VIRTUALLY HEALTH SYSTEMS LTD.

Virtually

Cloud Service for GP practices and primary care networks to provide healthcare and communicate with their patients

Features

• Online consultation between patient and doctor
• Communication between patient and doctor
• Clinical triage of medical consultations
• Care planning
• Personal health organiser
• Activity reporting
• Demand and capacity planning for GP practices
• Webinar feature for patients
• Integration with EMIS (current) and TPP (June 2024)
• Integration with NHS Login and NHS App

Benefits

• Improved access to GP practice care
• Navigation workflows to "right clinican first time"
• Increases patient knowledge and confidence
• Raises patient satisfaction levels.
• Improves handling of non-clinical patient queries
• Increases patient choice.
• Enables better clinical supervision of non-medical clinicians
• Enables clinicians to gather data and clinical information
• Provides disease prevention and health improvement
• Enables clinicians to discuss cases in a secure platform.

£0.23 to £0.25 a user

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Milan.koya@nhs.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

235461738819328

Contact

Milan Koya
07917180768
Milan.koya@nhs.net

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Virtually provides technical and non-technical support which are set out fully in the Service Management Plan and the Non-technical support programme copies of which are available on request.; ; This includes:; ; Technical support; ; 1. Incident resolution based on severity and performance definitions. Updating of customer on progress of fix.; ; 2. Delivery of unplanned fixes requested by users; ; 3. Solution changes and system upgrades as agreed with NHS England.; ; Non-technical support; ; 4. Non-technical support; ; Practices can access the following types of non-technical support via the in-platform HelpDesk, telephone, and email.; ; 1. Support for GPs, practice nurses and clinicians to make best use of the Virtually solution.; ; 2. Practice Management and Staff Support; Support for practice managers and administrative Practice staff will be given by the Digital Enablement Team (DET) through an email request or booking a call-back.; ; 3. Patient adoption support including provision of informational materials.; ; 4. Change management support for GP practices wanting support with new ways of workong.; ; 5. Benefits realisation ; Support for practices to realise benefits of Virtually.; ; Technical Support hours are 8am – 8pm on weekdays and 8am – noon on weekends. 24/7 support is available at additional cost. ; ; Non-technical Support hours are 8am – 6pm on weekdays.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer a comprehensive on-boarding and training programme for GP practices and primary care networks which have been approved by NHS England.; ; This is done using the Train a trainer approrach.; ; This includes onsite in-person training, online training and extensive user guides in the User Knowledge Base.; ; GP practices receive the following patient adoption support:; - Banner and link on Practice's website.; - Flyer and patient user guide distribution at reception.; - Poster in waiting areas.; - Pre-recorded message on Practice telephone lines.; - Automated SMS text with a link to the Practice website when a patient calls the Practice.; - Clinician and staff recommendation during interventions with patients supported by a flyer.; - Through Practice’s PPG.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: An in-app Knlwledge Base
• End-of-contract data extraction: 1. All data is written back to the GP practice's core clinical system.; ; 2. Patients can download their Virtually record.
• End-of-contract process: We have an established off-boarding process details of which are available on request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile service is provided through a mobile app which is downloaded from the user's app store.; ; The web application is designed in a responsive way so the screen size adjusts to the user's mobile screen.; ; All fetaures and functionality avaialble on the desktop service are available on the mobile service.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Patients have a dashboard accessed by logging in with user name and password and multi-factor authentication. ; ; Patietnts request and receive care, advice and information through this dashboard.; ; Clinicians have a dashboard accessed by logging in with user name and password and multi-factor authentication. ; ; Clinicians provide care and communicate with patients through this dashboard.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Extensive interface testing done to WCAG 2.0 AA with patients of a GP practice who have communication needs. ; ; Outcome of testing can be provided on request.
• API: Yes
• What users can and can't do using the API: The API enables customers to excahnge data and information withg the solution. ; ; Not all features are offered through an API.; ; Details can be provided on request and discussion of use cases.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: GP practices can customise a number of aspects of the solution incliding clinical history questionnaires, forms for infortamation and data gathering, message templates and care navigation workflows.; ; This customisation is done through a Configuration panel.; ; Details can be provided on request.

Scaling

• Independence of resources: These measures are documented in Virtually's Service Management Plan which has been approved by NHSE and is available on request.; ; Please visit our pages on NHS Digital Buying Catalogue at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards

Analytics

• Service usage metrics: Yes
• Metrics types: 1. Activity data and other metrics required by NHSE.; ; 2. A copy of our reporting policy and dashboards are available on request.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Security measures in place on AWS.; ; Please visit our pages on NHS Digital Buying Catalogue at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: 1. All data is written back to the GP practice's core clinical system through iM1.; ; 2. Patients can download their record.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Word
  • PDF
• Data import formats: Other
• Other data import formats: None

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Through data encryption, use of iM1 and use of HSCN.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service availability is guaranteed at 99.9%.; ; SLA and refund policy is set out in Virtually's Service Management Plan which has been approved by NHSE and available on request.; ; Please visit our pages on NHS Digital Buying Catalogue at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards
• Approach to resilience: Available on request with a non-disclosure agreement.; ; NHS England have approved our data centre (AWS) set up.; ; Please visit our pages on NHS Digital Buying Catalogue at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards
• Outage reporting: Through email alerts to GP practices and telephone call to commissioners.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access policy. This is available on request.; ; This has been approved by NHS Digital under the Information Governance standard at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable Certification Ltd
• ISO/IEC 27001 accreditation date: 30/11/23
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: The full Information Governance and Data protection policy is available on request.; ; Our information governance and data security have been approved by NHS Digital. Please refer to information on our Information Governance under Overarching standards at the link below.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards; ; Our reporting structure is that our staff report to Data Protection Officer who reports to Head of Digital compliance who reports to Head of Information Governance who reports to the CEO.; ; Our policies cover:; ; Authentication - National Authentication ; ; Role Based Access Control (RBAC) ; ; Legitimate Relationships - information from other organisations for Active Service Users; ; Information Sharing across Organisations; ; Additional Privacy Controls ; ; Workstation access controls ; ; Data labelling; ; Provenance - The source of all clinical data is appropriately recorded and accessible; ; Data annotation, suppression and deletion - The accuracy of the Patient/Service User Record is maintained; ; Audit Logging - All system actions are recorded, and accessible, providing an important control against the mis-use of systems; ; Alerts - Alerting mechanism for the designated Privacy Officer; Information Security - Storage, testing, communications and network access controls; ; Subject Access Requests - Support responding to Subject Access Requests, providing data where required; ; General Data Protection Regulation (GDPR) - adherence to the regulation and support related processes

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change management is done through NHS England's change approval process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Information on potential threats is received from the High Severity alert team at NHSE. We rely on NHSE's assessment in conjunction with an internal assessment which involves the development team and Information Governance lead.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Compromises are identified by our Dev Op lead who manages our AWS servers.; ; Responses includes assessment, internal alerting, evaluation by Information Governance lead and external reporting to NHS England.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: This is set out in Virtually's Service Management Plan which has been approved by NHS England and available on request.; ; Information is available on our page on NHS Digital Buying Catalogue at this link.; ; https://buyingcatalogue.digital.nhs.uk/catalogue-solutions/10074-001/standards

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are familiar with assessing and managing the environmental impact of services and we are committed to reducing these. ; ; We fight climate change and ensure additional benefits for our area by encouraging our people to spend at least 2 hours a week on activities aimed at protecting and improving the environment. ; ; We pledge to work towards net zero greenhouse gas emissions and will achieve this by engaging with a diverse range of organisations to support the delivery of additional environmental benefits and collaborating with our supply chain to deliver additional environmental benefits. ; In summary, we seek to influence staff, suppliers, patients and communities to support environmental protection. We have planned activities to reconnect people with the environment by raising awareness of ways to protect and enhance it through training and education. We also aim to influence behaviour to reduce waste and use resources more efficiently and providing volunteering opportunities for the employees.

  Covid-19 recovery

  The COVID-19 pandemic has had a devastating impact on many people and organisations. We ensure employment, retraining and return to work opportunities for those left unemployed by COVID-19 and have developed and implemented recruitment practices and employment conditions to ensure fair pay, participation and progression. We have implemented resources to provide career advice in the form of mentoring, mock interviews, CV advice and careers guidance to our contract and temporary workforce. Post pandemic we have increased our full-time workforce by 15, and have prioritised those all of who had faced recruitment issues during the pandemic. Older people who were made redundant in and immediately after the pandemic have made up a significant proportion of new recruits. This has benefitted Virtually as well as these individuals bring experience and workplace resilience to what is otherwise a young workforce. We ensure we are responsive and adaptable to the results of community consultation and engagement. We are committed to the support of organisations and businesses recovering from the impacts of COVID-19 and where possible encourage new ways of working to deliver services. We have changed our procurement processes post pandemic to ensure we reach a diverse supplier audience with new and growing businesses. We have also invested in the physical and mental health and the wellbeing of our team, especially in the context of COVID-19. We also measure our staff’s physical and mental health and wellbeing engagement over time and adapt to any changes in the results. For example, the social isolation felt over pandemic has fostered a need for companionship and to that effect we now have regular staff outings and social events and have raised awareness around loneliness and isolation that our employees might be experiencing. Finally, we have implemented improved workplace conditions that support the COVID-19 recovery effort.

  Tackling economic inequality

  We tackle economic inequality in a number of ways.; We aim to encourage entrepreneurship, growth and business creation by growing the supplier diversity in our supply chain and in our community. We organise engagement activities for potential new suppliers prior to awarding contracts and advertise upcoming opportunities and meet the buyer events. We have structured our supply chain selection process in a way that encourages participation by new and growing businesses. ; We have modified our employment process by implementing recruitment practices and employment conditions to improve job satisfaction and enable us to attract and retain the talent we need. We ensure fair pay by improving transparency around payments, as well as changes to holiday pay reference periods. ; We have improved participation and progression to ensure everyone has the basic skills they need and has a realistic scope for development and fulfilment. We have focused on well-being, safety and security to ensure employees experience less workplace stress. ; We have also placed an emphasis on mental health. We support our team by providing careers advice, including mentoring, mock interviews and CV advice as well as opportunities for in-work progression and career development into known skills shortages or high-growth areas. We also offer opportunities for work experience or similar activities. ; Additional education and training is available to support educational attainment including training schemes that address skills gaps and result in recognised qualifications. We provide activities to support relevant skills growth such as careers talks, curriculum support, literacy support, safety talks and volunteering.; We support innovation and disruptive technologies throughout by showing an understanding of opportunities to drive innovation. ; We demonstrate collaboration throughout the supply chain and adopt a fair and responsible approach to working with supply chain partners.

  Equal opportunity

  We are committed to closing the disability employment gap by increasing the representation of disabled people in our workforce through the introduction of inclusive and accessible recruitment practices and retention-focused activities. We have recently acquired additional premises which are Disability Discrimination Act compliant including those with impaired mobility.; We support disabled people in developing new relevant skills through training schemes that result in recognised qualifications and offer a range of quality opportunities and routes of progression such as students supported into higher-level apprenticeships. ; We have also implemented processes to identify and tackle inequality in employment, skills and pay. Our team reflects the diversity of the communities in which we operate, at every level. We always include those with protected characteristics in shortlists for recruitment and promotion. We regularly undertake equal pay audits.; We support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills using skill-based assessment tasks in our recruitment processes. ; Jobs at all levels open to flexible working from day one for all workers.; We identify and manage the risks of modern slavery. All team members have access to an independent democratic trade union and to grievance mechanisms to report incidents or suspected incidences of modern slavery through whistleblowing and reporting. We have pre-employment checks, to mitigate and manage modern slavery risks.

  Wellbeing

  We improve the health and wellbeing of our staff by implementing accessible recruitment, development and retention practices. We pay particular attention to developing people with a disability or health condition. We invest in the physical and mental health and wellbeing of our workforce through our “Mental Health at Work” commitments and have plans to engage our employees in deciding the most important issues to address. ; We measure staff engagement over time and we adapt to any changes in the results.; We work towards community integration by collaborating in co-design and delivery with stakeholders and partners. We seek to understand local demographics, needs and opportunities and feed these in to the design of the services we offer. ; We engage with different parts of the community by staging engagement events, awareness campaigns and outreach activities. We support community-led initiatives such as reducing loneliness, helping with English language proficiency, and helping meaningful social mixing among people with different backgrounds. We have also introduced an employee volunteering scheme.

Pricing

• Price: £0.23 to £0.25 a user
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: All the capabilities and features of the Virtually web and mobile applications and Virtually widget are included.; ; Free trial limited to three months.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Milan.koya@nhs.net. Tell them what format you need. It will help if you say what assistive technology you use.