SIDQAM LTD

Healthcare Standards Based Data Modelling Tool

Create data models that are translated using interoperability standards and output in XML, JSON and ADL formats.

Based on ISO13606, providing SNOMED CT, Data Dictionary, PRSB, HL7 and FHIR compatibility. Maps to Contsys, PRSB and dynamically to FHIR for transformation, translation and exchange to other healthcare systems.

Features

• Ideal for novice users
• Interoperability standards used
• Build clinical and demographic data models
• Share and review models via web
• Based on ISO13606
• Output model in XML, JSON, ADL
• AI for user input
• Designed to enable exchange of healthcare data
• SNOMED CT, HL7, Data Dictionary, PRSB and FHIR compatibility
• Maps to Contsys, PRSB, FHIR for data transformation/exchange

Benefits

• Build healthcare data models
• Clinical and demographic models available
• Dynamic link to FHIR models
• Supports best practice
• Interoperability standards in place
• Link to any system using standards
• Share models via web
• Create complex models easily

£1,000 to £1,500 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at direcht@sidqam.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

250784775307747

Contact

Business Development Unit
0161 818 4614
direcht@sidqam.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements: Computer with web and internet access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email to support@sidqam.co.uk ; Support is provided in line with our support levels below.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: P 1 - Service unavailable for all users - Resolution time 6 working hours; ; P 2 - Individual Direcht service unavailable - Resolution time 8 working hours; ; P 3 - Core/Clinical module failure - Resolution time 24 working hours; ; P 4 – Non-core module failure - Resolution time 50 working hours; ; P 5 – New requirements or screen changes or UX issues- Resolution time potential future release if agreed by supplier-customer support group
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Documentation is provided and there is help within the system. ; The software is intuitive with examples included.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can download their data models at any time.
• End-of-contract process: The software licence will no longer be operational, limited access to the software remains.; ; Models can be downloaded into many formats in current system, this can be done by the user at any point.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Patient API allows a third party system to consume data from Direcht Systems and it allows users to put consultations into the patient’s medical record as a consultation. ; Direcht Systems has the functionality to send structured data (ISO 13606 models) to a third party solution in order to allow transfer of care between systems.; ; Sidqam is open to working with any third party supplier and our interface specifications are based on existing healthcare standards such as HL7.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: Direcht Systems provide both vertical and horizontal scaling.; ; The use of ISO13606 as the underlying architecture provide the flexibility to scale and adopt.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Data Models can be extracted via the software in XML, JSON and ADL formats. Models can also be shared via the web.
• Data export formats: Other
• Other data export formats:
  • JSON
  • XML
  • HL7
  • ADL
• Data import formats: Other
• Other data import formats:
  • ISO 13606
  • XML
  • ADL
  • JSON
  • HL7

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Application availability 98% with a threshold of 96%. Infrastructure downtime or other incidents within Force Majeur, planned or unplanned, is excluded from this calculation.
• Approach to resilience: Available on request. Resilience provided by underlying hosting platform.
• Outage reporting: E-mail alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: • Username and two-factor authentication
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Sidqam Ltd is committed to ensuring security governance is given the highest level of importance. We have consultants who have worked in the security and information governance domain and are helping us to achieve the ISO/IEC 27001 certification.
• Information security policies and processes: Our Information Security management System is used as a tool to assist us to identify and comply with business and legal/regulatory requirement and contractual security obligations. All Procedures are reviewed once a year to make sure they comply. All staff are required to comply with our information security guidelines.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes services are aligned to ITIL. All build and configuration assets are version controlled using source control. All changes are peer reviewed by at least two others and UAT performed before being merged into the base codebase.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We do in-house penetration testing. Any known vulnerabilities should be patched within 24 hours. In addition we have robust vulnerability management processes in place within Microsoft Azure to identify, triage, and mitigate vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Realtime monitoring is in place to monitor potential compromises.; Microsoft Azure communicates any data breach if it becomes aware of such.; Escalation processes are in place once any compromise is identified.; The degree of compromise will determine resource allocation and urgency of response. In most cases any compromise will be addressed immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Customers can phone or email with incidents. We use an incident management tool (Zoho) that has built-in reporting. In addition we also have procedures for ; - Conducting risk assessments for discovered security incidents.; - Notify clients in the event a security incident occurs.; - Revising our annual Security Risk Analysis and Risk Management Plan as necessary.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  We strongly encourage our staff to prioritize consideration when traveling for work. Additionally, whenever feasible, we opt for remote client meetings. Our company policy emphasizes an 'online first' approach.

Pricing

• Price: £1,000 to £1,500 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free; TRIAL VERSION (30 DAYS); Creation of Models; 50 models per month; 1 user
• Link to free trial: https://direcht.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at direcht@sidqam.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.