Evalucom Consulting

CarePulse market management

CarePulse is an innovative and collaborative commissioning solution focussed on patient choice and care quality.

Our experts use innovative web-based software to implement Any Qualified Provider (AQP) commissioning solutions that support the end-to-end commissioning cycle for Continuing Healthcare (CHC), Funded Nursing Care, Mental Health, Learning Disability, Children & Young People.

Features

• Market analysis dashboards- dynamic, interactive online market management insights
• Cost modelling- robust online care cost data collection and validation
• E-procurement system- bespoke online solution compliant with public procurement regulations
• Directory of services- search by vacancies, specialisms and CQC rating
• Care quality monitoring- monthly interactive quality insight dashboards
• Digital placement agreements- improved contractual governance and assurance
• Care cost calculators- improved spend control and standardisation
• Notification system- easy communication with the entire market
• Contract mobilisation system- e-signature enabled with status monitoring
• API with CQC and CSV exports of datasets

Benefits

• Improve the accuracy of self-reported information (e.g. quality metrics)
• Enhance the user experience (quicker, easier, once only)
• Gain insights by exploring rich data visualisations
• Save time and money through efficient, global real-time vacancy system
• Maximise use of existing health and social care capacity
• Comply with reporting requirements regardless of device
• Quickly read (and write) all relevant content on the move
• Export or print datasets to share with third parties
• Enhance service selection user experience by providing comprehensive easy-to-read information
• Simplify service selection through map-based navigation

£34,000 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.mchugh@evalucom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

121966154109190

Contact

Michael McHugh
02039704047
michael.mchugh@evalucom.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Web browser with enabled cookies and JavaScript
  • Stable and fast internet connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours on weekdays, no support during weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Tier 1: Initial support level responsible for basic customer issues, reachable via email and phone.; Tier 2: In-depth technical support for technical problems that can not be solved by Tier 1 support.; Tier 3: Highest level of technical support for handling the most advanced problems.; ; The support levels are included as part of the service and have no associated additional costs (other than on-site support). ; ; A technical account manager is provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: When all new users join our service, we send personalised introductory emails which include:; ; • an overview of the service; • where to find key information and supporting documents within the system, including FAQs and regionally specific information; • key contact details for support; ; When a group of new users from the same organisation join the service, we offer onsite introductions and training alongside personal introductions. Screen sharing webinars are held to train new users from a number of different organisations simultaneously. ; ; When a significant update is made to the system, we send a summary of the changes to all current users and offer introductory webinars.
• Service documentation: No
• End-of-contract data extraction: Users can extract their data using CSV exports.
• End-of-contract process: The user account will be closed down, access to the system will be revoked. Data will be transferred as required. There are no additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The web interfaces follow Responsive Design principles and thus pages adapt their content layout based on the size and orientation of the screen. They will therefore look different on mobile and desktop environments. ; ; Performance may be slightly worse on mobile, due to the differences in hardware capabilities. Devices with less RAM could experience longer loading times for the interactive data visualisations. The data visualisations are rendered in JavaScript and are thus dependent on device CPU and RAM capabilities.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: No

Scaling

• Independence of resources: Server capacities are monitored and in case of high usage of the system, a seamless up-scaling for additional servers can be performed.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide bespoke monthly quality monitoring and contract management reports.; ; We review Google Analytics metrics and internal page usage statistics and can provide these on request.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Never
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can export data via CSV exports.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Available 99.5% of the time on a 24/7 basis.; ; User refunds can be agreed on a case-by-case basis.
• Approach to resilience: CarePulse resides within AWS and Heroku and utilises the extensive resiliency features of AWS to deliver our solution. ; ; Flexible up and downscaling of hosting capabilities in multiple regions allow our system to be resilient to failures in specific locations.
• Outage reporting: Scheduled outages are announced via CarePulse and unexpected failures are announced via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Users are assigned to groups and groups are assigned to permissions. Based on user permissions, interfaces adjust the content displayed to the authenticated user. To ensure that only users who should access certain content are able to access the content, additional permission checks are performed in the back-end.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Information governance (IG) and security is the responsibility of a named IG lead. ; ; The IG lead works with the IT manager to ensure all systems, services and equipment used for storing data meet acceptable security standards and that new and existing systems developed by the company are compliant with documented information security policies.; ; The IG lead is consulted during the design, development and/or implementation phase of any new systems, processes or projects carried out by the company to ensure information security.; ; The IT manager is responsible for performing regular checks and scans to ensure security hardware/software are functioning properly.
• Information security policies and processes: We follow detailed documented information security policies. These policies are reviewed annually at a minimum to ensure compliance with legal and regulatory requirements.; ; All new systems or processes undergo an Information Security Assessment. Appropriate steps are taken to mitigate any information security risks identified during the assessment.; ; The Information Governance lead reports directly to senior management. Information and security risks are raised with senior management as part of standard company risk reporting mechanisms.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All hardware components of the service are managed and tracked by Heroku and AWS. Maintenance work and security updates are performed on a scheduled basis by Heroku and AWS.; ; The service source code is designed, developed, tested and deployed internally and undergoes code reviews, user testing and automated unit tests before being deployed to the live environment. Every pull request has to be reviewed and approved by at least one senior developer before it can be merged with the master branch. Changes to the source code are tracked using version control and assessed for potential security impact (GitHub).
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: GitHub regularly performs vulnerability checks on all software package dependencies of the service and assesses the potential threat level. In cases where a vulnerability is detected, a patch is deployed within one working day.; ; Vulnerabilities on an operating system level are assessed and dealt with by AWS and Heroku.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: A third party application is built into CarePulse to monitor, troubleshoot, and optimise security using network and in-app security signals. Audit logs are generated by the application and reviewed once a month. Automated security alerts and flags are shared in a Slack channel and via email to notify the technical team of potential breaches and security vulnerabilities. These are then investigated and appropriately dealt with within one working day as per the Incident Management processes.
• Incident management type: Supplier-defined controls
• Incident management approach: Pre-defined processes for common incidents are in place. The processes lay out specific instructions that should be followed in case an incident occurs. ; ; Users can report incidents via the help centre (email and phone) or use the built-in feedback form functionality of the system. The incidents are then assessed and investigated using our third party protective monitoring application and dealt with accordingly.; ; Security incidents of relevance are reported within 5 working days through CarePulse's announcement system.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  One of Evalucom’s core values is “Making a real difference that benefits society”. This value extends beyond our work supporting health & social care, and includes our stewardship of the environment. We actively and consciously make decisions which support environmental protection and improvement. We lead by example for our employees, suppliers and partners. We choose to work with suppliers and partners that have environmental protection values.; ; Evalucom’s pension provider, Nest, is one of the first in the UK to commit to transitioning to a net zero carbon strategy. ; ; We participate in the UK Government’s Cycle to Work scheme. ; ; We are paperless to reduce waste and energy consumption, and we encourage our partners to do the same. ; ; We are working towards achieving “B Corp” status ; ; We are aligned with the Net Zero NHS policy. We have a Net Zero NHS ambassador in the team who is leading on strategies to:; ; - Reduce our own carbon emissions as an NHS supplier e.g. we are minimising our data footprint and required server capacity by optimising data retention.; ; - Support our CCG/ICS partners to meet their goals and ambitions to reduce adverse impacts on the environment. ; ; - Support our AQP providers to reduce their carbon emissions as required by Service Condition 18: Green NHS in the NHS Standard Contract.
• Tackling economic inequality:

  Tackling economic inequality

  We align the AQPs with the Ethical Care Charter and we support greater financial security for care workers. Fair pay is essential to support this critical but vulnerable workforce, and retention of skilled care works also supports better quality care for service users. We’ve maintained an hourly sleeping night rate for the Domiciliary Care AQP as supported by the UK Home Care Association. We’re transitioning to the London Living Wage in the pay structure of the Domiciliary Care AQP and we have a process to ensure that they increased prices are being passed on to care workers.; ; We share health and wellbeing guidance with providers through CarePulse. For the June 2021 qualitative reporting we asked providers to tell us about staff well-being during COVID and shared a summary report with providers to help spread the examples of good practice.
• Equal opportunity:

  Equal opportunity

  Our commitment to tackling inequality is set out in our Equal Opportunities Policy.; ; One of Evalucom’s core values is “Supporting our people to grow”. We recruit interns, graduates and work placement students to offer inexperienced people the opportunity to develop their career. We promote from within the organisation to ensure our recruits progress professionally.; ; We participate in City University’s Micro Placement programme. This award-winning social mobility initiative places students from diverse demographics, including low socio-economic backgrounds, into short-term work projects.; ; We work with City University on their innovative Professional Pathway Scheme (PPS), which enables students within the Department of Computer Science to transfer to relevant four-day-a-week employment and complete their degree by a combination of day-release and e-learning. This programme gives us access to a pool of talented students and by offering paid employment we support students from disadvantaged backgrounds to complete Higher Education. We support the students’ professional development so that they have the skills and experience to successfully enter the job market once they graduate. ; ; At each stage of recruitment we use standardised processes to ensure consistency and inclusivity. We use scorecards to evaluate candidates. Interviewers are trained and provided with written guidance to reduce unconscious bias and ensure that best practice is followed. The outcomes of each stage are reviewed by another team member for consensus and to ensure that the correct process has been applied.
• Wellbeing:

  Wellbeing

  One of Evalucom’s core values is “supporting our people to grow”. Our most important asset is our team and we’re proud of the care we take of our people.; ; To support mental wellbeing we have Wellness Action Plans (WAPs). WAPs are designed to let people outline what they need to stay well at work and what their line manager can do to support them. WAPs enable team members to communicate working styles and stress triggers/responses.; ; We organise regular team social events for team building. These events are designed to accommodate various interests.; ; To support physical well-being we make sure everyone has the equipment they need to work safely and effectively. We provide budgets for equipment. We provide the team with resources and guidance about best practice desk set-up, posture, and ergonomics, as well as videos of exercises and activities to avoid and alleviate strain and fatigue. We work with a workplace health and wellbeing consultancy to conduct virtual Display Screen Equipment workstation assessments for team members.; ; We recognise that people require flexibility. We’re flexible with when people work and offer flexible working hours and part-time working arrangements. Instead of requiring people to work prescribed hours, we focus on achieving the right outcomes. ; ; Our flexible working practices and our staff engagement initiatives always consider cultural appropriateness. We have a diverse team and ensure that everyone feels safe, welcome and included at Evalucom.

Pricing

• Price: £34,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.mchugh@evalucom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.