PARSEK UK LIMITED

Vitaly - Healthcare Coordinated Care Platform

The Parsek Vitaly Platform helps NHS professionals connect different systems, care teams and patients. Coordinated Care is used once patient has completed their in-patient treatment. It consists of two integrated applications: for care teams who supervise the patient from a distance, and the patients who perform their own care activities.

Features

• Evidence-based care management of the complete care pathway
• Care process automation for reducing risks and prompt support
• Configurable care plans adjusted to patient needs
• Remote monitoring options for improved efficiency and patient outcomes
• Access to relevant medical data and health-related information
• Digital forms for capturing symptoms and following quality of life
• Reminders for care activities and future appointments
• AI-enabled insights for clinical decision support
• Tracking of metrics for operational activities and quality of care
• Compatible with your existing ecosystem

Benefits

• Maximises clinical efficiency to reduce patient treatment times
• Increases patient involvement in the care and treatment plan
• Empowers patients through inclusive healthcare experience and positive outcomes
• Provides equal access all patients
• Automates data exchange to reduce manual tasks
• Streamlines workflows for better time allocation
• Integrates multiple systems for more efficient communication
• Reallocates clinical time and budget to focus on patient outcomes
• Utilises Machine Learning to provide clinical support
• Utilises Machines Learning to provide metric generation and comparison

£6.70 to £96.40 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gasper.cehovin@parsek.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

147340252014461

Contact

Gasper Cehovin
02034888460
gasper.cehovin@parsek.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Services can be standalone or connected to other IT systems. Using configuration options, we can connect to systems that support HL7 V2&V3 and FHIR/HL7 interoperability standards.; We can, on request establish connections (which Additional cost/effort) to other external systems and devices (e.g. MS Teams, CISCO Webex, RPM Devices).
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Our systems do not have any service constraints as the solution is hosted on clients networks.
• System requirements:
  • 6x virtual servers, 2xvCPU, 8GB RAM, 100G storage
  • 1x managed PostgreSQL, multi-AZ, 2vCPU,8GB RAM, 200GB storage
  • 4x instances of managed service load balancer with SSL termination

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Typically within 2 hours during office hours. Weekends and bank holidays critical support only to ensure uninterrupted service.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support is organised at three levels according to ITIL (IT Infrastructure Library). The first level of support is usually provided by the customer itself, the second level by a local partner and the third level by Parsek. If Parsek provides the service without the second level support partner, then Parsek provides the second and third level support and the clients interface with Parsek directly. Service levels are developed in agreement with clients dependent on key factors including business critically, and budget. E-mail support is typically provided during a working day from 9 am - 5:30 pm. Initial response times are as agreed at the design of the service but typically will be within 2 hours. Additional outside working hours support can be provided at additional cost if required. Our clients have a technical account manager that can escalate issues throughout the organisation.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer training and educational support. Applications come with a user manual and professional users are involved through the entire implementation process.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At all times, the data is controlled by the Client. Parsek is only acting as a data processor according to the contract and all applicable laws for the time of the contract. At the end of the service, Parsek will extract the data in accordance with FHIR UK healthcare IT interoperability standards to ensure the data can be reused. Data can be destroyed as per the Controller's request. The Controller can retain the data without any limitations according to applicable laws.
• End-of-contract process: Before the termination, Parsek will prepare a detailed Termination Plan for the cessation of services. All environments will be inaccessible after the termination. The extract will be available for all data in accordance with FHIR UK healthcare IT interoperability standards. Transfer of data will be defined as part of the Termination Plan. There are no additional charges for standard data extraction according to the FHIR UK. For any specific data extractions and/or migration a tailored quotation will be provided.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No functional differences. Responsive design and layout to provide a user friendly experience.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: There are different service interfaces: • IAM interface, for setting users, realms, groups, permission, MFA, SSO, etc. • Application Service Modules, where an ICT administrator can set up in-app permissions and roles. Create Teams, etc. • Virtual server administration interface is used to operate virtual infrastructure and virtualised servers. Used by System Administrators.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We perform various usability tests. One of the focus areas is accessibility testing. Accessibility is asserted by: • in-person user testing performed by volunteers with impairments • using dedicated usability testing service providers • using static markup analysis checking against WCAG 2.1 AA • and our internal QA and QC verifies and validates using browser extensions and specialised tools used by users with impairments.
• API: Yes
• What users can and can't do using the API: Our API is by default locked. This means that external systems cannot interact with it. We open our API to provide interoperability use cases. This means that we expose standardised HL7 FHIR or HL7 V2, V3 API endpoints that can be used according to the integration statement. The openness and configuration of the API is project-based because it must be aligned with the client. The client can use API in the pre-defined use-cases according to the Integration Design Document and HL7 standards.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: In terms of customisation, we support:; • visual design customisation, colour scheme, logo, translations; • custom form extensions within a predefined application logic flow; • application reporting capabilities can be customised; ; Please note that all the following customisations need to be aligned between parties and implemented by Parsek or a certified partner.

Scaling

• Independence of resources: Each client has a dedicated segregated deployment hosted on the chosen cloud or self-hosted which can be scaled up in line with demand.; ; Environments are actively managed and scaled up in line with needs. ; ; In the event of performance degradation occurring our service management tooling would automatically trigger an incident alerting us to the problem so that immediate action can be taken to address it.

Analytics

• Service usage metrics: Yes
• Metrics types: Auditing, usage data, user logins, errors and exceptions logs, security metrics, capacity metrics, application performances, system performances, key application events, various clinical insights. We use a dedicated metrics collection, analysis and reporting platform
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Data can be exported in a number of structured ways depending on the user and their access privileges. ; ; Patients can self export all their direct data that is contained in the platform with restrictions placed on external linked data. ; ; Healthcare users can export data in any structured way.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Images - media files
  • XML
  • CDA
  • Zip
• Data import formats: Other
• Other data import formats:
  • HL7 Interoperability Standard/FHIR Resources
  • HL7 V2/V3
  • Custom Structured Data Import (e.g. CDA and XML)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Vitaly platform is hosted on the user or a third-party hosting site. Parsek, therefore, does not have availability responsibility as the Vitaly platform is hosted remotely to Parsek. We have service levels on the support that are detailed in that section. Product updates are scheduled and agreed upon with the client prior to installation.
• Approach to resilience: Our service primarily utilises a service provider that has multiple hosting sites within the UK and/or EU with the diverse routing of communications and power. We use a service configuration that makes use of these capabilities to provide a resilient service. ; In case the client insists on a private cloud or self-hosted deployment, we are advocating for a HA deployment model.
• Outage reporting: The client is informed about an outage via our Helpdesk. If the client does have a monitoring or telemetry service, we can feed outages and other system events directly as well. ; The service provider uses a proprietary monitoring and alerting solution for virtualisation and networking. On the application level, we are proactively monitoring all services and performing log aggregation and rule-based alerting in order to trigger proactive alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Our preferred cloud platforms are AWS and Microsoft Azure. For our standard service Management Console, we offer console-based configuration management and web-based web application server management. IAM management is web-based. For accessing the management and support consoles a secured connection is needed and multi-factor authentication is mandatory. Usually, we whitelist IP ranges that are allowed to connect.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Slovenian Institute of Quality SiQ
• ISO/IEC 27001 accreditation date: Q3-2022
• What the ISO/IEC 27001 doesn’t cover: All organisational process are covered and there are no exceptions from standard controls.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have all ISO 27001 required policies and controls in place to guarantee IT security, information asset confidentiality, integrity and availability to list some:; • Information security policy ; • Risk assessment methodology; • Definition of security roles and responsibilities; • Disaster Recovery Plan; • System Resilience Testing Plan; • Incident Management; • Asset acceptable use; • Access control and user rights policy; • Operating procedures for IT management; • Supplier security policy; ; We have a nominated security officer who ensures security policies are followed and undertakes scheduled audits. The security officer reports directly to the Management board. External review and audit are performed at least once a year.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management approach is aligned with ITIL, PMBOK practices and further strengthen by ISO 9001, ISO 13485, IEC 62304 and ISO 27001 controls.; We’ve adopted the configuration as code principle years ago, which means all our configurations are scripted and versioned. We do use also a configuration management server to catalogue all active configurations on any deployment.; Every change is first tested out in a dedicated sandbox environment and in the client pre-production environment. QC and DevOps team have a test plan ready to assert the applied changes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management is aligned with ISO 27001:2013 standard. We have a dedicated team and clear ownership over vulnerability management. We have a set of manual controls. Alongside the manual controls, we use static and dynamic vulnerability detection using specialised tools. Currently implementing a SIEM tool linked to our Log Aggregation platform.; Patches are deployed according to the SLA agreement, depending on criticality. Typically, a critical 2nd level incident should be responded to within 2h and the target resolution time is 4h. On the 3rd level support, the response time is the same the target resolution time is 1 day.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring is part of our ISO 27001 policies for continuity, availability and resilience management. The practices are aligned with recognised standards such as CSA CCM v3.0.; ; All services are managed at the boundary by NIDS. Our services also provide application-level logging and HIDS protection. All alerts would be forward to the centralised monitoring platform and trigger support intervention. Depending on the severity, we would respond within the SLAs of our services.
• Incident management type: Supplier-defined controls
• Incident management approach: Conforms to recognised ISO 27001:2013 standard and ITIL practices. We have a clear incident management protocol with clear ownership and a predefined runbook for remediation and reporting.; ; Users can log an incident via email, phone, web interface and also chat.; ; Incident reporting is via the web interface. Additional reports can be supplied by request at additional cost.; ; The Head of Quality and Compliance oversees communication with authorities, and the COO is responsible to communicate with the clients and users. ; The IT System administrator runs the remediation activities.; ; Our incident management process is based on ITIL principles.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: NHS Network (N3)

Social Value

• Fighting climate change:

  Fighting climate change

  The Parsek board is committed to fighting climate change and has set targets to reduce our own carbon impact on the climate. We also help our clients reduce their impact by helping reduce travel impacts for our clients’ staff and patients. ; ; Parsek works in healthcare, a sector that still lags the most in digitisation, and is making great strides to combat climate change. By providing solutions that allow specialists to collaborate remotely on highly complex patient cases that require medical attention over a long time, we contribute to two main factors in regulating climate change. First, we contribute significantly to the reduction of paper-based communication, which leads to a reduction in water and tree consumption at a high level, and second, we reduce the need for in-person visits by both patients in hospitals and specialists during in-hospital meetings, which has a significant impact on logistics-related traffic and associated greenhouse gas emissions, which in turn impacts the carbon footprint. Our solutions are cloud-based, and the entire implementation is done remotely and without paper.
• Covid-19 recovery:

  Covid-19 recovery

  Before the COVID-19 pandemic, around 85% of the 'burden of disease' in the healthcare system was from long-term conditions rather than infectious diseases. There is evidence of the growing impact of the COVID-19 outbreak on the health care needs of those with longer-term health conditions primarily due to restricted access to care.; ; The COVID-19 outbreak filled the schedules of healthcare professionals. Due to the increased workload, many institutions, departments, and healthcare professionals that do not specialise in this kind of disease struggle to provide timely access to quality care for other patients. The critical objective is to keep healthcare professionals safe and well by minimising in-person contacts and the need to travel. Our digital tools offer virtual collaboration options between different institutions and patients.; ; Our solutions are all web-based and designed on top of the interoperable platform, videoconferencing, image-sharing and other HIE-relevant functionalities. The embedded smart workflow engine makes sure the process is streamlined, ensures comprehensive access to all relevant patient information, and optimises clinicians' time and administration effort. It allows the team to exchange opinions, communicate, review documents, and manage their patients remotely without travelling or any other logistic effort required to perform care activities.
• Tackling economic inequality:

  Tackling economic inequality

  Parsek helps organisation reduce the costs of administrating healthcare pathways. This reduction is cost is achieved by the introduction of technological solutions. These savings can the be used by the organisation to increase the frontline service and hence have a direct impact on creating new jobs. ; ; By providing solutions that enable collaboration between institutions and digital care closer to home, we lead to the automation of clinical routine, data sharing and releasing the workload of clinical teams while creating a need for new roles - in administration, research, ICT and support roles that acquire soft and digital skills rather than extensive medical knowledge.
• Equal opportunity:

  Equal opportunity

  Parsek is an equal opportunities employer, and we have policies and procedures in place to ensure that none of our staff are discriminated in any way. We monitor the protected characteristics and work with organisations that represent these cohorts to encourage representation in our recruitment processes and our staff. Staff are made aware of the impact of discrimination on any grounds and training is provided to ensure awareness and empathy are always exhibited. One of our company's most important values is Empathy and Inclusion. We have zero-tolerance for any kind of sexual, racial, disability or social discrimination.; ; involving people, and understanding their experiences is essential for achieving qualitative results. When designing our solutions, we follow WCAG 2.1 guidelines to offer access to as many people as possible, including patients with disabilities, impairments or the ones with less experience in technology.
• Wellbeing:

  Wellbeing

  The Parsek board is committed to ensuring the wellbeing of our staff is fundamental to the way we work. Staff are encourage to propose ways of working that best suit their lifestyles and we offer wellbeing programmes such as healthy eating, exercise and encouraging outside interests. ; ; Our biggest impact is on the wellbeing of that cohort whose wellbeing is vitally important: patients undergoing treatment, recovery and long term care. Our solutions help these patients by involving them in their treatment and care programmes and by proving a means for remote support by healthcare professionals. This collaborative multidisciplinary approach has resulted in a 35% increase in the quality-of-life score, due to continuous support, improved communication and remote surveillance options.; ; Patients in recovery and care programmes can be fully empowered with the patient application, which enables them access to all medical data and important health-related information on their preferred device. They can easily let their care teams know how they feel by filling in digital forms (HNA, EPIC...) from the comfort of their home, they can be reminded to not miss appointments or other activities within their proposed care plan. Above all, they can get in touch with their care teams when they need them and they do not have to have disruption to their lives, with hospital visits if they are not necessary.

Pricing

• Price: £6.70 to £96.40 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gasper.cehovin@parsek.com. Tell them what format you need. It will help if you say what assistive technology you use.