No more uploading multiple lists - automated invitations
• Improved uptake with intelligent drip-fed invitations
• Find / follow-up 'non-responsive' patients using platform 'recall list'
• Outsource manual phone calls to follow-up 'non-responsive' patients
• Optimise use of staff through smart appointment recommendations
• Improve QOF/ other target performance with end-to-end management
• Use deep-dive analytics to accurately workforce plan

£0.80 to £1.60 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sachin@hippolabs.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

114655672621124

Contact

Sachin Gupta
07944744444
Sachin@hippolabs.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Electronic patient records such as EMIS or SystmOne GP
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Access to electronic healthcare record (for setup)
  • Up to date internet browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Aim to respond within the same working day if a weekday, and on the first non-weekend day if a weekend
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Hippo Labs will provide as much support as required to use the platform, via the communication medium preferred by the user, during Hippo Labs business hours (Monday-Friday 9-5).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users receive personal bespoke training from the team at Hippo Labs. This is followed up with a web-based Help page including videos and written content. Users will always have an open dialogue with the Hippo Labs team via Microsoft Teams or email.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the termination of a contract, users stop data sharing with Hippo Labs. Hippo Labs deletes all associated data from their servers. No data extraction is required as all relevant patient data will have been written back to the clinical system. If further data is required, Hippo Labs can provide that upon discussion.
• End-of-contract process: At the end-of-contract, users are offered to renew their contract, and should they decline they are off-boarded from the platform and all relevant data is deleted from Hippo Labs servers. This is at no extra cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Webpage with three tabs. First tab is a list of patients who require manual recall. Second tab displays proactive care targets and practice achievement. The third page allows to you create and view campaigns to recall patients.
• Accessibility standards: None or don’t know
• Description of accessibility: Users can see details about patients who need messaging, and log interactions with them (as well as edit this if necessary). They can track targets in relation to long-term care targets. Users can create campaigns which cause messages to be sent to patients with outstanding target needs, edit which targets, change messaging mediums, change how many messages are sent per day, track the success of messages, as well as edit these at any time.
• Accessibility testing: None as of yet
• API: No
• Customisation available: Yes
• Description of customisation: Users can select which practices / targets are relevant to them. There is also the ability to request deeper dives into the data or the recalls being made, such is who is doing the recalls and the outcomes of the data. They can also request the onboarding of new, specific targets relevant to them. Users can also customise the details and colours they see on the manual recall page.

Scaling

• Independence of resources: The platform is built using modern best-practice and a flexible public cloud back-end enabling us to scale effectively without compromising the services of users.

Analytics

• Service usage metrics: Yes
• Metrics types: Users can see the number and outcomes of their manual recalls from within the platform.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can export their data manually while in the platform, or by requesting their data from Hippo Labs directly.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: By selecting data sharing agreed within their electronic health record

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The platform will be live >99% of the time. If the platform is unavailable for longer than this, Hippo Labs will review and remediate as quickly as possible.
• Approach to resilience: The servers selected are considered best in class and are like-for-like with the ones used by the NHS data. More information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is managed from Auth0 by Hippo Labs team
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our internal IT security is managed by external contractors KRATOS IT.
• Information security policies and processes: Hippo Labs is DTAC compliant and follows all guidelines and processes related to this.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Hippo Labs operates under agile management principles with 4 environments. 1 for development, 1 for quality assurance, one demo environment and then the live development environment. UAT testing is performed and validated before production releases.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Hippo Labs employs an external auditor to perform penetration testing and cloud configuration management. Hippo Labs performs static security application testing as part of its release process, to identify potential patches required. Users have the ability to report any further issues or concerns.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Hippo Labs employs an external auditor to perform penetration testing and cloud configuration management. Hippo Labs performs static security application testing as part of its release process, to identify potential patches required. Users can report any further issues or concerns. All logging and and activity data is stored in AWS.
• Incident management type: Supplier-defined controls
• Incident management approach: Hippo Labs has a safety incident management system in place. Users and developers can report incidents on the platform or by contacting members of Hippo Labs. Incidents are prioritised and tracked until resolution in Github. Reports are written by the clinical safety officer confirming actions and resolutions.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Wellbeing

  Covid-19 recovery

  The platform helps to identify patients who require a COVID-19 vaccination as well as message them and invite them in for their appointment.

  Wellbeing

  The platform identifies long-term condition needs and invites patients into their surgery to have these needs met, improving wellbeing. The platform consolidates appointments, reducing unnecessary appointments and communications between GP practices and patients.

Pricing

• Price: £0.80 to £1.60 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial of the whole platform for a limited amount of time.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sachin@hippolabs.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.