Blueteq Ltd

Incident Management System

The Incident Management System allows users to manage multiple commissioner services such Patient Advice Liaison (PALS), Complaints, Serious Untoward Incidents, Safeguarding, GP Clinical Feedback, Risk, MP Questions, and other process driven services.


  • Take control of the practice drug stock levels
  • Track drug batches across multiple sites and locations.
  • Can cover other stock items if required.
  • Record stock levels using via the scanning app.
  • Record and check in deliveries
  • Record all stock adjustments by Doctors/Nurses quickly via scanning app
  • Keep a complete audit trail of the process
  • Customised reporting tools available
  • Planned integration with GP Systems/Surgery Network
  • All hosting and back up routines taken care of


  • Scanning app saves time when recording stocklevels.
  • Drug check out takes seconds.
  • Instant warning of low stock levels/expired stock.
  • End of year stock value report for accounts.
  • FP34 report ensures that no claimable drug is missed.
  • Supplier invoices can be easily matched against deliveries
  • Manage your practice drugs budget effectively


£600.00 a person a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 8 7 2 8 7 9 3 6 1 5 9 3 8 0


Blueteq Ltd Graham Simmonds
Telephone: 02392 413057

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
This web based software will run on a variety of web browsers without the installation of specialist software or configuration changes.
System requirements
  • Internet Explorer Version 7 - 11 or Chrome installed
  • Minimum 1Mbs synchronous Internet connection
  • Acrobat Reader for reading documents (Optional)
  • MS Office for opening Word/Excel documents (Optional)

User support

Email or online ticketing support
Email or online ticketing
Support response times
All tickets are responded to within 4 hours
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Onsite support
Support levels
We provide a single level of support across all of our clients and systems. A Lead Project Manager is assigned to all new system implementations and he/she will remain the key contact until the system is handed over to the Practice.
Support available to third parties

Onboarding and offboarding

Getting started
We provide as much onsite and "webex" training as the client requires.
We aim to meet all of our clients for review meetings annually as more often if required.
All our systems are provided with user documentation.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
When the date of termination is reached, we will securely provide an encrypted SQL Server back up file that includes all data, images and documents saved within the system.
End-of-contract process
On termination of the contract, we will arrange for the secure return of all data as a SQL Server back up. There will be an additional cost if the client requires the data supplied in other formats.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Service interface
User support accessibility
None or don’t know
Customisation available
Description of customisation
Any aspect of the system and its configuration. We use our ticket system for users to request changes. We always advise that a key contact is assigned to manage changes within the system.


Independence of resources
We use a virtual server network where we will add hardware to the network to maintain satisfactory performance levels.


Service usage metrics
Metrics types
Upon request
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users are able to export data into an Excel format within the system.
We can also supply a web service that will allow the export of data into data warehouses at no additional cost.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We guarantee a 99% availability for access to our systems. All programmed maintenance is carried out outside of business hours and the client is informed of these outages in advance.
We would refund a pro-rata amount based on the outage time up to the amount of the monthly support charge.
Approach to resilience
- Availability of multiple connections with re-routing capability to other data centre sites.
- UPS and 7 day generator back up.
- Virtual server network allowing for the transfer of system images from one hardware configuration to another.
Outage reporting
Email alerts and login messages.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
All of our management interface and support channels are maintained on a private network with external access via IPSec VPN to named users.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
Data Security and Protection Toolkit 2020

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
NHS Information Governance Toolkit Assessment V13.
Information security policies and processes
All incidents relating to the security policies and processes are reported to the Information Governance Lead who is the Managing Director.
The following policies are available upon request:-
- Information Governance Policy
- Information Risk Management Policy
- Information Security Policy
- Information Security Incident Handling Procedure
- Network Security Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All change management requests are recorded and tracked through our on-line ticket management system. Continuous internal assessment of the security impact of all changes applied to our systems. Regular external assessment of changes are carried out by a third party CHECK accredited Security Consultancy.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular monitoring of logs - firewalls, web and database services.
Weekend application of patches to all servers
Emergency security patch application overnight.
Security threat notifications received from NCSC website, Operating and application system websites. Symantec and McAfee.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Daily monitoring of logs - firewalls, web and database applications.
Unauthorised access attempts notifications from systems.
The response is determined by the nature of the compromise. Any security incident will be handled in the process laid out in our Information Security Incident Handling Procedure.
Incident management type
Supplier-defined controls
Incident management approach
We follow the procedure laid out in our Information Security Incident Handling Procedure (available upon request).

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

We provide free electric car charging to our staff. This is powered by a large solar array and supplemented by a battery storage system. Our offices remain largely off grid.
Covid-19 recovery

Covid-19 recovery

We have worked with NHS England to provide data to aid them monitor effective Covid treatments.
Equal opportunity

Equal opportunity

We employ both men and women and sponsor foreign nationals to be able to live and work with us. Over 60% of our workforce are from overseas.


£600.00 a person a year
Discount for educational organisations
Free trial available
Description of free trial
One month free trial - includes everything except scanning hardware

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.