INTEGRATED HEALTHCARE LTD

Portzo

Portzo is a porter management solution using Wifi to allocate tasks to the nearest porter. It is a multi-award winning fully automated porter tracking solution to improve efficiency and reduce delays in patient transfers. Real-time location data helps drive efficiency, reduce wastage of resources and minimise delays in patient care.

Features

• Electronic requesting of portering tasks
• Automated allocation of tasks to the nearest porter
• Location tracking of porters using WiFi RTLS
• AI Business Intelligence dashboard
• Natural language processing interface
• Advanced analytics

Benefits

• Improves operational efficiency
• Savings in nursing time due to a fully electronic system
• Improved experience for porters
• Financial savings as a dispatcher is no longer required
• 26.1% more tasks completed
• 31.3% reduction in task completion time
• Reduced response time

£1,299.99 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  ODS

• Service definition document

  PDF

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rakesh.patel@ihealthcareltd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

318803852990809

Contact

Dr Rakesh Patel
07920884693
rakesh.patel@ihealthcareltd.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No, we offer a fully managed solution.
• System requirements:
  • Client PC with minimum 4GB RAM
  • 10GB Free Hard Drive Space
  • Windows 7 or above
  • IE 11, EDGE, Chrome, Mozilla

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: A) Normal working hours within Six (6) hours ; b) Non-working hours (21.00- 09.00 hours) including weekends and public holidays within twelve (12) hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: First Line support is via the helpdesk using via email or telephone ; Second line support - Remote support from a cloud application support engineer; Third line support - Onsite attendance by a technical account manager
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a hybrid approach to training; 1. Train the Trainers; 2. Specific online training sessions with additional drop-in online sessions; 3. On-site floor walkers for Go-Live; 4. Online teaching module and videos; 5. User documentation
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data is accessible via the application to be downloaded via an excel file.
• End-of-contract process: The design, implementation and maintenance of the porter management solution including the maintenance of all software and hardware us included in the contract. At the end of the contract the licences will come to an end and the solution will no longer be able to be used.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile version has limited access to the reporting / analytical tools compared to the desktop version.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: PORTZO can be customised to provide specific monthly reports with site specific KPIs entered into the system to assess performance against them. Task allocation can be setup to a general pool as well as to specific porter groups eg Radiology porters, ED porters etc. The system can be customised with logic for daily tasks to trigger at specific times and specific tasks allocated to particular porters based on skill mix.

Scaling

• Independence of resources: We have monitoring of our cloud service setup to automatically escalate performance issues with further load balancing capabilities.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are provided on all aspects including number of task requests, user logins, turn around times, response times, task completion times, server uptime.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported by users directly from the cloud hosted we application.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XLS
• Data import formats: Other
• Other data import formats: N/A

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: (1) We agree a server availability commitment of 99.95%. Planned downtime for maintenance, patching, upgrading etc are excluded.; ; (2) A service credit on the cloud hosting charges will be applied eqivalent of 3% of monthly spend per 5% below service level target. ; ; (3) Force majeure events are excluded; ; (4) Network connectivity problems such as internet and VPN connectivity are not included.; ; (5) To request a service credit, the purchaser must email support@icegen.net within thirty days of the relevant suspected SLA event. ICEGEN will review the request and issue a service credit if applicable.
• Approach to resilience: Available on request
• Outage reporting: Outages are initially reported via email alerts which are followed up by a phone call from the account relationship manager or our service desk if out of hours.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: We use two factor-authentication for access to our management interfaces and support channels. Further restriction of critical management interfaces by IP address is also undertaken. Access to management interfaces is only granted after a review of the requirement is undertaken by the head of cyber security and the managing director. Management interfaces also have different levels of user accounts with administrative accounts only being used if the task cannot be carried out using a standard user account. Access to the management interfaces is granted on a case by case basis and documented.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Other
• Description of management access authentication: Restricted IP addresses

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cloud infrastructure third party provider has ISO 27001
  • Cloud infrastructure third party provider has ISO 27017
  • Cloud infrastructure third party provider has ISO27018
  • Cloud infrastructure third party provider has CSA Cloud Security Alliance
  • Cloud infrastructure third party provider has cyber essentials plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Cloud infrastructure we use (UK Cloud) is certified to:; ISO9001; ISO20000; ISO27001; ISO27017; ISO27018; CSA Cloud Security Alliance; Cyber essential plus
• Information security policies and processes: Information Security Policies define the responsibiltiy of organisation employees and the business. Policies includes access control, vulnerability management, patching, data encryption, network configuration, Remote working, asset management, change control and physical security.; ; We have a hierarchical reporting structure with a functional organisational structure. ; ; We ensure polices are followed by ; - Sharing details of identified risks with staff; - Guidance to staff on identifying threats; - Policies and procedures stored in a single location for easy access; - Adequate train and a strict policy in place for non-adherence.; -Formal acknowledgement from staff that the policy has been read and understood.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management processes are followed to maintain the integrity of our infrastructure and software.; ; All configuration of the service are tracked throught their lifetime within our asset register.; ; Changes to the service are documented, tested in non-production envoirnment, assessed for potential sevice/security impact, and are subject to a formal change process before being applied to production envoirnments. No unauthorised changes are allowed and production envoirnment is regularly audited.; ; Customer of the software will be provided appropricate notice before changes are applied to production enviornments to minimise service impact.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability manangement processes include:; * Monitoring OS infrastructure, software and code using vulnerability management tools and regular code reviews to identify vulnerabilities.; * Prioritisation of patching to remediate vulnerabilities based on severity (Monthly) and sooner if critical.; * Ensuring resources are deployed to mitigate.; ; Threats are monitored from various sources including CISA, US-CERT and NCSC for advisories.; ; Cloud hosting provider conforms to industry standards to ensure secure IaaS is provided.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: SaaS and OS infrastruture is regularly monitored to detect suspicious activity or compromise through audit events.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident response process has been defined and is used in a reponse to security incidents including common cyber attacks, reporting incident to customers, and how the security incident affects their data.; ; Users report incidents via the telephone Helpdesk or online support tool. Incident reports are provided by email to clients.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  We provide a monthly carbon offset certificate confirming that an independent greenhouse gas assessment has been conducted, and that carbon emissions which have resulted from consumption of cloud services have been reduce to net zero through verified, high-quality carbon credits.

Pricing

• Price: £1,299.99 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A free trial option is available if the number of licenses required is a minimum of 20 for the trial. The trial option includes the licensing but not the setup costs for a period of 3 months. The cost of user devices are also not included in the free trial.

Service documents

• Pricing document

  ODS

• Service definition document

  PDF

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rakesh.patel@ihealthcareltd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.