Skip to main content

Help us improve the Digital Marketplace - send your feedback

VERTEX IN HEALTHCARE LIMITED

Patient Portal

The system offers configurable and user themes for personalised viewing of Patient information and allows bookings into systems. It ensures security and allows report and image access. Patients can securely view, download PDF reports, and images. Additionally, a chatbot and bi-directional messaging system provide user assistance seamlessly.

Features

  • Configurable for user preference with User Themes
  • View authorised reports
  • View images securely
  • Download pdf reports
  • Download images DICOM where applicable
  • Image manipulation tools where applicable by role
  • Chatbot for user assistance
  • Bi-directional messaging system
  • Appointment booking
  • Patient tracking

Benefits

  • Online Bookings and self administration
  • secure group share to aid patient collaboration
  • Track patient status in department
  • Image & Report availability indicator
  • Upload documents to drive paperless system
  • Patients’ details can be kept updated via portal
  • Available anywhere and on any device
  • Access to entire patient history
  • Can be integrated to multiple disparate systems

Pricing

£50 to £200.00 a user a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at richard@vertexih.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 4 7 7 3 7 1 9 4 2 5 9 4 1 8

Contact

VERTEX IN HEALTHCARE LIMITED Richard Turner
Telephone: 07568517980
Email: richard@vertexih.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
Require 2fa, device dependency. .
System requirements
  • Internet Connectivity
  • Up to date browser Safari, Edge, Chrome, Firefox

User support

Email or online ticketing support
Email or online ticketing
Support response times
This is dependent on the contract agreement, but our response times vary from 15 - 60 minutes. Critical downtime services calls are responded to immediately based on our service contracts.
four support level examples:

Bronze: Weekday business hours (8:00 AM - 5:00 PM) with an 8-hour maximum response time.
Silver: Weekday business hours (8:00 AM - 5:00 PM) with a 4-hour maximum response time.
Gold: Weekday extended hours (8:00 AM - 12:00 AM) with a 2-hour maximum response time.
Platinum: 24/7 support with a 2-hour maximum response time.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
We use Google's Vertex AI and have not implemented this currently however it is on our Roadmap for the development in the future.
Onsite support
Onsite support
Support levels
We offer four support levels:

Bronze: Weekday business hours (8:00 AM - 5:00 PM)
Silver: Weekday business hours (8:00 AM - 5:00 PM)
Gold: Weekday extended hours (8:00 AM - 12:00 AM)
Platinum: 24/7 support

All tiers include remote support and potential on-site assistance (at our discretion). We never deny support, but charges apply outside chosen hours. Each client receives a dedicated Customer Relations Manager (CRM) for ongoing communication. Our Tier 3 technicians, technical manager and development team provide advanced technical support escalations where necessary.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Vertex in health provides a range of services from migration, technical build and training orchestrated by our Project managers to ensure the adoption of you new Systems is smooth. Initially, we conduct thorough assessments to understand the users' needs and the existing infrastructure. Then, customise the Portal to align with specific workflows and requirements, ensuring seamless integration with existing systems in consultation.
Training is a cornerstone of our support, offering comprehensive programs tailored to different user groups, including radiologists, Radiographers, and administrative staff. These sessions cover everything from basic navigation to advanced functionalities, empowering users to maximise the system's capabilities efficiently and workflows.
We provide ongoing technical support post-implementation to agreed OLA and SLA’s, addressing any issues promptly and ensuring smooth operation. We actively use feedback mechanisms to continuously improve the system's usability and functionality based on user experiences.
We act as partner in the transition, guiding users through the implementation process and beyond, ultimately enabling you to leverage the systems effectively.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At the end of a contract transparent communication and meticulous planning are paramount and collaborate closely with NHS stakeholders to outline data extraction procedures well in advance of the contract expiration seeking to make the process and smooth a possible.
We provide a comprehensive data extraction toolkit, including guidelines, scripts, and software tools tailored to the NHS's data format and security requirements. This toolkit facilitates the extraction of patient records, imaging data, reports, and any associated metadata while ensuring compliance with data protection regulations like GDPR.
Users can extract their data using these tools under the guidance of our IT professionals, ensuring a smooth transition to alternative systems or archiving solutions. Additionally, we offer training sessions and dedicated support channels assists users in navigating the extraction process effectively.
Upon completion, we verify the integrity and completeness of the extracted data through rigorous quality assurance measures. Clear documentation of the extraction process and data formats ensures accountability and facilitates future access if needed, even after the contract ends.
End-of-contract process
At the end-of-contract process, meticulous planning and clear communication are essential. At the end of the contract, we conducts a comprehensive review with NHS stakeholders to finalise the transition plan. This involves facilitating data extraction, system decommissioning, and handover procedures to ensure minimal disruption to healthcare services. Also where required the safe and secure disposal of hard drives.
Included in the price of the contract are core services including maintenance, technical support, and supporting of migration of data in generally accepted formats to ensure system functionality and compliance and exit planning. Additional costs may arise for customisation beyond the agreed scope, specialised training programs, or on-demand technical support outside the contract's service level agreement.
During the transition, we provides documentation and guidance to NHS staff and chosen supplier on data migration, ensuring the integrity and security of patient records and imaging data. We also facilitate knowledge transfer sessions to empower NHS personnel in managing the system independently post-contract. Throughout the process, transparent communication and collaboration foster a smooth transition and maintain positive relationships all parties.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The major differences between desktop and mobile devices would be screen resolution, user interaction ie. touch enabled however the mobile version has less functionality compared to the desktop version. In essence the mobile device will be a lite version of the desktop version.
Service interface
No
User support accessibility
WCAG 2.1 A
API
Yes
What users can and can't do using the API
Authorised users can create patient, order records, update records, retrieve records, tracking of orders, scheduling, result access and images. Users cannot delete logs, records and or any other auditing information.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
As part of the deployment we conduct a capacity planning assessments and this is also repeated regularly during the lifetime of the contact, to anticipate future demand and ensure that the IT infrastructure supporting DOR can handle the expected workload without degradation in performance. Our solutions are designed to be scalable, allowing for easy expansion of resources such as storage capacity, processing power and network bandwidth to accommodate increased user demand as needed. We also implement resource allocation mechanisms to prioritise critical tasks and allocate system resources based on priority and urgency or user requests.

Analytics

Service usage metrics
Yes
Metrics types
Include Surgery Start Time Adherence, Turnover Time, Surgical Case Volume, Equipment Downtime, Surgical Site Infections (SSIs) rate, Staff Utilisation, Patient Wait Time, and Theatre Efficiency. These metrics measure efficiency, patient safety, resource utilisation, and operational effectiveness, ensuring surgeries start on schedule, minimizing downtime between procedures, optimising staff deployment, and enhancing patient satisfaction while maintaining high standards of care and infection control.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Our platform offers users a seamless process to export their data efficiently. With the ability to search and filter their data, users can ensure they have the correct results before proceeding. The system provides the option to export data in various formats such as CSV, XML and XLS, enabling users to utilise the information outside of our system. Additionally, the system is equipped with user rights and privileges, ensuring security and control over data access. A full audit trail is maintained to track user activities, access and search results. User rights are configured based on client requirements.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • PDF
  • XML
  • XLSX
  • Sheets
  • Customisablee, depending on customer requirements
Data import formats
  • CSV
  • Other
Other data import formats
  • PDF
  • XML
  • XLSX
  • Sheets
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
Other
Other protection within supplier network
We use TCP connection which is secured through a dual-layered RSA and AES encryption with username and password authentication.

Availability and resilience

Guaranteed availability
We provide SLA 99.99% availability guarantee on our software services excluding planned down time. and a 99.999% uptime guarantee on server hardware components provided by public cloud resource providers. Scheduled downtime for product improvements are limited to 12 hours a year.
Approach to resilience
Our system is engineered for resilience through a multifaceted approach. We employ robust disaster recovery plans, incorporating regular snapshots to capture systems states. In addition, our system integrates retry logic to handle potential failure seamlessly. Access control is enforced through meticulous user role management, ensuring only authorised personnel have appropriate system permissions. Comprehensive logging of all events provides valuable insights for troubleshooting and auditing purposes.
Outage reporting
We use an agent-based monitoring solution on our servers. This solution allows for the monitoring of all logs and services on our devices, which typically occurs every 5 minutes. The solution employs self-healing capabilities which attempt to correct any failure, should they occur. Our support teams have access to monitoring dashboards which show the current, and report on historical statuses of what is being monitored. In addition, email alerts are automatically sent to our help desk should any monitored item fall into a failed state that could not be self-healed.

Identity and authentication

User authentication needed
Yes
User authentication
Other
Other user authentication
We have roll based security which we use to restrict access to various functions for the users.
Access restrictions in management interfaces and support channels
We have roll based security which we use to restrict access to various functions for the users.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
CSA CCM version 3.0
Information security policies and processes
All staff receive information governance training yearly. We have a Caldicott Guardian and a Senior Information Risk Owner (SIRO). We have information risk registers, information asset registers etc. All staff are aware that any breaches are reported directly to the SIRO, and the SIRO then reports on to the Information Owners (our capacity is as information processor and never owner). We apply all of the principles laid out in both of these information security policies in the design of our systems. We have role based access control, pseudonymisation where necessary, no clearly identifiable personal data etc. We also comply with the NHS Code of Practice – Confidentiality and the Data Protection Act.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
1. Change Management: Following a Request for Change (RFC) it is submitted as an RFC. The RFC includes details like reasons for change, risks, benefits, proposed implementation plan, and impact analysis either from us or our clients.
2. Configuration Management: All components are identified as Configuration Items (CI), and a Configuration Management Database (CMDB) is maintained.
3. Integration between Change and Configuration Management: Any changes implemented through the Change Management process are reflected in the CMDB for your site.
4. Continuous Improvement: Regular reviews of the Change and Configuration Management processes are conducted.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We use risk assessments using tools HRVA and FMEA1. Patches are deployed swiftly, within 48 hours for critical issues, using automated systems. Information on threats is sourced from a number of advisories and threat intelligence feeds. Continuous monitoring and staff training ensure system integrity and security awareness.
We use N-Able N-Central remotely manages and secure systems allowing for the automation of various tasks, deployment of software patches (Microsoft and 3rd Party), sends out help desk alerts, allows for remote access to devices for troubleshooting.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We user N-Central and SentinelOne EDR combine forces to provide a layered approach to protective monitoring. SentinelOne's agent continuously monitors endpoints for suspicious activities. It utilises advanced techniques like machine learning and behavioural analysis to detect threats that traditional antivirus signatures might miss. This vigilance helps identify potential compromises in their early stages.

This integration between N-Central and SentinelOne EDR enables a proactive approach to security. By continuously monitoring, identifying, and responding to threats, you can significantly improve your overall security posture. The rapid response provided minimises potential damage and downtime caused by the incident.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have pre-defined processes for common events, like system errors or downtime categorising from denial-of-service severity 1 to a Severity 4 minor and fix timing are managed accordingly as agreed in OLA sections of a Contract. Users report incidents through a dedicated helpdesk. Incident reports are provided through monthly via email, detailing incident status, resolution progress, and any follow-up actions. Reviews take place quarterly on our performance. Continuous refinement of processes based on incident data analysis ensures efficient incident resolution to minimise disruptions to services, adhering to ITIL standards while meeting the specific needs of healthcare operations in the NHS.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Following the Covid pandemic, Vertex In Healthcare has realigned many of its' services to be delivered remotely which has assisted with additional environmental benefits in the performance of the service including working towards net zero greenhouse gas emissions. Vertex In Health is committed to achieving Net Zero emissions by 2025. Although we utilise digital technology for meetings, our hybrid model is flexible to meet the needs of our clients and our policies reflect the most carbon neutral method of attending site. We have a ‘no printing’ policy for all of our documents and our staff are trained and supported through this adoption. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagements

Covid-19 recovery

Providing services and can play a crucial role in supporting the organisations and its businesses to manage and recover from the impacts of COVID-19 including:
1. Tele Solutions: Implementing or enhancing tele training and support platforms to enable remote consultations, remote support, training and monitoring of results.
2. Remote Work Enablement: Facilitating remote work capabilities has been a core part of Vertex In Health organisation strategy and delivery for staff through secure virtual private networks (VPNs), cloud-based collaboration tools, and robust cybersecurity measures. This ensures essential Vertex In Health services and operations can continue while minimizing the risk of virus spread among employees. This is also applied to our clients using a range of tele solutions cloud based platforms allow us to deliver services remotely.
3. Virtual Training and Education: Developing virtual training programs and educational materials for healthcare professionals to stay updated on COVID-19 protocols, treatment guidelines, and best practices. This ensures staff members are well-equipped to deliver quality care amidst evolving circumstances.
4. Remote Monitoring and IoT Solutions: Deploying remote monitoring devices and Internet of Things (IoT) solutions to track patient vital signs, medication adherence, and disease progression from a distance. This allows healthcare providers to intervene early and prevent complications, particularly for patients recovering from COVID-19 at home.
5. Continuous Improvement and Adaptation: Regularly assessing the effectiveness of implemented measures through feedback mechanisms, performance metrics, and stakeholder consultations. This ensures that solutions remain aligned with evolving needs and challenges, with adjustments made as necessary to optimise outcomes.
6. Scalability and Flexibility: Designing solutions with scalability and flexibility in mind to accommodate changing requirements and fluctuating demand levels. This includes modular architectures, cloud-native platforms, and agile development methodologies to rapidly deploy, iterate, and scale innovative ways of working as needed

Tackling economic inequality

Vertex In Health is experienced in creating employment opportunities particularly for those who face barriers to employment and/or who are in deprived areas. We have also been involved in creating employment and training opportunities, particularly for people in healthcare sectors with known skills shortages. Additionally supporting educational attainment relevant to the service, including training schemes that address skills gaps and result in recognised qualifications.

Equal opportunity

Vertex In Health policies and practices foster a diverse and inclusive workplace culture, including recruitment practices, training programs, and employee resource groups are well developed and all staff are assessed for their fit to both the role and the cultural expectations needed in our workplace and customers. We regularly review and update the strategy in consultation with relevant stakeholders and staff to ensure alignment with best practices and evolving needs.

Wellbeing

We have an internal, named champion, who leads on our initiatives to promote health and wellbeing among our teams. We extend this initiative to the wider community engaged in our delivery projects. We acknowledge that when the teams are working away from homes that this can add to the pressure of project deadlines and we have regular ‘touch points’ with our teams with early intervention and support to protect mental health and foster an open and inclusive team working environment. If necessary we signpost additional support available. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagements

Pricing

Price
£50 to £200.00 a user a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at richard@vertexih.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.