CEMPLICITY UK LIMITED

Patient-Reported Experience and Outcome Measures (PROMs)

Cemplicity specialises in Patient Experience (PREMs) and Patient-Reported Outcome Measures (PROMs) in acute care and community settings like MSK. Designed specifically to achieve high patient response rates and to ensure no extra burden on clinicians. We offer over 100 survey instruments ‘off the shelf’ and active support to ensure impact.

Features

• Capture MSK and acute care patient outcomes using any survey.
• Alert clinicians when patients experience clinically significant deterioration.
• Action Register for easy management of patients needing follow-up.
• Tight data governance protocols to tailor data access to users.
• Triage patients on referral to enable management of urgent cases.
• Interoperable with any electronic health record system.
• Digital-first surveying, optimised for MSK clinics and at-home surveying.
• Real-time, integrated theme and sentiment tools.
• Strategies to optimise response rates when patients are at home.
• Supports patient-initiated follow up (PIFU) in an MSK setting.

Benefits

• Track patients, helping them manage their symptoms at home.
• Reduce unplanned readmissions, taking fast action when symptoms change.
• Focus clinical resources on the people who need it most.
• Support MSK patients with tailored self-management advice.
• Reduce barriers between less health confident people and their carers.
• Improve patients' quality of life, with attention to equity.
• Identify variation in outcomes across different services and clinics.
• Learn which MSK services have the greatest impact.
• Understand how patient experiences relate to better outcomes.
• Learn and contribute to our international community of PRM leaders.

£980 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cemplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

236443828457239

Contact

Cemplicity UK
07572989210
hello@cemplicity.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The Cemplicity Platform is available 24/7. Maintenance for software updates do not affect users accessing the system.; ; Cemplicity is accessed via a browser. The latest versions of all mainstream desktop and mobile browsers are supported including Internet Explorer, Chrome, Firefox, Safari and Edge.
• System requirements:
  • A recent version of one of a mainstream browsers
  • Supported browsers: Edge, Firefox, Chrome, Safari, IE, Opera
  • Cookies required for session information

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: With a 24 hour team at our disposal we will respond to all tickets within two hours Monday-Friday. A reduced team will still be monitoring the support centre on weekends, but responses will be mainly reserved for emergencies
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We have a 24 hour support team available Monday to Friday, and for emergencies on weekends.; Our comprehensive support programme is available to all clients irrespective of the cost of the programme.; We also have a dedicated technical account manager and engineer available for additional support when required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Each client works with a dedicated account manager, who project manages each implementation and then works with the client as their primary contact. This ensures continuity from the first stages of programme design through the ongoing optimisation of the programme.; ; After gathering and documenting client requirements, we provide all necessary guidance and documentation to set programmes up, to the agreed timetable.; ; On launch, we provide online training to the client project managers and frontline staff. This is included in the implementation fee.; ; Post implementation, we have a Customer Success function that monitors client use of the Cemplicity system, and who deliver in-portal 'tips and tricks' to help staff get the most from the patient feedback. ; ; Customer Success also host ongoing webinars and training through the contract period to cater for staff changes and opportunities for improvement.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: On the request of the client, Cemplicity provides the requested data set as a .csv file. All data exchanges are done through sFTP.; ; Alternatively, clients can request that all data is destroyed rather than returned.
• End-of-contract process: The provision of a complete dataset as a .csv file or the destruction of data is included in the price of the contract.; ; If the buyer wants additional engineering, data or management services to support a transition to a new supplier, this is quoted on an hourly rate, as shown in the Pricing document.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Both our survey platform and our reporting portal have been optimised for mobile and desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Users access dashboards, charts and other components of the Cemplicity platform via a web browser. Access to reporting and data is configured to user permissions. Any access of the system requires user name and password authentication.; ; For digital surveying, respondents access surveys from a link via SMS, email, or QR code. We also facilitate surveying via paper surveys or phone surveys (through third parties).
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Clients have not yet asked us to work with assistive technologies.
• API: No
• Customisation available: Yes
• Description of customisation: The Cemplicity system is highly customisable, which we outline in detail in the Pricing and Service Definition documents. ; Customisation includes:; - Any survey instrument; we currently host over 100 different PREMs and PROMs survey.; - All languages; - Facilitating all survey modes (email, SMS, QR code, paper, phone); - Flexible branding within one programme e.g. for different hospitals or health service providers; - Permission-based, configurable access to datasets and reporting views; - Data filters and analytics based on patient background information (e.g. patient pathway, medications) or demographics; - Flexible alerts to care teams, based on patient responses; - Ability to provide different self-management advice based on patient responses.; Customisation is done by the client's dedicated account manager.; ; We also offer supporting insight services on request.

Scaling

• Independence of resources: Account Management:; Each client has a dedicated account manager, to ensure they have a single point of contact for all Cemplicity matters. We actively monitor our account management resource to ensure each client has excellent levels of support.; ; System Performance:; System performance is actively monitored to ensure the speed of page loading and reporting is sub-second. Our distributed, managed hosting environment and agile development processes ensure the efficient performance of the system under load.

Analytics

• Service usage metrics: Yes
• Metrics types: Within the reporting portal, we report live survey response rates by mode. These can be filtered and analysed by patient demographics, location and service.; ; Cemplicity also monitors user engagement with the portal (log ins) and reports these statistics to clients via their account manager. Where we see low user engagement, we implement corrective action such as webinars and in-portal prompts.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: All data at rest is encrypted using at least AES-256.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users with the appropriate permissions can export data directly via our platform in a range formats including raw data (Excel or txt document). This can be done on a scheduled, automated basis, if clients are not accessing data through the API.; ; Most users do not export the raw data as the reporting platform is designed to present results in a simple and intuitive way for frontline healthcare teams. The platform also has numerous features to maintain patient privacy and data security.; ; Charts can exported as an image or PDF document.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Txt
  • Excel
  • .pdf
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: For all sensitive or personal data SFTP must be used for file transfers.; ; Cemplicity is ISO 27001 certified and data protection is both a function of our transfer processes, and our personnel training and overall information governance protocols.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Shown below is our SLA. For interest, in the past month our availability has been 99.992%. Refunds will be governed by the G-Cloud legal agreements.; ; 1. Service Level of 90% i.e. only one incident in ten may not be resolved within the allocated time frames below. ; ; Priority Levels; ; P1: Stops a critical application working for all its users or a critical function is not working or poses a significant financial/credibility risk. e.g., Live surveys cannot be responded to, or an incorrect survey is being sent out.; ; P2: Stops a critical application working for more than 50% of its users or significantly impacts critical functions of an application. e.g., Reporting is unavailable.; ; P3: Stops part of an application working for less than 50% of its users or makes it necessary to use workarounds. e.g., Unable to import new survey data into reporting dashboard, administrator cannot do their usual functions etc.; ; P4: Stops part of an application working or prevents internal users from performing some of their role e.g., link to FAQs from survey email not working.; ; P5: Nonurgent issue. An issue that has minimal impact on the business.; e.g., reports unable to be exported to printable versions (PDF)
• Approach to resilience: The Cemplicity platform is hosted on AWS infrastructure. Components are a mixture of virtual machines and containers.; ; Containerised components are deployed in clusters using the AWS Elastic Container Service (ECS) where each instance can be restarted or upgraded in isolation with no downtime. ; ; Containers are continuously monitored: if any container enters a failure state or peformance drops below acceptable thresholds, it is automatically removed and replaced.; ; Virtual machines are similarly configured. If required, virtual machines can be restarted or replaced with minimal downtime.; ; In both cases horizontal scalability is possible by starting multiple instances of the same VM/container.
• Outage reporting: Outages are reported through our support desk and public page on our website. Customers may also choose to be alerted via email from their account manager or Intercom.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Our support teams have access to internal management tools. These tools are can only be access by authenticated internal users who have been assigned the appropriate roles.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 13/1/2022
• What the ISO/IEC 27001 doesn’t cover: All ISO27001 Controls were covered in the certification and included in our statement of applicability.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Cemplicity actively adheres to the ISO27001:2013 standard, using a industry best-standard online information security management system (ISMS). This system includes multiple tools to track information management controls.; ; All controls within ISO27001:2013 are within scope for our organisation and were included in the statement of applicability for ISO27001 certification. ; ; These include;; - Information Security Policies; - Organisation of Information Security; - Human Resources Security; - Asset Management; - Access Control; - Cryptography; - Physical and Environmental Security; - Operations Security; - Communications Security; - System Acquisition; - Supplier (and other important) Relationships; - Information Security Incident Management; - Information Security Aspects of Business Continuity Management; - Compliance.; ; An ISMS Board has been established to enforce these policies. With the designated CISO overseeing day to day operations and the CIRO assuming overall responsibility for the operation and risk within the ISMS.; ; Regular audits are undertaken as part of the operation of the ISMS. This includes reporting to the board on a bi-monthly basis.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Any work that would result in a change in either configuration or code is logged and tracked in Azure DevOps.; ; All code and configuration changes are stored in GitHub.; ; All software and configuration changes are peer-reviewed and subject to internal testing (both automated and manual) before release. ; ; The potential security impact is assessed and reviewed during design, build and test phases. A third-party security review may be initiated if significant risk is expected.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The TISO must keep up to date with news on general vulnerabilities and vulnerabilities that relate to the software services being delivered and other relevant services. Periodic vulnerability scans and penetration tests are carried out to look for any vulnerabilities not previously identified. We also use special interest groups.; ; When a vulnerability arises the CISO will update the risk treatment plan for the ISMS. The CISO and TISO will decide if the risk requires treatment, and based on the level of risk the timeframes for treatment.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our APM and other production system monitoring tools can indicate potential compromises.; Versions of all third--party libraries are automatically checked and upgrades recommended as part of our development process.; All incidents are immediately triaged and the impact assessed. Critical issues are fixed immediately. Less severe issues may be scheduled in the next code release. As we maintain a continuous deployment approach, this is still very quick and is usually as soon as hours or days after first discovery.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management approach is outlined in A.16 of our Policies and Controls as part of our ISMS following the ISO27001:2013 standard. The procedures for incident response planning are defined in advance of an incident occurring and have been agreed by the ISMS Board. ; ; Through security and awareness training staff understand what constitutes an incident and they must inform a member of the ISMS board of any incident they encounter.; ; These are logged in a Security Incident Management Tracker which guides an incident through the same structured approach, producing a report at completion.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Cemplicity supports global environmental sustainability by actively encouraging clients away from paper surveying to the electronic capture and reporting of patient feedback. We also enable remote patient-reported symptom tracking which can minimise unnecessary travel to appointments. ; ; Cemplicity's operational model reduces carbon emissions through our internal policies including a paper-free office, our employee work from home scheme, virtual meetings with clients and thoughtful travel for business.
• Covid-19 recovery:

  Covid-19 recovery

  Cemplicity has supported Covid-19 management by providing the tools to to screen patients at hospital outpatient clinics ahead of appointments to prevent the spread of the virus. ; ; Cemplicity is also helping with Covid-19 recovery through remotely monitoring Long-Covid patients and their symptoms. Our survey tools allow health workers to efficiently act on worsening symptoms and capture valuable insights into this patient pathway.
• Tackling economic inequality:

  Tackling economic inequality

  The majority of Cemplicity work is assessed with the lens of addressing inequity in health outcomes. Evidence supports that remote digital tracking of patient symptoms can reduce barriers to access to care, particularly among groups with lower health and technology literacy. In the public health systems in which we work, this is of primary importance including ensuring our data capture mechanisms reach the traditionally harder to reach patient cohorts and that surveys are easy to respond to.
• Equal opportunity:

  Equal opportunity

  Cemplicity is proud to promote all genders, cultures and identities in our workplace. We have policies in place to promote equal opportunity for all our staff, The results speak for themselves, with wide ethnic diversity across the Cemplicity team (8 cultures represented in our team) as well as being one of the few IT companies in the world who has more women in the R&D team than men.
• Wellbeing:

  Wellbeing

  Cemplicity's Staff Wellbeing and Resilience Programme focuses on the physical and mental health of our workforce. We offer a flexible working environment, promote health eating and exercise and are currently developing a resilience programme for staff.

Pricing

• Price: £980 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cemplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.