PUNGO LTD

Joy - Digital Social Prescribing Platform

Joy creates a digital ecosystem around social prescribing that enables individuals to access non-clinical support services faster. The system generates real-time outcome data (e.g. wellbeing improvement, GP appointment reduction, service performance) that informs strategies and allows decision-makers to prove the efficacy of their social prescribing programme.

Features

• Two-way integration with EMIS and TPP SystmOne
• Case Management System for Social Prescribers and Personalised Care Teams
• AI-powered directory of services (DoS)
• Public Health Analytics Dashboard
• Client communications hub (SMS/email)
• Appointment scheduling and reminders
• Integration with local DoS
• Built-in outcomes measures (ONS4, GP appointment reduction, etc)
• Integration with Rio, EPIC, Mosaic, Cerner, LiquidLogic
• Self-referral pathways

Benefits

• Improve Personalised Care Team efficiency and productivity
• Divert pressure away from GPs and reduce GP appointments
• Streamline referrals to non-clinical services
• Boost collaboration across multi-disciplinary teams
• Empower patients to self-manage their health and self-refer to services
• Uncover health inequalities through detailed, real-time reporting
• Achieve DES targets for social prescribing
• Measure and monitor the ROI from wellbeing initiatives
• Track demand for local non-clinical services
• Reduce waiting lists for social prescribing services

£0.08 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at patrick@thejoyapp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

251287113942465

Contact

Patrick Harding
07724467145
patrick@thejoyapp.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: EMIS Web, TPP SystmOne, Local DoS
• Cloud deployment model: Public cloud
• Service constraints: Any routine downtime required for system maintenance is scheduled outside normal office hours. ; ; A maximum 8 hour per month window is provisionally allocated for system maintenance, if required. ; ; In any month when the maintenance window is to be used, customers are notified at least seven working days in advance.
• System requirements: Firefox/Chrome latest versions, Internet Explorer 10+, Safari, Opera, Microsoft Edge

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 2 hrs during normal working hours on weekdays only
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Users can access the live chat from within their browser of choice
• Web chat accessibility testing: Joy tests all features with a diverse group of stakeholders
• Onsite support: Yes, at extra cost
• Support levels: Included:; ; Helpdesk: 9am to 5pm Monday to Friday (excluding bank holidays); ; Tickets can be logged 24/7.; ; Contact details for Customer Success Manager will be supplied.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: To help users get started with Joy we provide: 1) Online training sessions, 2) Access to a dedicated knowledge base, 3) How-to guides, 4) Email support, 5) Telephone support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of a contract period the user will email us and their data will be compiled and sent to them in an encrypted CSV file.
• End-of-contract process: When off-boarding, the client will be supplied with an export of the file system and database.; ; Exports are supplied as an encrypted file containing the exported files.; ; On off-boarding, all consumer-generated data will be provided in the export. Custom data extractions can be provided on request (chargeable at hourly rates).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Joy Social Prescribing Marketplace enables patients/residents to access local support.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Joy is is available via a web-browser
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: An accessibility audit has been conducted using the Google accessibility assessment
• API: Yes
• What users can and can't do using the API: Joy's API enables information to be shared with other platforms, e.g., a local DoS or patient-facing application.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: Compute resources are actively monitored, allocated and controlled to ensure service is maintained.

Analytics

• Service usage metrics: Yes
• Metrics types: Reporting on service usage can be provided as an additional service, including number of referrals, source of referrals and where referrals have been made.; ; In addition, custom analysis for public health reporting can be performed.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Request to support team is made.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability: 99.9%; ; In any calendar month in which we have unscheduled down time that causes the service level to drop below agreed performance level, the basic monthly charge is reduced by 5% for each full percentage below the agreed level, up to a maximum credit in that month of 100%.
• Approach to resilience: Available on request
• Outage reporting: Email/telephone alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are available to Joy staff only. Roles and responsibilities are defined at project initiation and access to support channel granted to named contacts.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: Jan 2021
• What the ISO/IEC 27001 doesn’t cover: The scope of ISO27001 is the entire company
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO27001
  • Cyber essentials plus
  • Cyber essentials
  • IASME
  • NHS DSPT

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: IASME Governance standard; Cyber Essentials Plus; Cyber Essentials; NHS DSPT
• Information security policies and processes: Detailed information security policies designed, reviewed, implemented and enforced. Specific details are available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The main Components of the change control process are:; • Documented channel through which a change is requested; • Change impact analysis; • Change Advisory Board (CAB) to assess change and recommend action; • Prioritisation and scheduling of the change, relative to other changes; • The development/implementation of the change, including testing,; • Updating of records to incorporate the change
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We monitor potential threats from a variety of sources including supplier notifications and industry updates. ; Potential threats are assessed by technical team. Critical patches are deployed as soon as possible.; Non-critical patches are applied on a weekly basis.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: System logs, system load and response times are monitored for suspicious activity. Users can also contact us if they suspect something. ; ; The compromised system is isolated, treated, brought back into service. ; ; Response is immediate.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have incident management processes for major and minor incidents, including a comprehensive disaster recovery plan. Users can report incidents via the support team, who provide support levels according to service level agreements. ; ; Incident reports are generated as part of audit processes and urgently in the interim should significant events occur.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  Joy’s environmental policy outlines our aims and principles in relation to managing the environmental effects and aspects of our operations, including:; • Transport; • Recycling of packaging materials; • Minimising waste; • Efficient use of energy
• Wellbeing:

  Wellbeing

  Joy’s mission is to add 10-years to life expectancy by addressing the social determinants of health. Our social prescribing platform is proven to improve the wellbeing of communities.; ; The platform creates seamless referral journeys for residents/patients to access non-clinical services in their area. This reduces the barriers people face in getting support and enables root-cause issues such as loneliness, financial issues, and housing problems to be addressed earlier. This helps to address health inequalities and prevent issues from turning into crises. ; ; Furthermore, Joy can be utilised by customers to identify health inequalities and provide more targeted spending that will better serve the community. Commissioners can see where health inequalities are most pronounced and which services are the most effective in addressing needs, identifying where increasing capacity could have wider benefits.; ; The platform also helps to pinpoint gaps in service provision. By analysing search data it’s easy for customers to spot any unmet needs and increase provisions where required.; ; Joy is also focused on supporting CVS organisations to help them demonstrate impact on the support they provide. The platform provides an insights dashboard and with the data this tool can provide, they are better equipped to report on the outcomes that they’re achieving. This is key to reporting, accessing future funding opportunities, and providing the best possible service for service users.; ; Joy is co-created with service users, ensuring that stakeholders across local communities shape how we develop to further support their needs. These continual improvements to the platform ensure benefits to the community will increase throughout the life of the contract,; ; All activity in the Joy platform is measured. Joy enables the measurement of wellbeing within the locality, highlighting how non-clinical services reduce demand for local health services, whilst ensuring residents are happy, healthy, and supported.

Pricing

• Price: £0.08 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free/at cost trial can be provided if required

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at patrick@thejoyapp.com. Tell them what format you need. It will help if you say what assistive technology you use.