Blueteq Ltd

Incident Management System

The Incident Management System allows users to manage multiple commissioner services such Patient Advice Liaison (PALS), Complaints, Serious Untoward Incidents, Safeguarding, GP Clinical Feedback, Risk, MP Questions, and other process driven services.

Features

  • Take control of the practice drug stock levels
  • Track drug batches across multiple sites and locations.
  • Can cover other stock items if required.
  • Record stock levels using via the scanning app.
  • Record and check in deliveries
  • Record all stock adjustments by Doctors/Nurses quickly via scanning app
  • Keep a complete audit trail of the process
  • Customised reporting tools available
  • Planned integration with GP Systems/Surgery Network
  • All hosting and back up routines taken care of

Benefits

  • Scanning app saves time when recording stocklevels.
  • Drug check out takes seconds.
  • Instant warning of low stock levels/expired stock.
  • End of year stock value report for accounts.
  • FP34 report ensures that no claimable drug is missed.
  • Supplier invoices can be easily matched against deliveries
  • Manage your practice drugs budget effectively

Pricing

£600.00 a person a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@blueteq.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

1 8 7 2 8 7 9 3 6 1 5 9 3 8 0

Contact

Blueteq Ltd Graham Simmonds
Telephone: 02392 413057
Email: info@blueteq.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
This web based software will run on a variety of web browsers without the installation of specialist software or configuration changes.
System requirements
  • Internet Explorer Version 7 - 11 or Chrome installed
  • Minimum 1Mbs synchronous Internet connection
  • Acrobat Reader for reading documents (Optional)
  • MS Office for opening Word/Excel documents (Optional)

User support

Email or online ticketing support
Email or online ticketing
Support response times
All tickets are responded to within 4 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
We provide a single level of support across all of our clients and systems. A Lead Project Manager is assigned to all new system implementations and he/she will remain the key contact until the system is handed over to the Practice.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide as much onsite and "webex" training as the client requires.
We aim to meet all of our clients for review meetings annually as more often if required.
All our systems are provided with user documentation.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
When the date of termination is reached, we will securely provide an encrypted SQL Server back up file that includes all data, images and documents saved within the system.
End-of-contract process
On termination of the contract, we will arrange for the secure return of all data as a SQL Server back up. There will be an additional cost if the client requires the data supplied in other formats.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
Yes
Description of customisation
Any aspect of the system and its configuration. We use our ticket system for users to request changes. We always advise that a key contact is assigned to manage changes within the system.

Scaling

Independence of resources
We use a virtual server network where we will add hardware to the network to maintain satisfactory performance levels.

Analytics

Service usage metrics
Yes
Metrics types
Upon request
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users are able to export data into an Excel format within the system.
We can also supply a web service that will allow the export of data into data warehouses at no additional cost.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We guarantee a 99% availability for access to our systems. All programmed maintenance is carried out outside of business hours and the client is informed of these outages in advance.
We would refund a pro-rata amount based on the outage time up to the amount of the monthly support charge.
Approach to resilience
- Availability of multiple connections with re-routing capability to other data centre sites.
- UPS and 7 day generator back up.
- Virtual server network allowing for the transfer of system images from one hardware configuration to another.
Outage reporting
Email alerts and login messages.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
All of our management interface and support channels are maintained on a private network with external access via IPSec VPN to named users.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
Data Security and Protection Toolkit 2020

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
NHS Information Governance Toolkit Assessment V13.
Information security policies and processes
All incidents relating to the security policies and processes are reported to the Information Governance Lead who is the Managing Director.
The following policies are available upon request:-
- Information Governance Policy
- Information Risk Management Policy
- Information Security Policy
- Information Security Incident Handling Procedure
- Network Security Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All change management requests are recorded and tracked through our on-line ticket management system. Continuous internal assessment of the security impact of all changes applied to our systems. Regular external assessment of changes are carried out by a third party CHECK accredited Security Consultancy.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular monitoring of logs - firewalls, web and database services.
Weekend application of patches to all servers
Emergency security patch application overnight.
Security threat notifications received from NCSC website, Operating and application system websites. Symantec and McAfee.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Daily monitoring of logs - firewalls, web and database applications.
Unauthorised access attempts notifications from systems.
The response is determined by the nature of the compromise. Any security incident will be handled in the process laid out in our Information Security Incident Handling Procedure.
Incident management type
Supplier-defined controls
Incident management approach
We follow the procedure laid out in our Information Security Incident Handling Procedure (available upon request).

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

We provide free electric car charging to our staff. This is powered by a large solar array and supplemented by a battery storage system. Our offices remain largely off grid.
Covid-19 recovery

Covid-19 recovery

We have worked with NHS England to provide data to aid them monitor effective Covid treatments.
Equal opportunity

Equal opportunity

We employ both men and women and sponsor foreign nationals to be able to live and work with us. Over 60% of our workforce are from overseas.

Pricing

Price
£600.00 a person a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
One month free trial - includes everything except scanning hardware

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@blueteq.com. Tell them what format you need. It will help if you say what assistive technology you use.