Care Banking

Care Banking : Adult Continuing Healthcare

Software supporting individualized care.
Care Bankings Continuing Healthcare solution provides an end to end solution meeting all NHS Englands requirements for digitizing Continuing Healthcare services

Works as stand alone modules or via integration

Features

• Market Management
• Structured and efficient invoicing and purchasing
• Patient case notes
• Activity and finance monitoring and reporting
• Configurable for individualized care pathways, eg CHC

Benefits

• Allows effective management of patients through the pathway
• Simplifies reporting to NHS England
• Invoices can be validated online
• Reduction in transactional staffing levels
• The product enables supplier markets to be managed effectively
• Purchases, contracts and correspondence are captured in one location
• Ensures all clinical and critical information is captured
• Simplify the workflow for continuing healthcare & personal budgets

£10,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Info@carebanking.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

305780466503112

Contact

Sales
0203 633 1766
Info@carebanking.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Existing clinical or assessment systems, invoicing, contracting and payment systems.
• Cloud deployment model: Hybrid cloud
• Service constraints: Support is not provided for early versions of internet browsers. Please contact us for more details
• System requirements:
  • No specific system requirements
  • Recent browsers are required for secure operation.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times at weekends are different
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Bug resolution is included in the costs.; ; We utilise account managers.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Online training is provided.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: An export from the database is provided on request.
• End-of-contract process: A single extract from the database is included in the costs. Any additional work will be billed to the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Only screen formatting is different.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The API is for transferring clinical data between systems
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: The architecture ensure scaling does not cause performance issues for users. More information can be made available to potential users if required.

Analytics

• Service usage metrics: Yes
• Metrics types: User tracking, expenditure, customers can also request specific usage metrics at the time of ordering.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Csv file
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The defined Service level is 95 % during core hours, core hours are considered to be 9 to 5 weekdays. Service maintenance and system updates are scheduled outside of core hours. Any planned downtime (i.e. for maintenance) will be conducted outside of core service hours and the service must be provided with a minimum of 48 hours’ notice. ; Where system maintenance is urgently required, the policy is to switch to the backup facility, users will be provided with as much information as possible should this occur.
• Approach to resilience: Available on request
• Outage reporting: Email alerts are reported to all registered users

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
• Access restrictions in management interfaces and support channels: The design of the My Care Bank solution ensures that the systems and software supplied enable personal information to be handled legally, securely, efficiently and effectively in order to deliver the best possible care. The system components used singularly or in combination, meet or exceed the current minimum requirements.; ; Privacy and data protection has been built into the system architecture from the start, the underlying design relies on three databases; two cloud based and an independent local database application, accessed through a role based protocol.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: We comply with the NHS standards for the Information Governance toolkit.
• Information security policies and processes: All information security is monitored by a information governance steering group.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We run automated test routines on all releases in a reproduction environment, before undertaking limited user testing. ; A formal group approves all updates and monitors bug fixes on live sites.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Automated monitoring systems track threats and inform the head of security and the deputy head of security.; Patches can be deployed immediately if required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Automated systems track all users and alert system security of any inappropriate or suspicious activity. ; Pre-release testing identifies areas of weakness that are addressed in the preproduction environment.
• Incident management type: Supplier-defined controls
• Incident management approach: All incidents are reported to the information governance steering group,this group maintains and updates the policies for managing all incidents.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  The organisation is working towards net zero greenhouse gas emissions and its founders proactively support the protection and redevelopment of woodlands. The long term aim is for the organisation to also champion the redevelopment of woodlands, when revenue and profits enable this commitment.
• Covid-19 recovery:

  Covid-19 recovery

  The organisation has undertaken to build upon its existing processes and to continue to ensure its recruitment practices and employment conditions are based on fair pay, participation and progression, voice and autonomy. We also aim to increase the opportunity for others via student placements, internships and apprenticeships; In terms of mental wellbeing and improving workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions, we offer fully flexible working conditions; ie at home or office locations. For staff choosing to utilise the office environment we offer free breakfast, free drinks and evening bar, squash courts and Gym. Various internal training sessions, meditation, yoga and counselling when needed.
• Tackling economic inequality:

  Tackling economic inequality

  We aim to offer work experience and provide apprenticeships along with support for educational attainment relevant to the contracted work, including training schemes that address skills gaps and result in recognised qualifications. We are also offering secondment and volunteering opportunities.
• Equal opportunity:

  Equal opportunity

  Care Banking actively supports disabled people in developing new skills, in fact through our growth and product development phases we have work with severely disabled colleges to ensure our products meet the needs of our end users.
• Wellbeing:

  Wellbeing

  Care Banking provides a large range of wellbeing services for its staff, these include Gyms, Squash Courts, Breakfast, Social events, mindfulness courses, Yoga and a range of other activities specifically targeted at staff wellbeing.

Pricing

• Price: £10,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Info@carebanking.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.