SIDQAM LTD

Direcht Appointment Booking System

Direcht Appoint is an extensive but easy to use appointment management system to book multiple, as well as bulk appointments for organisations such as hospitals, clinical trial units, and other care settings. It also enables the addition and management of patients and volunteers, customised time slots, and appointment reminder alerts.

Features

• Integrated clinical record
• Interoperability standards used
• Maternity, general healthcare and cosmetic surgery templates
• No app to download or installation required
• Browser based, multi-device tool
• Secure Video Consultation
• Patient access to records
• SNOMED CT and HL7 FHIR
• A platform that even works with low internet bandwidth
• Consent models and chaperon workflows available

Benefits

• Manage patients in the comfort of their home
• Saves time
• View integrated record
• Supports best practice
• Interoperability standards in place
• Link to any system using standards
• Access to records anywhere anytime
• Patient access to records
• Reporting included
• Near type free

£50 to £100 a user a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at direcht@sidqam.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

343595696293343

Contact

Business Development Unit
0161 818 4614
direcht@sidqam.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Can be integrated with existing electronic patient record (EPR) /Case management system/Maternity system/PAS with HL7 standard messages.
• Cloud deployment model: Public cloud
• Service constraints: - Viewing external patient data is dependent on having active sharing data agreements in place.
• System requirements:
  • Internet connection required
  • Minimum specification for PC/Web environments
  • Minimum specification for Android Tab environments

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email to support@sidqam.co.uk ; Support is provided in line with our support levels below.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: P 1 - Service unavailable for all users - Resolution time 6 working hours; ; P 2 - Individual Direcht service unavailable - Resolution time 8 working hours; ; P 3 - Core/Clinical module failure - Resolution time 24 working hours; ; P 4 – Non-core module failure - Resolution time 50 working hours; ; P 5 – New requirements or screen changes or UX issues- Resolution time potential future release if agreed by supplier-customer support group
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Training is provided as part of the implementation project. The trust should nominate clinical champions / expert users to deal with routine queries after implementation. Documentation is also provided and there is help within the system. ; The apps are intuitive, based on current recording methods, so will be familiar to staff.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The data stored from our systems is usually pushed back into existing EPR. If no system exists, a copy of new data collected will be stored on the server housed at the trust; the trust always has access and control of its data. If the trust chooses not to use the app, the data would remain accessible on the trust server.
• End-of-contract process: All data will be extracted from the system and provided to Trusts in JSON/XML format.; ; Once the trusts confirms safe receipt of data on their systems Sidqam Ltd will destroy all the data present on our servers and provide a written confirmation of the same.; ; Data extraction in another format other than JSON/XML will incur a cost / tbf.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: -No app to download or installation required; -Browser-based, multi-device tool
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Patient API allows a third party system to consume data from Direcht Systems and it allows users to put consultations into the patient’s medical record as a consultation. ; Direcht Systems has the functionality to send structured data (ISO 13606 models) to a third party solution in order to allow transfer of care between systems.; ; Sidqam is open to working with any third party supplier and our interface specifications are based on existing healthcare standards such as HL7.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: -Product is offered on a Software-As-a-Service (SaaS) model and minimum customisation is allowed.; -New data capture templates can be created for various healthcare specialities.

Scaling

• Independence of resources: Direcht Systems provide both vertical and horizontal scaling.; ; The system has been designed to manage large volumes of patient transactions in an efficient manner.; ; The use of ISO13606 as the underlying architecture provide the flexibility to scale and adopt.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide a series of metrics based on data available. However trusts can define metrics they wish to view, the reporting tools are included in the software.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Data is stored in a way that demographic data and clinical data are stored in different set of tables. They are only linked at run-time with the two factor authentication.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The Direcht systems provide an out of box reporting tools accessible via its web version which can be exported to Microsoft Excel for further analysis. We work with trusts to help define data the requirement and the standards used for export. This is our data extraction services for customers wishing to analyse more complex criteria. We also provide a data analytics service with can be purchased separately.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • HL7
• Data import formats: Other
• Other data import formats:
  • JSON
  • XML
  • HL7

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Application availability 98% with a threshold of 96%. Infrastructure downtime or other incidents within Force Majeur, planned or unplanned, is excluded from this calculation.
• Approach to resilience: Available on request. Resilience provided by underlying hosting platform.
• Outage reporting: E-mail alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: • Username and two-factor authentication; • Limited access over dedicated link, enterprise or community network; • Role Base Access Controls (RBAC)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Sidqam Ltd is committed to ensuring security governance is given the highest level of importance. We have consultants who have worked in the security and information governance domain and are helping us to achieve the ISO/IEC 27001 certification.
• Information security policies and processes: Our Information Security management System is used as a tool to assist us to identify and comply with business and legal/regulatory requirement and contractual security obligations. All Procedures are reviewed once a year to make sure they comply. All staff are required to comply with our information security guidelines.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes services are aligned to ITIL. All build and configuration assets are version controlled using source control. All changes are peer reviewed by at least two others and UAT performed before being merged into the base codebase.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We do in-house penetration testing. Any known vulnerabilities should be patched within 24 hours. In addition we have robust vulnerability management processes in place within Microsoft Azure to identify, triage, and mitigate vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Realtime monitoring is in place to monitor potential compromises.; Microsoft Azure communicates any data breach if it becomes aware of such.; Escalation processes are in place once any compromise is identified.; The degree of compromise will determine resource allocation and urgency of response. In most cases any compromise will be addressed immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Customers can phone or email with incidents. We use an incident management tool (Zoho) that has built-in reporting. In addition we also have procedures for ; - Conducting risk assessments for discovered security incidents.; - Notify clients in the event a security incident occurs.; - Revising our annual Security Risk Analysis and Risk Management Plan as necessary.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  We are committed to Equal Opportunities for all individuals or groups, whilst also, being committed to promoting a positive attitude towards diversity within our Company. We aim to ensure that all employees have the opportunity to maximise their potential and enhance their self-development and their contribution to the Company. ; The aim of our Company is to embrace the differences that various cultures bring into our Company and we also recognise that people from different backgrounds can bring fresh ideas and perceptions, which ultimately can improve our products and services, and our working environment. Managing diversity successfully will help our Company to nurture creativity and innovation, thereby allowing us to tap hidden capacity for growth and improved competitiveness.; Valuing diversity is an effective way of dealing with equal opportunities issues. It emphasises the business and personal benefits that accrue from valuing the differences between people, rather than just complying with the law. We believe that organisations that grasp the additional business opportunities generated by managing diversity effectively are far more likely to enjoy a sustained competitive advantage than those that do not.; The aim of this non-contractual policy is to ensure that every member of staff feels valued at work and is not discriminated against, harassed or bullied, or made to feel under threat or intimidated, either directly, by association or indirectly, on the grounds of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation, or perceived sexual orientation.; We recognise our duty of care to all members of staff and are committed to treating every individual equally in line with this policy and the Equality and Human Rights Commission Code of Practice.

Pricing

• Price: £50 to £100 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at direcht@sidqam.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.