promatica digital

Promatica Digital Web Tracker

Supporting the pharmacy workforce and workflow within NHS organisations. The only complete system for monitoring the flow of medicines, prescriptions and, in the case of home delivery, the ordering of medicines.

Provides an electronic tracking solution for all prescription activity from General Pharmacy, Pharmaceutical Manufacturing, Controlled Drugs to Homecare.

Features

• Complete closed loop prescription and medicines tracking
• Track the flow and location of medicines in detail
• Controlled Drugs ordering, tracking and auditing
• Aseptics ordering and tracking
• Real time dashboards to enable "at a glance" workflows
• Detailed reporting, logging and auditing
• Visibility of porter and bag assignments
• Secure browser based application, on any device
• Support for both HSCN and Secure Cloud Hosting
• Active Directory integration

Benefits

• Eliminates 90% of medicine queries from and within the ward
• Faster, real-time access to workflow and medicines location information
• More flexible, multiple device access via secure browser
• Analytics dashboard for data interpretation and quality improvements
• Improving information exchange
• Enables mobile working via secure browser
• Secure Cloud hosted means faster time to value

£3,000 to £120,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@promaticadigital.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

177504884283446

Contact

Alex Buckland
07974 651 358
contact@promaticadigital.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No
• System requirements: Software licensing

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This will depend upon the SLA and type of question. Typically 24 hours excluding weekends.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Assistive technology users can dictate using their operating system features into the chat support.
• Onsite support: Yes, at extra cost
• Support levels: First line basic support and filtering.; Second line technical support as required.; Escalation to senior or director level depending on severity and impact.; All included at no extra cost.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide user guides and additional materials for super-users with technical help support as required.; We can provide online train the trainer training and onsite go-live support.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: A copy of the database will be provided but customers may extract data directly from the database or via a cvs file at any time.
• End-of-contract process: This may vary by contract but generally decommissioning is an additional cost.; Any data transformations will be an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile restricted to essential features.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Access via browser login
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: None to date
• API: Yes
• What users can and can't do using the API: Partial API, including but limited to ADFS; Enables central user management via Active Directory for joiners, access control, and leavers
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We can modify workflow to meet customer requirements. Dashboards, reports and analytics can be user-configured by users with admin permissions. ; Some priority colours and warning time limits or target times can be customised to the services requirements

Scaling

• Independence of resources: The application either sits on the customer’s own IT system and is not impacted by the demands of other customers, or sits on our secure cloud infrastructure which is constantly monitored and can auto scale to stay above demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of users registered, the usage of the application, size of files to date, activity relating to areas of use and the number of transactions done. Compliance levels to closed loop system.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: We do not hold data
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is not required as all reports are provided online through the platform. Bespoke arrangements can also be made if required.
• Data export formats:
  • CSV
  • ODF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Data either remains within the customer’s network and is not transferred to Promatica Digital Ltd, or is transferred via Secure TLS 1.2 or above
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Guaranteed by the cloud service provider - typically 99.8%
• Approach to resilience: Data is held by our customers so resilience is their responsibility. Where cloud hosting is taken up the hosting service will provide this information on request.
• Outage reporting: If hosted on our cloud, email alerts. If hosted by customer this is a customer responsibility as they host the application and hold the data. If support is required it can be requested by email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: This is the responsibility of our customers. NHS bodies generally use two factor authentication and with our optional Active Directory integration, we adopt the same principles as the customer policy.
• Access restrictions in management interfaces and support channels: Management does not have access to data. Support staff may only access the application and data when supervised by customer staff.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Security & Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: CyberEssentials Plus and DSPT
• Information security policies and processes: Promatica Digital Ltd has an Information Security policy and a Data Protection policy. We apply the principle of least privilege (PoLP) and on occasion our technical staff may need to access to the application to provide support. When this occurs they are closely monitored by a senior manager and by customer staff.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The service is tested internally and again in customer UAT before deployment. Both clinical and security checks ocurr on an ongoing basis during development. Pen testing will be undertaken annually. Service changes will be thoroughly tested before deployment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats and issues are identified by the supplier, customers, or annual pen testing. They are assessed based on risk, frequency, and technical competency. If any ‘gap’ is highlighted we will respond to high-risk issues within 24 hours. We get our information from OWASP about web application security
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Issues are identified by the supplier or our customers and we will respond to high-risk issues within 24 hours. At a minimum, weekly checks of logs are in place.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have adopted the NHS incident management processes and incidents would be reported via the reporting tool associated with the DS&P Toolkit. Where we are working with local health economies that have their own preferred arrangements we will adopt those too.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: Health and Social Care Network (HSCN) is supported, not required

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  At the heart of Promatica Digital ltd our mission is to improve health and wellbeing for UK Citizens through all the products we supply across Social Care, Clinical Research Support, Primary, Community, Care Home and Secondary Care. Improved community integration comes by engaging with decision-makers, staff, users, and patients throughout our product development process to ensure we're building inclusively and equitably.

Pricing

• Price: £3,000 to £120,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Limited to 3 months and can include full access to modules to ensure customer satisfaction and to gather feedback

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@promaticadigital.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.