Skip to main content

Help us improve the Digital Marketplace - send your feedback

SynApps Solutions Limited

Lung Screening In the Cloud

The Veolity Lung Screening Cloud Solution provides efficient and effective reading of chest CT scans in lung cancer diagnostics.
Veolity improves diagnostic quality while being intuitive to use and easily integrated into existing IT infrastructure. Radiologists benefit from automatic features while retaining complete control of their diagnostic process.

Features

  • Efficient workflow with background case preparation
  • Automatic follow-up comparison
  • Automatic nodule segmentation for all nodule types
  • Automatic volume measurement of lung nodules
  • Fully integrated computer-aided detection (CAD) for solid pulmonary nodules
  • Internet enabled connectivity providing secure VPN integrated access with PACS/VNA
  • Managed private cloud infrastructure with secure VPN connectivity
  • ISO 27001 2013 accredited application support services

Benefits

  • Optimized reading workflow for lung cancer screening programs
  • Reduces chest CT reading times
  • Improves diagnostic quality
  • Facilitates temporal nodule comparison/management
  • Supports current and integrates future reporting guidelines
  • Integrates into clinical network infrastructure, including PACS/VNA

Pricing

£4.50 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james.paton@synapps-solutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 3 2 5 1 1 3 4 6 4 1 5 1 3 8

Contact

SynApps Solutions Limited James Paton
Telephone: +44 (0)8702 405143
Email: james.paton@synapps-solutions.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Support availability 9.00am - 5.30pm. Mondays - Fridays excluding UK Bank Holidays as standard.
System requirements
  • Windows 10 or later, Mac, Chromebook or Linux computer
  • Dual Monitors recommended
  • 1920 x 1080 pixels or higher screen resolution
  • Google Chrome, Mozilla Firefox, Safari, Microsoft Edge Browsers supported
  • >50 Mbps network bandwidth recommended

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times are up to 1 hour depending on the service level, responses are during normal working hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
SynApps Solutions standard support includes Service Managers, Infrastructure Engineers, and Application Support Engineers operated out of our Hatfield support office. We aim to assess and respond to ALL Priority 1 incidents within 1 hour when raised during the normal business hours of 09:00-17:30, excluding Bank Holidays and Weekends. Please see our service definition document for a complete breakdown of our service levels.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All new customers are assigned a Project Manager that will provide planning, proactive support and advice for the initial onboarding of the service. This will lay out timelines and procedures for the enablement of the platform for the customer. During this period the Project Manager will be responsible for engaging the assigned Service Manager to the customer and preparation of key service documentation. Additional services may be explored as required to engage additional training or configuration tweaks to the service.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The customers existing PACS or VNA continues to act as the long term archive for patient data. This Veolity solution essentially holds data while it is ongoing reading by CAD or report finalisation by a Radiologist. As such no end of contract migration issues arise.
End-of-contract process
We will also return any confidential information, unless there is a legal requirement that we keep it.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Yes
Compatible operating systems
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Our Veolity platform provides a Dicom interface allowing customers to push Lung CTs to the platform for reading by Veolity's CAD Algorithm. Conversely Signed off reports can be pushed back to a PACS/VNA platform using the same Dicom interface. Optionally a structured XML can be sent to a RESTful endpoint configurable by the customer. (eg. on an Integration engine)
Accessibility standards
None or don’t know
Description of accessibility
The Dicom interface is accessible over the secure VPN or optionally HSCN connection allowing Lung chest CTs in Dicom format to be submitted.
Accessibility testing
This service interface is specific to the submission of studies from a customers PACS or VNA platform. We have tested this interface with many PACS systems.
API
No
Customisation available
No

Scaling

Independence of resources
Resources provided for the service are provisioned on uncontended hardware.

Analytics

Service usage metrics
Yes
Metrics types
We can provide platform performance reports in the form of Network throughput, CPU & Memory Usage * Storage use.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Mevis

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Other
Other data at rest protection approach
Physical access controls are managed by our hosting partner.
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Finalised/Signed off reports of each study are automatically sent to PACS/VNA. User may optionally export a report in PDF or RTF format from the reporting screen if required.
Data export formats
Other
Other data export formats
  • PDF
  • RTF
  • XML (Optional)
  • Dicom
Data import formats
Other
Other data import formats
Dicom

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.90%
Approach to resilience
Data centre provides power, network and hardware resilience to eliminate many single points of failure.
Outage reporting
All outages will be reported via email notifications service. Outages are identified as Planned maintenance, Emergency maintenance, and platform issues. In addition, the designated Service Manager will proactively contact customers as appropriate.

Identity and authentication

User authentication needed
Yes
User authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Access to Management interfaces and support channels is based on restricted access via named user account
Access restriction testing frequency
At least once a year
Management access authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
Latest Revision Date: 22/05/2023 - First Registered in 12/06/2014
What the ISO/IEC 27001 doesn’t cover
The whole organisation has been included in the certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • CyberEssentials Plus
  • DSP Toolkit

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
As part of ISO 27001 certification we maintain a formal Information Security Management System, under which we maintain our Information Security Policy. The information security policy approval is conducted as part of the quarterly management review meetings which is driven by at least two directors and the Security and Compliance Manager. Our Information Security Policies are subjected to a regular internal audit for which we have a pre-defined schedule of areas of the ISMS (ISO 27001) which are to be audited. The schedule ensures that all areas of the ISMS Scope are audited at least annually and, in some areas, twice a year. This is to ensure that appropriate adoption of the policy is monitored within the organisation. The auditor may be an individual within the organisation appointed to audit a specific area of the business.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
SynApps Solutions has documented configuration and change management policies and processes, which have been implemented, maintained and assessed in accordance with best practise with ITIL and in-line with the change control procedure defined in our ISMS as part of our ISO27001 accreditation. Formal configuration management activities, including record management and asset reporting, are monitored and validated constantly, and any identified discrepancies promptly escalated for investigation. Typically as part of the onboarding service where the customer has specific change control procedures then we will integrate with these.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
SynApps Solutions vulnerability management policy and process, which has been implemented, maintained and assessed in accordance with the guidance from the ISO27001 standards. SynApps Solutions receives regular updates where from the vendor suppliers, taking action where and when it is appropiate to the service. For other systems and software we monitor news letters published by our partners and reports published by industry standard news outlets to promptly identify and evaluate any emerging vulnerabilities which require our attention.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Following best practice from the National Cyber Security Centre, SynApps Solutions protects the proposed platform with enhanced protective monitoring services (SIEM). Protective Monitoring is pro-actively operated by our partner Falanx Assuria whose approach to protective monitoring continues to align with the Protective Monitoring Controls (PMC 1-12) outlined in CESG document GPG13 (Protective Monitoring for HMG ICT Systems). It includes checks on time sources, audit monitoring, boundary traffic where not covered by the data centre, suspicious activities, network connections amongst many others. All alerts are immediately notified to the SynApps Solutions infrastructure team for prompt investigation.
Incident management type
Supplier-defined controls
Incident management approach
SynApps Solutions has a documented incident management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL and ISO27001 standards. This activity is responsible for the progression of alerts generated by automated monitoring systems, issues identified by SynApps Solutions personnel, and incidents identified and reported to SynApps Solutions by its customers and partners. All incidents are promptly reported into a central ticketing system, which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

SynApps Solutions is committed to help fighting climate change in all aspects of how we do business. As part of our ISO14001 certifcation, our policies actively encourage the use of public transport and reduction in the requirement for employees to use cars. This includes cycle to work schemes, walking and electric transportation.

We look to offset the carbon emissions of all our solutions by with our management approach with regular monitoring and analysis of platform carbon emissions. This we look to offset by investing in a portfolio of verified carbon reduction projects in the UK and globally. ALl with the goal of achieving a carbon neutral company.

More details can be provided on request.

Tackling economic inequality

SynApps Solutions is commited to promoting employment, supporting individuals facing additional challenges in the labour market, delivering career mentoring and skills training, supporting local business and engaging with the community.

More details can be provided on request.

Equal opportunity

SynApps Solutions is a equal opportunities employer whilst as a SME we do not operate any targets for gender or ethnicity representation, we always ensure that every candidate is evaluated based on their skills and value they bring to delivery of services to our customers. As an ongoing basis we regularly conduct to gender pay gap analysis to ensure that all employees are paid based on their role and skill levels.

More details can be provided on request.

Wellbeing

The Company has put in place measures to prevent and manage risks to staff wellbeing, together with appropriate training and individual support. We seek to foster a mentally healthy culture by incorporating these principles into line manager training and running regular initiatives to raise awareness of mental health issues at work. Our wellbeing programme focuses on creating open dialogue around the 4 pillars of health.

More information can be provided on request.

Pricing

Price
£4.50 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james.paton@synapps-solutions.com. Tell them what format you need. It will help if you say what assistive technology you use.