Patient Portal
The system offers configurable and user themes for personalised viewing of Patient information and allows bookings into systems. It ensures security and allows report and image access. Patients can securely view, download PDF reports, and images. Additionally, a chatbot and bi-directional messaging system provide user assistance seamlessly.
Features
- Configurable for user preference with User Themes
- View authorised reports
- View images securely
- Download pdf reports
- Download images DICOM where applicable
- Image manipulation tools where applicable by role
- Chatbot for user assistance
- Bi-directional messaging system
- Appointment booking
- Patient tracking
Benefits
- Online Bookings and self administration
- secure group share to aid patient collaboration
- Track patient status in department
- Image & Report availability indicator
- Upload documents to drive paperless system
- Patients’ details can be kept updated via portal
- Available anywhere and on any device
- Access to entire patient history
- Can be integrated to multiple disparate systems
Pricing
£50 to £200.00 a user a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
3 4 7 7 3 7 1 9 4 2 5 9 4 1 8
Contact
VERTEX IN HEALTHCARE LIMITED
Richard Turner
Telephone: 07568517980
Email: richard@vertexih.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- Require 2fa, device dependency. .
- System requirements
-
- Internet Connectivity
- Up to date browser Safari, Edge, Chrome, Firefox
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
This is dependent on the contract agreement, but our response times vary from 15 - 60 minutes. Critical downtime services calls are responded to immediately based on our service contracts.
four support level examples:
Bronze: Weekday business hours (8:00 AM - 5:00 PM) with an 8-hour maximum response time.
Silver: Weekday business hours (8:00 AM - 5:00 PM) with a 4-hour maximum response time.
Gold: Weekday extended hours (8:00 AM - 12:00 AM) with a 2-hour maximum response time.
Platinum: 24/7 support with a 2-hour maximum response time. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- We use Google's Vertex AI and have not implemented this currently however it is on our Roadmap for the development in the future.
- Onsite support
- Onsite support
- Support levels
-
We offer four support levels:
Bronze: Weekday business hours (8:00 AM - 5:00 PM)
Silver: Weekday business hours (8:00 AM - 5:00 PM)
Gold: Weekday extended hours (8:00 AM - 12:00 AM)
Platinum: 24/7 support
All tiers include remote support and potential on-site assistance (at our discretion). We never deny support, but charges apply outside chosen hours. Each client receives a dedicated Customer Relations Manager (CRM) for ongoing communication. Our Tier 3 technicians, technical manager and development team provide advanced technical support escalations where necessary. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Vertex in health provides a range of services from migration, technical build and training orchestrated by our Project managers to ensure the adoption of you new Systems is smooth. Initially, we conduct thorough assessments to understand the users' needs and the existing infrastructure. Then, customise the Portal to align with specific workflows and requirements, ensuring seamless integration with existing systems in consultation.
Training is a cornerstone of our support, offering comprehensive programs tailored to different user groups, including radiologists, Radiographers, and administrative staff. These sessions cover everything from basic navigation to advanced functionalities, empowering users to maximise the system's capabilities efficiently and workflows.
We provide ongoing technical support post-implementation to agreed OLA and SLA’s, addressing any issues promptly and ensuring smooth operation. We actively use feedback mechanisms to continuously improve the system's usability and functionality based on user experiences.
We act as partner in the transition, guiding users through the implementation process and beyond, ultimately enabling you to leverage the systems effectively. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
At the end of a contract transparent communication and meticulous planning are paramount and collaborate closely with NHS stakeholders to outline data extraction procedures well in advance of the contract expiration seeking to make the process and smooth a possible.
We provide a comprehensive data extraction toolkit, including guidelines, scripts, and software tools tailored to the NHS's data format and security requirements. This toolkit facilitates the extraction of patient records, imaging data, reports, and any associated metadata while ensuring compliance with data protection regulations like GDPR.
Users can extract their data using these tools under the guidance of our IT professionals, ensuring a smooth transition to alternative systems or archiving solutions. Additionally, we offer training sessions and dedicated support channels assists users in navigating the extraction process effectively.
Upon completion, we verify the integrity and completeness of the extracted data through rigorous quality assurance measures. Clear documentation of the extraction process and data formats ensures accountability and facilitates future access if needed, even after the contract ends. - End-of-contract process
-
At the end-of-contract process, meticulous planning and clear communication are essential. At the end of the contract, we conducts a comprehensive review with NHS stakeholders to finalise the transition plan. This involves facilitating data extraction, system decommissioning, and handover procedures to ensure minimal disruption to healthcare services. Also where required the safe and secure disposal of hard drives.
Included in the price of the contract are core services including maintenance, technical support, and supporting of migration of data in generally accepted formats to ensure system functionality and compliance and exit planning. Additional costs may arise for customisation beyond the agreed scope, specialised training programs, or on-demand technical support outside the contract's service level agreement.
During the transition, we provides documentation and guidance to NHS staff and chosen supplier on data migration, ensuring the integrity and security of patient records and imaging data. We also facilitate knowledge transfer sessions to empower NHS personnel in managing the system independently post-contract. Throughout the process, transparent communication and collaboration foster a smooth transition and maintain positive relationships all parties.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The major differences between desktop and mobile devices would be screen resolution, user interaction ie. touch enabled however the mobile version has less functionality compared to the desktop version. In essence the mobile device will be a lite version of the desktop version.
- Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
- Authorised users can create patient, order records, update records, retrieve records, tracking of orders, scheduling, result access and images. Users cannot delete logs, records and or any other auditing information.
- API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- No
Scaling
- Independence of resources
- As part of the deployment we conduct a capacity planning assessments and this is also repeated regularly during the lifetime of the contact, to anticipate future demand and ensure that the IT infrastructure supporting DOR can handle the expected workload without degradation in performance. Our solutions are designed to be scalable, allowing for easy expansion of resources such as storage capacity, processing power and network bandwidth to accommodate increased user demand as needed. We also implement resource allocation mechanisms to prioritise critical tasks and allocate system resources based on priority and urgency or user requests.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Include Surgery Start Time Adherence, Turnover Time, Surgical Case Volume, Equipment Downtime, Surgical Site Infections (SSIs) rate, Staff Utilisation, Patient Wait Time, and Theatre Efficiency. These metrics measure efficiency, patient safety, resource utilisation, and operational effectiveness, ensuring surgeries start on schedule, minimizing downtime between procedures, optimising staff deployment, and enhancing patient satisfaction while maintaining high standards of care and infection control.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Our platform offers users a seamless process to export their data efficiently. With the ability to search and filter their data, users can ensure they have the correct results before proceeding. The system provides the option to export data in various formats such as CSV, XML and XLS, enabling users to utilise the information outside of our system. Additionally, the system is equipped with user rights and privileges, ensuring security and control over data access. A full audit trail is maintained to track user activities, access and search results. User rights are configured based on client requirements.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- XML
- XLSX
- Sheets
- Customisablee, depending on customer requirements
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XML
- XLSX
- Sheets
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Other
- Other protection within supplier network
- We use TCP connection which is secured through a dual-layered RSA and AES encryption with username and password authentication.
Availability and resilience
- Guaranteed availability
- We provide SLA 99.99% availability guarantee on our software services excluding planned down time. and a 99.999% uptime guarantee on server hardware components provided by public cloud resource providers. Scheduled downtime for product improvements are limited to 12 hours a year.
- Approach to resilience
- Our system is engineered for resilience through a multifaceted approach. We employ robust disaster recovery plans, incorporating regular snapshots to capture systems states. In addition, our system integrates retry logic to handle potential failure seamlessly. Access control is enforced through meticulous user role management, ensuring only authorised personnel have appropriate system permissions. Comprehensive logging of all events provides valuable insights for troubleshooting and auditing purposes.
- Outage reporting
- We use an agent-based monitoring solution on our servers. This solution allows for the monitoring of all logs and services on our devices, which typically occurs every 5 minutes. The solution employs self-healing capabilities which attempt to correct any failure, should they occur. Our support teams have access to monitoring dashboards which show the current, and report on historical statuses of what is being monitored. In addition, email alerts are automatically sent to our help desk should any monitored item fall into a failed state that could not be self-healed.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Other
- Other user authentication
- We have roll based security which we use to restrict access to various functions for the users.
- Access restrictions in management interfaces and support channels
- We have roll based security which we use to restrict access to various functions for the users.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- CSA CCM version 3.0
- Information security policies and processes
- All staff receive information governance training yearly. We have a Caldicott Guardian and a Senior Information Risk Owner (SIRO). We have information risk registers, information asset registers etc. All staff are aware that any breaches are reported directly to the SIRO, and the SIRO then reports on to the Information Owners (our capacity is as information processor and never owner). We apply all of the principles laid out in both of these information security policies in the design of our systems. We have role based access control, pseudonymisation where necessary, no clearly identifiable personal data etc. We also comply with the NHS Code of Practice – Confidentiality and the Data Protection Act.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
1. Change Management: Following a Request for Change (RFC) it is submitted as an RFC. The RFC includes details like reasons for change, risks, benefits, proposed implementation plan, and impact analysis either from us or our clients.
2. Configuration Management: All components are identified as Configuration Items (CI), and a Configuration Management Database (CMDB) is maintained.
3. Integration between Change and Configuration Management: Any changes implemented through the Change Management process are reflected in the CMDB for your site.
4. Continuous Improvement: Regular reviews of the Change and Configuration Management processes are conducted. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
We use risk assessments using tools HRVA and FMEA1. Patches are deployed swiftly, within 48 hours for critical issues, using automated systems. Information on threats is sourced from a number of advisories and threat intelligence feeds. Continuous monitoring and staff training ensure system integrity and security awareness.
We use N-Able N-Central remotely manages and secure systems allowing for the automation of various tasks, deployment of software patches (Microsoft and 3rd Party), sends out help desk alerts, allows for remote access to devices for troubleshooting. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We user N-Central and SentinelOne EDR combine forces to provide a layered approach to protective monitoring. SentinelOne's agent continuously monitors endpoints for suspicious activities. It utilises advanced techniques like machine learning and behavioural analysis to detect threats that traditional antivirus signatures might miss. This vigilance helps identify potential compromises in their early stages.
This integration between N-Central and SentinelOne EDR enables a proactive approach to security. By continuously monitoring, identifying, and responding to threats, you can significantly improve your overall security posture. The rapid response provided minimises potential damage and downtime caused by the incident. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- We have pre-defined processes for common events, like system errors or downtime categorising from denial-of-service severity 1 to a Severity 4 minor and fix timing are managed accordingly as agreed in OLA sections of a Contract. Users report incidents through a dedicated helpdesk. Incident reports are provided through monthly via email, detailing incident status, resolution progress, and any follow-up actions. Reviews take place quarterly on our performance. Continuous refinement of processes based on incident data analysis ensures efficient incident resolution to minimise disruptions to services, adhering to ITIL standards while meeting the specific needs of healthcare operations in the NHS.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Following the Covid pandemic, Vertex In Healthcare has realigned many of its' services to be delivered remotely which has assisted with additional environmental benefits in the performance of the service including working towards net zero greenhouse gas emissions. Vertex In Health is committed to achieving Net Zero emissions by 2025. Although we utilise digital technology for meetings, our hybrid model is flexible to meet the needs of our clients and our policies reflect the most carbon neutral method of attending site. We have a ‘no printing’ policy for all of our documents and our staff are trained and supported through this adoption. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagementsCovid-19 recovery
Providing services and can play a crucial role in supporting the organisations and its businesses to manage and recover from the impacts of COVID-19 including:
1. Tele Solutions: Implementing or enhancing tele training and support platforms to enable remote consultations, remote support, training and monitoring of results.
2. Remote Work Enablement: Facilitating remote work capabilities has been a core part of Vertex In Health organisation strategy and delivery for staff through secure virtual private networks (VPNs), cloud-based collaboration tools, and robust cybersecurity measures. This ensures essential Vertex In Health services and operations can continue while minimizing the risk of virus spread among employees. This is also applied to our clients using a range of tele solutions cloud based platforms allow us to deliver services remotely.
3. Virtual Training and Education: Developing virtual training programs and educational materials for healthcare professionals to stay updated on COVID-19 protocols, treatment guidelines, and best practices. This ensures staff members are well-equipped to deliver quality care amidst evolving circumstances.
4. Remote Monitoring and IoT Solutions: Deploying remote monitoring devices and Internet of Things (IoT) solutions to track patient vital signs, medication adherence, and disease progression from a distance. This allows healthcare providers to intervene early and prevent complications, particularly for patients recovering from COVID-19 at home.
5. Continuous Improvement and Adaptation: Regularly assessing the effectiveness of implemented measures through feedback mechanisms, performance metrics, and stakeholder consultations. This ensures that solutions remain aligned with evolving needs and challenges, with adjustments made as necessary to optimise outcomes.
6. Scalability and Flexibility: Designing solutions with scalability and flexibility in mind to accommodate changing requirements and fluctuating demand levels. This includes modular architectures, cloud-native platforms, and agile development methodologies to rapidly deploy, iterate, and scale innovative ways of working as neededTackling economic inequality
Vertex In Health is experienced in creating employment opportunities particularly for those who face barriers to employment and/or who are in deprived areas. We have also been involved in creating employment and training opportunities, particularly for people in healthcare sectors with known skills shortages. Additionally supporting educational attainment relevant to the service, including training schemes that address skills gaps and result in recognised qualifications.Equal opportunity
Vertex In Health policies and practices foster a diverse and inclusive workplace culture, including recruitment practices, training programs, and employee resource groups are well developed and all staff are assessed for their fit to both the role and the cultural expectations needed in our workplace and customers. We regularly review and update the strategy in consultation with relevant stakeholders and staff to ensure alignment with best practices and evolving needs.Wellbeing
We have an internal, named champion, who leads on our initiatives to promote health and wellbeing among our teams. We extend this initiative to the wider community engaged in our delivery projects. We acknowledge that when the teams are working away from homes that this can add to the pressure of project deadlines and we have regular ‘touch points’ with our teams with early intervention and support to protect mental health and foster an open and inclusive team working environment. If necessary we signpost additional support available. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagements
Pricing
- Price
- £50 to £200.00 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- No