FUTURE PERFECT (HEALTHCARE) LIMITED

Clinical Decision Support (Cambio CDS)

Cambio's Open Standards Clinical Decision Support (CDS) Platform. Integrates seamlessly with any underlying Electronic Health Record (EHR) system via the Panacea Digital Innovation Platform. Supports development of CDS applications independently from the EHR supplier. Access to growing international library of CDS apps.

Features

• Analyses healthcare data at the point of care.
• Delivers timely, accurate, guideline-based, and personalised recommendations.
• Based on open-source healthcare data standards.
• Expresses rules and logic derived from evidence-based clinical practice guidelines.
• Uses standardised terminologies and classification systems for coding clinical concepts.
• Vendor neutral. Can be integrated with any patient record system.
• Can be invoked on-demand or by automated alert-driven functionality.
• Web-based plug-in with a GUI or as a background service.
• Integrates with the clinical workflow process via Panacea.
• Model driven development means faster new iterations and maintenance.

Benefits

• Improves patient safety and healthcare quality.
• Personalises healthcare, can be tailored to individuals or population groups.
• Reduces time taken for implementing research results in clinical practice.
• Promotes uniformity of care and equity in healthcare provision.
• Simplifies clinical documentation.
• Facilitates patient data exchange.
• A convenient platform for collecting patient-reported outcomes.
• Delivers new knowledge in a timely manner.
• Helps automate repetitive clicks and administrative steps in clinical workflows.
• Saves cost.

£11,520 to £135,000 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robin.stern@future-perfect.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

220860448930717

Contact

Robin Stern, Director
07785 375700
robin.stern@future-perfect.co

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: See Panacea Digital Innovation Platform
• Cloud deployment model: Hybrid cloud
• Service constraints: None
• System requirements: Panacea Digital Innovation Platform

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard: 9 to 5 (UK time) Monday to Friday; Out-of-Hours available on request.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Internal testing.
• Onsite support: Yes, at extra cost
• Support levels: See Service Definition Document.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation and online training is provided as standard.; On-site training and floorwalking can be provided. See SFIA rate card.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: A data off-boarding service is included.
• End-of-contract process: An agreed exit plan will be included in any contract with a customer, and Future Perfect would comply fully with the requirements as set out for contract exit in the contract. The exit plan will contain all the detail necessary to affect a smooth and orderly termination of the services and hand-over to the customer or a new service provider. As such the deliverables and activities that would typically form part of an exit and handover include the obligations of each party, applicable schedule and timescales and the approach to data migration.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The user interface uses a responsive web design approach meaning it can be used on a range of device form factors, ranging from tablets to desktops. Minimum browser window sizes apply.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: User support portal.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have not performed any web chat testing with assistive technology users.
• API: Yes
• What users can and can't do using the API: The APIs' capabilities are principally designed to allow the exchange of data using standards such as openEHR, HL7v2, FHIR and CDS Hooks. Future Perfect has a number of interfaces and API's developed and is able to create specific solutions against clients' requirements
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Data interfaces for retrieving and persisting data. User Interface.; Customisation by Future Perfect. See SFIA rate card.

Scaling

• Independence of resources: Performance monitoring included.; Additional storage and compute resources can be quickly scaled using Rackspace Government Cloud secure hosting option.

Analytics

• Service usage metrics: Yes
• Metrics types: • Users; • Patient records; • Transactions; • Storage utilisation; • Compute utilisation
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Any
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • OpenEHR
  • HL7 all versions
  • FHIR
  • Custom
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • OpenEHR
  • HL7 all versions
  • FHIR
  • Custom
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Architecture is designed for continuous operation.; Planned maintenance episodes are minimised as much as possible and are only required in exceptional circumstances – non-disruptive approaches to software release, patching, database maintenance are used to maximise the availability of the solution.
• Approach to resilience: Available on request.
• Outage reporting: • Dashboard; • Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is controlled via Multi-Factor Authentication for the background cloud infrastructure and by username and password from whitelisted IP addresses for the web administration portal.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certified by Citation ISO Certification Limited, accredited by ASCB
• ISO/IEC 27001 accreditation date: 08/07/2020
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Security by Design

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ITIL & Azure DevOps
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: See Rackspace Government Cloud on Azure.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: See Rackspace Government Cloud on Azure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Conforms to ITIL and ISO20000

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Future Perfect recognises the importance of environmental protection and is proud to be an exemplar company in this regard. We have an Environmental Policy and we strive to live by it.; ; Virtually all customer meetings are held using MS Teams, rather than face to face. We find this to be considerably more efficient for both parties, as well as removing what had been excessive car-driving all over the country. When on-site working is unavoidable, we encourage the use of public transport or car-share. ; ; Future Perfect is fast-growing and not all internal team-building and skills acquisition can be done from home via Microsoft Teams. However, we will resist acquiring or renting central offices and will rely instead on ad-hoc office hire for very specific activities. ; ; It is difficult to conceive of any obvious means to measure the metric of “car miles saved”, although the principal officers of the company are fully familiar with what our industry did typically in driving often large distances most days. Our estimate for this purpose would, in the past, have been an average of at least 600 miles per week per WTE. In our published Carbon Reduction Plan, we estimate all work-generated car or public transport travel to be less than 90 miles per month per WTE. This represents a cut of 96%.; ; To make this an accountable commitment, we require all staff to maintain records of all work-related travel, recording whether this was by car or public transport (this is needed for their expense claims, anyway). These figures will be used in our CRP assessment and will allow our Board to add travel monitoring to evidence our Environmental Policy.

  Tackling economic inequality

  Future Perfect is proposing to motivate and then, support pupils pursuing their careers. Our idea is to start with career talks about the digital health technology industry and then to work with those pupils interested in digital healthcare technology. We would also seek to involve contributors from our NHS customer organisations.; ; At the high ability end, this could involve our Data Science team members introducing pupils to AI programming. In the health context, this will include raising awareness of ethical issues of using AI in healthcare. ; ; At the opposite end we can, for example, work with pupils to become more aware “healthcare consumers”, e.g. able to use online patients’ booking systems, or have ability to undertake simple research into their healthcare needs or those of a friend or family member. ; ; With both of these examples, we will create opportunity to co-imagine with pupils what healthcare jobs of the future might look like and what skills these might need. For those moving onto further education, these discussions should not only inform and better prepare them for making their initial steps and choices; it should also make them more convincingly fluent and knowledgeable in interviews.; ; We propose a metric related to our contract earnings earned from any contract we acquire through this GCloud framework – 1% of our average annual recurrent revenue of £136,000 pa per contract. Our average staff cost on an hourly basis is £44, meaning that we would contribute 31 days per year, per contract.

  Equal opportunity

  Future Perfect (Healthcare) is an equal opportunities Company with a clearly defined policy that is Board-monitored. ; ; In 2023, we entered an agreement with Coding Black Females CIC, a not-for-profit company that helps black women into software engineering jobs. We have already made one hire from Coding Black Females (UX/UI Designer). Winning new contracts under GCloud will require us to accelerate recruitment, with permanent as well as contract-temporary positions. ; ; Working with Coding Black Females, we offer specialist training in the software skills required in the health sector, due to the sector-specific requirements of open standards and ethical AI applications development. We are already intending to recruit four staff to our Data Science and Clinical Modelling team, requiring skills ranging from Lo-Code Decision Support coders, through to advanced data scientists. ; ; We have created a pipeline of potential recruits for Coding Black Females and we will offer them prior access. As a metric, we aim to recruit a third of our coder-level workforce via Coding Black Females, subject to required high quality of these potential recruits.

  Wellbeing

  The essence of our health and care services and products concern health and care, improvements of which are fundamental to wellbeing. ; ; • Our mission is to save and improve people’s lives through better prediction, prevention, diagnosis and treatment of illness and disease.; ; • Our means of doing this are to integrate patient data across institutions to enable shared care (far faster and at far lower cost than hitherto), accelerate access to innovating digital health technologies (especially Genomics and AI), above all, by committing to open standards and vendor neutrality in all we do.; ; The difference we make is the democratising of healthcare, starting from democratising the data and information of healthcare, using technology to invite, welcome and utilise people's input to their own needs that gets factored into decisions made together with care professionals. Most IT systems bought until now have been highly proprietary, from which extracting people’s data is made difficult and extremely costly. Our own platform is open standards-based, into which we extract data, rendering it directly usable by (and on behalf of) people who are the subjects of that data.; ; As an additional contribution linking our added social value to our commercial propositions, we will offer assistance to all GCloud contract customers in their own change management programmes for implementing our services, helping them assure real benefit to people, for their respective local health and wellbeing priorities. We will make this offer without charge, to 100% of all GCloud customers with whom we will have agreed contracts of 3 years duration.

Pricing

• Price: £11,520 to £135,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robin.stern@future-perfect.co. Tell them what format you need. It will help if you say what assistive technology you use.