Skip to main content

Help us improve the Digital Marketplace - send your feedback

CEMPLICITY UK LIMITED

Transurethral Resection of the Prostate (TURP) AUA-PSS PROM Programme

This service is designed to give you the ability to capture outcome measures for cataracts using the TURP AUA-PSS PROM question set.

Features

  • Capture patient outcomes using the TURP AUA-PSS question set
  • Alert clinicians when patients experience clinically significant deterioration.
  • Action Register for easy management of patients needing follow-up.
  • Tight data governance protocols to tailor data access to users.
  • Interoperable with any electronic health record system.
  • Digital-first surveying, optimised for your service.
  • Strategies to optimise response rates when patients are at home.

Benefits

  • Track patients from pre consultation through to outcome.
  • System wide views of outcomes from the patients perspective.
  • Clinician patient views of their health state - enable SDM.
  • TURP AUA-PSS licensing help.
  • Identify variation in outcomes across different services and clinics.
  • TURP PROM full service plug and play
  • Fully automated, remove burden from your clinical teams

Pricing

£7,000 a licence a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cemplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 4 7 6 7 2 5 5 3 9 9 1 1 0 1

Contact

CEMPLICITY UK LIMITED Cemplicity UK
Telephone: 07572989210
Email: hello@cemplicity.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The Cemplicity Platform is available 24/7. Maintenance for software updates do not affect users accessing the system.

Cemplicity is accessed via a browser. The latest versions of all mainstream desktop and mobile browsers are supported including Internet Explorer, Chrome, Firefox, Safari and Edge.
System requirements
  • A recent version of one of a mainstream browsers
  • Supported browsers: Edge, Firefox, Chrome, Safari, IE, Opera
  • Cookies required for session information

User support

Email or online ticketing support
Email or online ticketing
Support response times
With a 24 hour team at our disposal we will respond to all tickets within two hours Monday-Friday. A reduced team will still be monitoring the support centre on weekends, but responses will be mainly reserved for emergencies
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
We have a 24 hour support team available Monday to Friday, and for emergencies on weekends.
Our comprehensive support programme is available to all clients irrespective of the cost of the programme.
We also have a dedicated technical account manager and engineer available for additional support when required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Each client works with a dedicated account manager, who project manages each implementation and then works with the client as their primary contact. This ensures continuity from the first stages of programme design through the ongoing optimisation of the programme.

After gathering and documenting client requirements, we provide all necessary guidance and documentation to set programmes up, to the agreed timetable.

On launch, we provide online training to the client project managers and frontline staff. This is included in the implementation fee.

Post implementation, we have a Customer Success function that monitors client use of the Cemplicity system, and who deliver in-portal 'tips and tricks' to help staff get the most from the patient feedback.

Customer Success also host ongoing webinars and training through the contract period to cater for staff changes and opportunities for improvement.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
On the request of the client, Cemplicity provides the requested data set as a .csv file.

Alternatively, clients can request that all data is destroyed rather than returned.
End-of-contract process
The provision of a complete dataset as a .csv file or the destruction of data is included in the price of the contract.

If the buyer wants additional engineering, data or management services to support a transition to a new supplier, this is quoted on an hourly rate, as shown in the Pricing document.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Both our survey platform and our reporting portal have been optimised for mobile and desktop.
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
Users access dashboards, charts and other components of the Cemplicity platform via a web browser. Access to reporting and data is configured to user permissions. Any access of the system requires user name and password authentication.

For digital surveying, respondents access surveys from a link via SMS, email, or QR code. We also facilitate surveying via paper surveys or phone surveys (through third parties).
Accessibility standards
WCAG 2.1 A
Accessibility testing
Clients have not yet asked us to work with assistive technologies.
API
Yes
What users can and can't do using the API
APIs are available as one option.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
Account Management:
Each client has a dedicated account manager, to ensure they have a single point of contact for all Cemplicity matters. We actively monitor our account management resource to ensure each client has excellent levels of support.

System Performance:
System performance is actively monitored to ensure the speed of page loading and reporting is sub-second. Our distributed, managed hosting environment and agile development processes ensure the efficient performance of the system under load.

Analytics

Service usage metrics
Yes
Metrics types
Within the reporting portal, we report live survey response rates by mode. These can be filtered and analysed by patient demographics, location and service.

Cemplicity also monitors user engagement with the portal (log ins) and reports these statistics to clients via their account manager. Where we see low user engagement, we implement corrective action such as webinars and in-portal prompts.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
Other data at rest protection approach
All data at rest is encrypted using at least AES-256.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users with the appropriate permissions can export data directly via our platform in a range formats including raw data (Excel or txt document). This can be done on a scheduled, automated basis, if clients are not accessing data through the API.

Most users do not export the raw data as the reporting platform is designed to present results in a simple and intuitive way for frontline healthcare teams. The platform also has numerous features to maintain patient privacy and data security.

Charts can exported as an image or PDF document.
Data export formats
  • CSV
  • Other
Other data export formats
  • Txt
  • Excel
  • .pdf
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
For all sensitive or personal data SFTP must be used for file transfers.

Cemplicity is ISO 27001 certified and data protection is both a function of our transfer processes, and our personnel training and overall information governance protocols.
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Shown below is our SLA. For interest, in the past month our availability has been 99.992%. Refunds will be governed by the G-Cloud legal agreements.

1. Service Level of 90% i.e. only one incident in ten may not be resolved within the allocated time frames below.

Priority Levels

P1: Stops a critical application working for all its users or a critical function is not working or poses a significant financial/credibility risk. e.g., Live surveys cannot be responded to, or an incorrect survey is being sent out.

P2: Stops a critical application working for more than 50% of its users or significantly impacts critical functions of an application. e.g., Reporting is unavailable.

P3: Stops part of an application working for less than 50% of its users or makes it necessary to use workarounds. e.g., Unable to import new survey data into reporting dashboard, administrator cannot do their usual functions etc.

P4: Stops part of an application working or prevents internal users from performing some of their role e.g., link to FAQs from survey email not working.

P5: Nonurgent issue. An issue that has minimal impact on the business.
e.g., reports unable to be exported to printable versions (PDF)
Approach to resilience
The Cemplicity platform is hosted on AWS infrastructure. Components are a mixture of virtual machines and containers.

Containerised components are deployed in clusters using the AWS Elastic Container Service (ECS) where each instance can be restarted or upgraded in isolation with no downtime.

Containers are continuously monitored: if any container enters a failure state or peformance drops below acceptable thresholds, it is automatically removed and replaced.

Virtual machines are similarly configured. If required, virtual machines can be restarted or replaced with minimal downtime.

In both cases horizontal scalability is possible by starting multiple instances of the same VM/container.
Outage reporting
Outages are reported through our support desk and public page on our website. Customers may also choose to be alerted via email from their account manager or Intercom.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Our support teams have access to internal management tools. These tools are can only be access by authenticated internal users who have been assigned the appropriate roles.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register
ISO/IEC 27001 accreditation date
13/1/2022
What the ISO/IEC 27001 doesn’t cover
All ISO27001 Controls were covered in the certification and included in our statement of applicability.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
DTAC

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Cemplicity actively adheres to the ISO27001:2013 standard, using a industry best-standard online information security management system (ISMS). This system includes multiple tools to track information management controls.

DTAC and DCB0129

All controls within ISO27001:2013 are within scope for our organisation and were included in the statement of applicability for ISO27001 certification.

These include;
- Information Security Policies
- Organisation of Information Security
- Human Resources Security
- Asset Management
- Access Control
- Cryptography
- Physical and Environmental Security
- Operations Security
- Communications Security
- System Acquisition
- Supplier (and other important) Relationships
- Information Security Incident Management
- Information Security Aspects of Business Continuity Management
- Compliance.

An ISMS Board has been established to enforce these policies. With the designated CISO overseeing day to day operations and the CIRO assuming overall responsibility for the operation and risk within the ISMS.

Regular audits are undertaken as part of the operation of the ISMS. This includes reporting to the board on a bi-monthly basis.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Any work that would result in a change in either configuration or code is logged and tracked in Azure DevOps.

All code and configuration changes are stored in GitHub.

All software and configuration changes are peer-reviewed and subject to internal testing (both automated and manual) before release.

The potential security impact is assessed and reviewed during design, build and test phases. A third-party security review may be initiated if significant risk is expected.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
The TISO must keep up to date with news on general vulnerabilities and vulnerabilities that relate to the software services being delivered and other relevant services. Periodic vulnerability scans and penetration tests are carried out to look for any vulnerabilities not previously identified. We also use special interest groups.

When a vulnerability arises the CISO will update the risk treatment plan for the ISMS. The CISO and TISO will decide if the risk requires treatment, and based on the level of risk the timeframes for treatment.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our APM and other production system monitoring tools can indicate potential compromises.
Versions of all third--party libraries are automatically checked and upgrades recommended as part of our development process.
All incidents are immediately triaged and the impact assessed. Critical issues are fixed immediately. Less severe issues may be scheduled in the next code release. As we maintain a continuous deployment approach, this is still very quick and is usually as soon as hours or days after first discovery.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Our incident management approach is outlined in A.16 of our Policies and Controls as part of our ISMS following the ISO27001:2013 standard. The procedures for incident response planning are defined in advance of an incident occurring and have been agreed by the ISMS Board.

Through security and awareness training staff understand what constitutes an incident and they must inform a member of the ISMS board of any incident they encounter.

These are logged in a Security Incident Management Tracker which guides an incident through the same structured approach, producing a report at completion.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Tackling economic inequality

Many clients incorporate a triage or risk rating step at the beginning of programmes to identify patients of high risk of a poor outcome. This includes us mapping patient postcode to the Indice of Multiple Deprivation in real time, so survey results can be used to signpost patients to the appropriate service or care intervention.

We also capture data from patients that may not be recorded in patient management systems such as ethnicity or co-morbidities, which can be instrumental in developing equity strategies.

Equal opportunity

All patients are given the chance to take part in the PROM.

Wellbeing

Over 80% of the health state of any individual is thought to be non-clinical. We aim, with our programmes, to provide intelligence from the patient's point of view to increase this level of wellbeing and enable better outcomes for all.

Pricing

Price
£7,000 a licence a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cemplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.