Genome QA - Quality Assurance and Improvement Auditing System for Healthcare

Genome QA is a quality assurance and improvement auditing software for nursing management and quality teams in health and social care. It supports assessments, inspections and multiple auditing frameworks like ward accreditation and other multilayered auditing systems. The audits, used in any healthcare setting, enhance compliance with the CQC standards.


  • Intuitive auditing app
  • Real-time ward to board reporting
  • Advanced data visualisations
  • Automated data processing
  • Photos and comments
  • Multiple customisations
  • Task management system
  • Guidance for each audit question
  • Adaptability
  • Data rich, customisable metrics


  • Quicker auditing, more time to care
  • Clear organisational performance visibility
  • Increased productivity
  • Quantitative data enrichment with qualitative elements
  • Trust-specific content resulting in most relevant data presentation
  • Better organised auditors' work
  • Enhanced situational awareness
  • More accurate data collection
  • Quick system changes
  • Empowering staff


£4,000 to £100,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 2 9 0 0 2 1 7 0 4 7 4 9 3 6


GENOME LTD Stacey Hatton
Telephone: +44 (0) 1144 387 660

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
Scheduled maintenance is performed on Thursdays between 4 am and 6 am. Emergency Edit maintenance may be carried out at any time. If emergency maintenance is required, Genome will provide a customer with appropriate advanced notification.
System requirements
  • Operating system - Windows 7 or later
  • CPU - 64-bit Intel processor
  • RAM - 512MB or more
  • Compatible iOS devices

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support is available 8:00 - 18:00 seven days a week. Genome operates a unified severity-driven customer support model. The response time depends on impact severity as described in the SLA:
- Severity 1 - response within 30 minutes
- Severity 2 - response within 1 hour
- Severity 3 - response within 12 hours
- Severity 4 - response within 1 business day
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Genome provides operational support via the helpdesk. The support is free of charge and includes, amongst others, changes to the auditing tools, account management, and full technical assistance provided by our technical account manager.
Support available to third parties

Onboarding and offboarding

Getting started
Onboarding support is provided for configuration, training, data migration, interoperability arrangements, deployment, and user testing. The training involves:

1. Remote sessions through video conferences
2. Optional on-site training - demonstrations and hands-on workshops
3. User guides documentation provided for each key role.

If no data migration or interoperability arrangements are required, Genome is aiming for a full onboarding process to take less than 7 working days for an average size Trust.
Service documentation
Documentation formats
End-of-contract data extraction
We will make the data available to the clients as pdf reports or capture the raw data in CSV format.
End-of-contract process
On expiry or termination of the contract Genome will:

1. Transfer all system data to the customer.
2. Revoke the client’s users’ access rights.
3. Remove the client’s users' personal information.

All the actions at the end of the contract are free of charge.

Using the service

Web browser interface
Application to install
Compatible operating systems
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
Mobile devices are used as data acquisition and visualization tools. The desktop application's predominant function is to provide advanced aggregate data visualization capability.
Service interface
User support accessibility
None or don’t know
Description of service interface
Genome delivers app-based interfaces for executing all tasks within the system.

Access is controlled by unique user names and passwords and is determined by senior decision-makers in the organizations.
Accessibility standards
None or don’t know
Description of accessibility
The system is accessible through mobile and desktop apps, and all system functionality is available from adding and executing audits to an in-depth data analysis.
Accessibility testing
Genome is in the process of ongoing development to ensure that we meet the government guidelines for accessibility standards. The software is being rigorously tested by our clients and suggestions for interface improvements are being introduced on an ongoing basis.
What users can and can't do using the API
Genome QA API allows interaction with key functionalities of the application. Users have secure access to their analytics data gathered on the server. Data retrieval is protected by secure delegated access standard.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Customizable system elements depend upon which components of the service are purchased. Examples of customizable elements include:

1. Audit structure
2. Audit locations
3. Audit questions
4. Question guidance
5. Audit guidance
6. Question grouping
7. Multi-level organization structure

Customer representatives, in cooperation with Genome’s customer support, can customize Genome QA at the onboarding stage by filing out predefined forms. Requests for change can also be made while the system is operational.


Independence of resources
Genome QA cloud provider monitors the usage and automatically adjusts capacity to maintain appropriate performance in line with customer requirements.


Service usage metrics
Metrics types
The following service usage metrics will be provided if requested:

1. Service performance
2. Service availability
3. Scheduled maintenance activities
4. Emergency maintenance activities
5. Incident response and resolution times
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The users can obtain CSV or pdf files with their data free of charge. We will provide full support to the customers in performing any extraction activities including extracting data in other formats requested by the client. Extracting data in formats other than CSV will be treated as an additional service and incur costs subject to prior agreement with the client and a quote by Genome.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Genome can guarantee 99% service availability. In respect of each calendar month during which the services' uptime is less than the commitment specified, the Customer will receive a refund. Please see the Terms and Conditions document for specifics.
Approach to resilience
Available on request.
Outage reporting
Reports of outages are delivered via email alerts.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
The access is restricted by username and password authentication. Genome staff provides user permissions and role based access in support channels and management interface.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Alcumus ISOQAR
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Genome adopts policies, procedures and processes created in accordance with the General Data Protection Regulation (GDPR) and ISO/IEC 27001 standards.
The information security documentation is being reviewed on a regular basis, ensuring the company is compliant with all aspects of information security. Internal and external audits of Genome’s Information Security Management System (ISMS) are carried out periodically. Any information security issues or breaches are acted upon by following the correct escalation routes as per the documented processes.
All employees and contractors of Genome have a contractual duty to follow Genome’s information security policies and procedures.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Genome applies a systematic approach to managing change.
Genome’s change management procedures are led by the CTO and Information Security Manager.
Every change undergoes a risk assessment to identify and mitigate any potential security impact the change may produce.
Changes impacting customer services are reviewed, tested, approved, and communicated. Should the change pose any risks once in the live environment, rollback procedures are available.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Genome subscribes to vulnerability email alerts from Cybersecurity and Infrastructure Security Agency (CISA) and NHS Digital.

Advisories that relate to Genome’s services are risk assessed, escalated to the Information Security manager, and filtered to the team as necessary.

Genome ensures that action is scheduled and installing patches required for known vulnerabilities is conducted according to the change control procedure. Routine patches are applied on a quarterly basis. Any vulnerabilities deemed higher risk are applied more frequently based on the risk assessment.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We monitor server and firewall activities to identify malicious, unauthorized, or unexpected behaviour that may indicate a potential attempt to breach the service. Upon identification of breach or breach attempt, Genome’s Information Security Manager, together with CTO will perform a risk assessment, notify any customers that may have been affected, notify the UK authorities and block the source of the attempted breach.
Incident management type
Supplier-defined controls
Incident management approach
Genome has incident management processes in place to ensure the company is equipped to respond to a wide range of unexpected events that may affect the delivery of the service to the customers. Genome responds to incidents in accordance with the Business Continuity Incident Response Procedure and Information Security Incident Management Policy.

A defined process and contact route are in place for reporting security incidents by the clients.

Genome reports security incidents of relevance to the suppliers or customers within acceptable timescales in accordance with service level agreement.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Today, many organizations still conduct their audits on paper. Genome QA allows the users to conduct the audits on electronic devices, which eliminates the use of paper and therefore promotes a reduction in deforestation.
Covid-19 recovery

Covid-19 recovery

One of the most common audits carried out in every healthcare environment is an infection control audit. Whilst this has and will continue to be an ongoing issue in every health care setting, the importance of this matter has increased significantly since the arrival of Covid-19.

Genome QA can be adapted to meet the demands of an ever-changing infection control environment, supporting audits in areas such as PPE donning/doffing, disposal, isolation rooms, terminal cleans, etc.

Our system offers real-time, automatically processed audit results, promoting immediate, reactive action, improving infection control standards, and reducing the spread of Covid-19.
Tackling economic inequality

Tackling economic inequality

Genome is at the forefront of innovation and participates in developing new, disruptive technologies enriching the fast-growing digital health industry. Our main objective is to deliver lower cost and higher quality software for the health and social care sector.
Our solutions focus on modernising delivery and increasing productivity by providing our clients with scalable and future-proof new software packages and improving the methodologies within healthcare organisations.
Genome systems promote highly resilient solutions to manage cyber security risks within our organisation and supply chain.
We also create employment and training opportunities in the high growth information technology sector.
Equal opportunity

Equal opportunity

Genome is an equal opportunity employer committed to eliminating discrimination and encouraging diversity and inclusion amongst our workforce.

Our goal is to promote working practices and create a working environment that encourages our employees to be treated fairly regarding all procedures and choices and approached with respect and dignity.

We prohibit discrimination and harassment of any kind based on race, colour, sex, religion, sexual orientation, national origin, trade union activity, disability, genetic information, pregnancy, or any other protected characteristic.

This policy applies to all employment practices within our organisation, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship.

Genome makes hiring decisions based solely on qualifications, merit, and business needs at the time.


Genome QA supports the health and wellbeing of our clients’ staff by reducing the number of frustrating, mundane tasks performed by senior managerial staff. A well organised advanced questionnaire system on mobile devices makes the auditing process quicker and easier. Advanced processing algorithms and high levels of automation remove unnecessary work. Reduction in mundane tasks and manual actions not only increases efficiency but also helps to boost staff job satisfaction and promotes wellbeing.


£4,000 to £100,000 a licence a year
Discount for educational organisations
Free trial available
Description of free trial
The full version of Genome QA is included as a free trial for the period of 3 months.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.