EMIS Ltd

EMIS Health - EMIS Web Community

Community teams are required to deliver care to patients across a large geographical area either in a patient’s own home or in local neighbourhood clinics. EMIS Web for Community provides health care professionals working for Community Provider organisations essential functionality to assist them in providing high quality patient care.

Features

• Access to real time patient data
• Intuitive, one-click access and quick data entry
• Intelligent alerts, warnings and decision support
• Powerful search and reports functionality
• Caseload management functionality
• Ability to automatically recall patients for appointments and generate letters
• Real time data sharing across clinical services
• Support for E-Referrals
• Fully interoperable system
• Microsoft Word Integration for mail merge letter generation

Benefits

• Improved patient care through mobilisation and instant access of data
• Ability to share patient data easily and securely
• Support multi-disciplinary teams to schedule health reviews
• Improved quality of data through standardised ways of working
• Improved planning and business performance
• Cross organisaiton functionality facilitates streamlining processes
• Effective patient management driven by locally tailored caseloads
• Fully auditable Role Based Access Control, encrypted over N3
• Community and Child solutions include unique UAT and Training environments

£158.20 a user a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@emishealth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

260487589376653

Contact

Bid Team
0113 380 3000
bids@emishealth.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Viewing external patient data is dependent on having active sharing data agreements in place. Sharing organisations (i.e. Practices) must be streaming or on EMIS Web with an ODS Code and PPA/Index no. required for customers who wish to use prescribing or pathology links
• System requirements:
  • N3 connection (or VPN access to N3 via token)
  • Windows 8.1 Professional & above, Windows 10 Professional and above
  • .NET 4.8
  • Intel Core i3 equivalent or higher processor
  • 10GB free hard disk space
  • 8GB RAM
  • Microsoft Office 2013, 2016, Microsoft 365 (Desktop)
  • Spoke servers required for patch distribution of client updates

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is provided in line with service levels
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: None or don't know.
• Onsite support: Yes, at extra cost
• Support levels: Support Levels will be provided as per the selected Service Management Model
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training and optimisation and other implementation services, such as data migration, deployment and project management can be procured through G Cloud Lot 3 Cloud Support, in support of the roll out process.; ; All users are provided with access to our online support centre which provides extensive system guidance and training videos. We also provide regular online webinars for our users to learn more about our system.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: EMIS Health will provide customers with an extract of their data when the contract period ends and the customer intends to move to another system provider.
• End-of-contract process: Customers will be contacted regarding their renewal intentions. EMIS Health will provide the customer with an extract of their data or access to read only data in the data centre.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our EMIS Mobile App is a separate application for use on mobile devices such as iOS, Android and Windows operating systems. The EMIS Mobile app uses native.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: EMIS Web has several interfaces to facilitate integration with 3rd party solutions. These include: ; - EMIS CRV to provide a third party system with structured or unstructured data sets from the EMIS Community system, in real time.; - Portal SDK to launch third party systems, patient and role in context. ; - Patient API for patient centred apps to interoperate. ; - NHS Digital standards. ; - MIG. ; - Integration via HL7. ; - CDA ; ; Patient API allows a third party system to consume data from EMIS Web and it allows users to put events into the patient’s medical record as a consultation. ; CDA allows a third party system to send structured messages into Workflow Manager within EMIS Web. This can then be saved to the patient’s medical record. Likewise EMIS Web has the functionality to send structured data to a third party solution in order to allow transfer of care between systems.; EMIS Health is open to working with any third party supplier and our interface specifications are available. Accreditation is achieved by the third party supplier passing technical assurance for each product that is to interface with EMIS Web and a commercial agreement between EMIS Health and the third party supplier.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: The EMIS Web Hosted system has been designed to manage large volumes of patient transactions in an efficient manner. ; The system architecture put forward is designed using “industry standard products” meaning it is easily expandable with the minimum of disruption. The current and anticipated demand for services is continuously monitored, if a predicted threshold is triggered, an expansion will be required.; The equipment will be based on HP hardware using Microsoft Server 2012 R2 Hyper-V and SQL 2012. The modular nature of the design means any additional equipment needed will utilise the existing racks, enclosures, networking infrastructure etc.

Analytics

• Service usage metrics: Yes
• Metrics types: Users are able to build their own reports within the EMIS Web system
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The EMIS Web system provides users with a front end patient population reporting module, which enables our users to build reports on patient and/or other system criteria which can be exported to Microsoft Excel for further analysis. We also provide data extraction services for customers wishing to analyse more complex criteria. We also provide a data analytics service with can be purchased separately.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Up to 99.95% dependant upon service procured
• Approach to resilience: The data centres have multiple power feeds allowing maintenance without service disruption; backed up by on-site UPS systems. There are multiple diverse communication links into each data centre. All cooling is N+1. Data centres are linked with multiple diverse cross site links. ; All cabling is managed and labelled. All devices are labelled and managed in an ISO 20000 configuration management database with full strict change control. All devices have redundant paths and components, virtualisation is widely used allowing local HA and resilience to be included in any service. Data can be synchronously replicated between systems for DR and minimal disruption in the event of a failure.; The uptime of the system is provided by a combination of an active/active load balanced Supplier Solution tier that runs across both of our data centres and the use of SQL 2012 Enterprise 'always on' availability groups using synchronous replication. The system is also 'self-healing'. Where a page corruption is detected post commit, the other SQL servers in the group are interrogated for the non-corrupted page and are restored over the damaged page. N3 Connectivity is provisioned utilising one pair of resilient circuits configured in an active/passive arrangement at each of our data centres.
• Outage reporting: Our 24/7/365 managed operations and monitoring systems enable us to pro-actively identify potential issues and resolve them prior to an impact on the service occurring.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: • Username and two-factor authentication; • Limited access over dedicated link, enterprise or community network; • Username and strong password/passphrase enforcement; • Assured by Independent testing of implementation
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 08/07/2004, last revised on 15/06/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IG Toolkit
  • Data Security and Protection Toolkit (NHS Digital)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We conform to the NHS IG policies relating to data handling and security.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Processes comply with ISO 20000 and follow ITIL v3 framework
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Compliance with an accreditation to ISO 27001 audited twice yearly by BSI
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Compliance with an accreditation to ISO 27001 audited twice yearly by BSI
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Processes comply with ISO 20000 and follow ITIL v3 framework

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  Fighting Climate Change: Sustainability and Environment, Social and Government (ESG) at EMIS and our partner Scan House Group is very high on our agenda. Our strategy is to drive responsible sustainability and climate choices within our group of businesses, our partners, our customers and throughout our wider supply chain. We deliver this through our following commitments of: Leading the way of Green practices: Prioritising ESG and climate change on our board agenda. We are embedding consistent ESG and sustainability standards in policies and practices across our Group of Companies by designating an accountable ‘Climate Leader’ for each business unit, therefore embedding sustainability in all operational processes and decisions.Being Net Zero by 2030: We will emit net zero GHG emissions across our operations and value chain by: Sourcing 100% renewable electricity; electrifying our fleet vehicles; requiring an absolute minimum of 75% of our suppliers to set carbon reduction targets; and investing in offsets for residual emissions. Empowering and Inspiring our teams and colleagues: We are engaging and educating our employees on climate change and the impacts of the decisions they take and empowering them to make positive climate choices. Enlightening our Eco-System: We proactively collaborate with our customers, alliance partners, NGOs, industry groups and suppliers to facilitate and kick start climate action across the sectors we serve. Please see our ESG strategy here https://www.emishealth.com/about-us/our-esg-strategy. We continually run awareness and advice programmes for staff and partners to ensure that ESG is in the forefront of our minds.

Pricing

• Price: £158.20 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@emishealth.com. Tell them what format you need. It will help if you say what assistive technology you use.