DXS (UK) LIMITED

SMART Referrals

SMART Referrals is an innovative clinical decision support system tailored for each customer. As well as significantly reducing inappropriate referrals, waiting lists, and carbon emissions, using our SMART Referral Forms has been independently proven to increase whole-system efficiencies and save the NHS substantial sums

Features

• Referral Management Analytics
• Local & National Clinical pathways in the clinician consultation workflow
• NICE and SIGN guidance documents
• Diagnostic Scoring Tools
• NHS Choices content
• Referral forms with mandatory fields, validation, show/hide functionality
• Referral forms that autopopulate with information from patient record
• Referral forms code new entries back to patient record
• Up to date travel advice
• e-RS integration for referral submissions

Benefits

• Users have access to relevant and up to date pathways
• Clinicians follow best evidence medicine
• 360 degrees view of all referrals
• Saves clinicians' time
• Relieves decision fatigue
• Reduced inappropriate referrals/improves referral accuracy
• Reduced incomplete referrals
• Helps clinicians meet referral criteria
• Streamline the referral process

£0.33 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.parker@dxs-systems.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

263440929161124

Contact

David Parker
+44 (0)1252 719 800
david.parker@dxs-systems.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: EMIS Web, SystmOne TPP, Vision 3
• Cloud deployment model: Hybrid cloud
• Service constraints: Yes, Scheduled system maintenance and patching are set for Sunday mornings, running from 6am to 8am. In the event of urgent vulnerabilities, critical patches may be applied during weeknights
• System requirements:
  • CPU Intel i3 processor or better
  • Memory 6GB RAM
  • HDD Storage – Free Space 500MB
  • Display Resolution 1280x720
  • Operating System Windows 10, 11
  • Windows Server 2012, 2016
  • Internet Connectivity Internet and HSCN Required
  • HTTP access to uk.dxs-systems.com. HTTP GET and POST Methods allowed
  • Internet/HSCN Speed 20 Mbps up/down

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide email ticketing support. An Online Self Service portal is available for User use. Emails sent by Users automatically generate a ticket within our ITSM which is then picked up by 1st Line Support Technicians. Updates entered into this ticket on the ITSM are automatically fed back via email to the original ticket logger, or an alternative address if requested.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We utilise the Internet Browser accessibility features selected by the User for webchat also.; Browsers can:; - Keyboard navigation; - Zoom; - Text-to-speech (some browsers); - Customizable fonts and colours; - High contrast mode; - Display captions and transcripts; Browsers cannot:; - Fix inaccessible content; - Provide alt text for images; - Ensure keyboard accessibility for custom controls; - Generate captions and transcripts; - Fix improper heading structures; - Guarantee compatibility with all assistive technologies
• Web chat accessibility testing: DXS UK LTD have not conducted any targeted testing for assistive technology Users.
• Onsite support: Onsite support
• Support levels: While there are many layers of support provided by DXS UK LTD such as 1st Line & 2nd Line, each differing layer provides the same quality of service to each service request that we receive.; ; Further information on the layers of support provided can be found below;; ; 1st Line Support: This Team receives all new support requests logged through to DXS Support. Here triage is applied to each request and acted on according, whether a resolution can be applied or an escalation to another Team is required.; ; 2nd Line Support: This Team handles escalations from 1st Line Support where a service request proves technically problematic.; ; Quality Assurance: This Team has a great many duties. However in regards to support provided to Users, the Quality Assurance Team provide assistance to 2nd Line in understanding unintended behaviour logged in service requests. Greater investigative powers and tools are utilised by the Quality Assurance, allowing a deeper understanding into the faults reported in service requests.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: DXS provides a suite of training options to ensure users have a variety of ways to learn how to utilise the service, these include:; 1. Onsite training; 2. Virtual training (MS Teams); 3. Online e-learning material and top tip videos; 4. User Training guides
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can use the software's in-built functionality to export referral worklists or content templates from the library
• End-of-contract process: In the event of a contract end, we will remove the localised referral content for the customer however, the system will stay available for users as we have a wide range of national content in the form of patient guidance documentation, travel advice documentation and patient leaflet information readily available to users. ; ; In the event, where a customer would like to remove the application completely, an additional cost will be charged for us to remove our application which can be provided upon request, otherwise will assist their 3rd-party IT Support team in setting up automatic removal of our application through their toolsets as required, while following communication plans to inform users of any changes and timeline associated with those plans.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service interface consists of a desktop toolbar, main desktop application and other DLL files that all connect to a cloud-based database server. The desktop application is required to connect to integrated clinical systems that also run on the user's desktop environment.
• Accessibility standards: None or don’t know
• Description of accessibility: - Our service is desktop application-based and cannot be accessed via the internet alone; - Our user interface supports document size zooming, utilises supporting text for icons; - Our service is currently only accessible via desktop machines and laptops; - Our service runs on Windows operating system only; - Our service is not accessible via the internet but relies on a secure HSCN connection; - Our service caters for the English language only
• Accessibility testing: N/A
• API: No
• Customisation available: Yes
• Description of customisation: Users can customise the service by requesting additions or changes to content items (such as referral forms, clinical guidance documents, etc.) within the service. Users can log such requests directly in SMART Referrals via the content self-service portal. The DXS Content team receives and implements these requests, and the DXS Clinical team ensures the clinical safety of all content items. Users commonly do the following:; • Make annotations directly onto content items to show exactly how they need to be changed.; • Request completely new content items to be added.; • Request content items to be removed.; • Request content items to be moved to new folders.; • Request content items to be renamed.; • Request changes to the way content items are coded to save back to the patient record.; • Request changes to folder hierarchies and folder naming conventions.; • Request custom folder colours.; • Request changes to keywords/search terms.; • Request the addition of a range of smart functions based on the purpose of the form.; o Hide and show rules; o Field input validation rules; o Field calculation rules; o Form completion validation rules; o E-RS submission validation rules

Scaling

• Independence of resources: Our software has the ability to employ caching mechanisms to alleviate server transaction loads, ensuring optimal performance for users even during periods of high demand. Our hosted environment undergoes continuous 24/7 monitoring to promptly identify and address any emerging issues. Additionally, our service desk actively engages in trend spotting, enabling early escalation of potential issues to maintain a seamless user experience. Implementing automated server scaling capabilities to dynamically adjust resources in response to fluctuating demand, ensuring optimal performance and cost efficiency

Analytics

• Service usage metrics: Yes
• Metrics types: Yes. Usage reports are provided by the Sales & Accounts Team. Additionally Service Reports detailing each service request logged are sent to their respective locality leaders.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: We utilise SQL Transparent Data Encryption (TDE) to enhance the security of our stored data.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can use the software's in-built functionality to export referral worklists or content templates from the library
• Data export formats: Other
• Other data export formats:
  • PDF
  • RTF
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability Management: 99.9% within support hours (monthly); Service Desk call answer time: 97% (monthly)
• Approach to resilience: Our services are backed by redundant datacenters at multiple geographically dispersed facilities, each equipped with identical infrastructure and resources. In the event of any unforeseen disruptions, such as power outages or hardware failures, our redundant datacenters ensure uninterrupted service availability and data integrity.
• Outage reporting: Internal monitoring of services allows for notifications to be sent to affected Users via email.; In application error messages detailing outage.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is meticulously controlled through the use of Active Directory Security Groups. Each user is assigned to specific Security Groups based on their role and access requirements. These Security Groups are configured to correspond with distinct access levels, ensuring that users can only access the resources and functionalities pertinent to their roles. This systematic approach to access control enhances security and maintains the principle of least privilege within our systems.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 2024/01/03
• What the ISO/IEC 27001 doesn’t cover: Our test environment in North Virginia
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All our Information Security policies and processes are designed and implemented around ISO27001:2022. Awareness training of our policies is done at least annually and regular internal security audits ensure that the policies are adhere to.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management are all managed by our Service Management System. This is documented in the Configuration Management Plan and Change Control procedure.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All assets are meticulously documented within our comprehensive configuration management database.; ; We conduct routine assessments using cutting-edge scanning tools or through expert-led penetration tests to identify any emerging vulnerabilities.; ; Each vulnerability undergoes meticulous assessment and subsequent mitigation in accordance with its severity and potential impact on operations.; ; Critical updates for third-party software are promptly integrated within a stringent 24-hour timeframe, ensuring swift protection against emerging threats. All other updates are diligently implemented within a 14-day period to maintain system integrity and security.; ; Regarding hosted infrastructure, vulnerabilities are diligently managed by our trusted suppliers, adhering strictly to our supplier security policy.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring of potential compromises are done with a combination of malware protection, threat management and active monitoring of our services; Triggers and alerts are setup to notify our security team of any potential compromises; Incidents are logged in the Service Management system and responded to within 8 hours
• Incident management type: Supplier-defined controls
• Incident management approach: Users can report incidents in the following ways: (1) By Phone, (2) by email, (3) by using the build in Feedback function in the product. All incidents are logged, and processed to completion in a Service Management system. ; A Knowledge Base is maintained within the service management system, that contains processes to deal with common events and recurring incidents and tasks.; A service performance and incident report is provided to customers monthly by email.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At DXS, we take the threat from climate change very seriously as we take responsibility for achieving net zero by 2030 and supporting the NHS in achieving its net-zero aims. As a result, we have published our Carbon reduction plan on our website, and we update this annually. We have also undertaken an external review by Ecovadis and achieved a top 30% award of the companies they have reviewed. We have also set ourselves science-based targets for environmental impact reduction through the SBTi initiative. Evidence of our achievements and goals in this area can be provided on request.

  Covid-19 recovery

  Our work has been shown to reduce inappropriate referrals and waiting list sizes. This initiative supports the recovery of the NHS and the post-COVID backlog of patients.

  Tackling economic inequality

  Our digital referral service is designed to eliminate bias in healthcare delivery by standardising the patient's pathways and supporting the Zero-digital bias initiative by the NHS.

  Equal opportunity

  At DXS we take our social responsibility seriously towards providing equal opportunity. We have policies in place to ensure fair hiring, non-discrimination and the creation of an inclusive environment, while placing a focus on career development and advancement.; ; Our company undergoes an annual audit by EcoVadis, a leading provider of business sustainability ratings. This audit assesses our performance against a rigorous set of Environmental, Social, and Governance (ESG) criteria, which includes a focus on social aspects such as labour practices, human rights, and fair business practices. As part of this process, we develop and implement corrective action plans to address any identified areas for improvement and ensure ongoing compliance with ESG standards.

  Wellbeing

  DXS has a wellness committee that looks after staff wellness, through wellness programs. Management encourages work-life balance through flexible and remote working, putting an emphasis on right to disconnect. Annual leave is managed to ensure employees wellbeing stays top of mind. Additionally health and safety policies and procedures are in place to ensure a safe working environment.; ; Our company undergoes an annual audit by EcoVadis, a leading provider of business sustainability ratings. This audit assesses our performance against a rigorous set of Environmental, Social, and Governance (ESG) criteria, which includes a focus on social aspects such as labour practices, human rights, and fair business practices. As part of this process, we develop and implement corrective action plans to address any identified areas for improvement and ensure ongoing compliance with ESG standards.

Pricing

• Price: £0.33 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.parker@dxs-systems.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.