Kinseed

MediWork - Occupational Healthcare Platform

MediWork is an occupational healthcare solution, streamlining processes like pre-placement, case management, employee health assessments, sick leave management, and return-to-work procedures. It promotes employee wellbeing, ensures compliance with health regulations, and fosters productivity.

Features

• Onboarding, workplace or residential assessment
• Comprehensive health assessments for employee wellbeing evaluation.
• Streamline sickness management, including tracking and return-to-work.
• Universal Health Modules, eye, respiratory, skin health & more.
• Support employees returning to work after illness or injury.
• Monitor health trends for early issue detection and intervention.
• Ensure compliance with occupational health regulations and standards.
• Specialised software for advanced immunisation management and reporting.
• Seamless integration with existing ESR/HR and healthcare systems.
• Automation and process optimisation with AI/ML and event-driven architecture.

Benefits

• Cross-platform connectivity and interoperability
• Secure device connection and data encryption
• Integrated experience,extremely simple, easy to use UI.
• Promotes employee health with comprehensive assessments and proactive monitoring.
• Provides insights for informed decision-making and continuous improvement strategies.
• Enhances productivity and fosters a healthier workplace culture.
• Simplifies sick leave management, reducing administrative burden and ensuring compliance.
• Offers customisable workflows to adapt to the specific needs.
• Knowledge management - teach new healthcare professionals.
• Enable fulfilling Audit/compliance requirements.

£11.99 to £99.50 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pal.bhusate@kinseed.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

357690971837306

Contact

Dr. Pal Bhusate
+447810816231
pal.bhusate@kinseed.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Data can be stored encrypted in non-identifiable format on Azure datacentres, or on-premises / on our own localised cloud servers (at customer option)
• System requirements: Web connected device (PC, Tablet, Phone)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Initial response within 30 minutes to confirm ticket has been logged and is being investigated. Initial engineer response is dependent on SLA - but usually within 24 hours.; ; IT should be noted that 24/7 support, based on agreed SLAs for different business units and services - all at a negotiable flat rate
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard 8am - 8pm Monday to Friday through Phone and email. Account manager will manage all interactions, but client can choose to directly contact engineering team. However, 24/7 support or specific support cost to be agreed with client based on their requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial accounts are set up, on-site training is provided if requested, and training / instructional materials and videos are available to all users.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats:
  • Powerpoint - for onward use
  • Powerpoint for onward use
• End-of-contract data extraction: All data is exported to a standard, secured data-export (as XML, JSON, or other requested format), and can be distributed to user through any standard method of file transfer.
• End-of-contract process: Contract provides continuance of service and support. At end of contract, data will be archived and sent / stored by customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All features are available on the Mobile web interface, which are available on Desktop sizes - the site is simply re-scaled to make the interface more accessible when accessed through a mobile browser as well as mobile native iOS application.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: Swiftcare can integrate with any open standards APIs or message based systems. Open APIs allow for any Clinical Information System / Research Platform to make full use of data.; MediPipe - a near real-time data extract / transform / load application with API access to all data stored in SwiftCare and connectors to over 200 target datastores for data analytics services (e.g. PowerBI, Snowflake, etc.)
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Fields, structure, and format of data can be customised based on the agreed design and development process to match local business workflows.

Scaling

• Independence of resources: Independent instances on cloud services, live rollon / rolloff of processing power, RAM, Hard drive space, and other resources based on live backend monitoring.

Analytics

• Service usage metrics: Yes
• Metrics types: User logins, time on service, data used, records created / edited - full CRUD analytics on database, timestamps on all transactional changes.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: In-built exporting and interfacing with medical informatics allows continual export of data. Users are able to generate reports and facilitate export of data on demand. Users can request support to manually extract data in any required standard format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • JSON
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: In-flight encrypted data (AES, RSA)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.9% uptime, 24/7 availability
• Approach to resilience: Failover / rollover servers, continual secure backup processes enable resilience of data. Round-the-clock monitoring allows services to be fixed before trouble arises.
• Outage reporting: Email alerts are sent to all users, key contacts are telephoned personally.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access controll is based fine grain Role Base Access (RBAC). Specific user accounts and provisions for management interfaces restrict access to only named individuals. Secure login and access provided through previously identified means, and continual login monitoring identifies unauthorised access "as it happens".
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 22/09/2017
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ICO - Cert ref: ZA178776
  • ISO9001
  • NHS Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO/IEC 27001 certification - Yes Who accredited the ISO/IEC 27001 - QMS International ISO/IEC 27001 accreditation date - 22/09/2017 All customer information is encrypted at rest and in transit. All employees and staff are fully trained on security considerations and a regular review / audit of our end to end security exposure is conducted. Implementing ISO 27001:2013 involves 114 specific security measures, organised into 14 sections, followed by a ongoing 3-stage audit process. The 14 sections are as follows: Information security policies, Organisation of information security, Human resources security, Asset management, Access control, Cryptography, Physical and environmental security, Operations security, Communications security, Systems acquisition, development and maintenance, Supplier relationships, Information security incident management, Information security aspects of business continuity management, Compliance, Cyber Essential and Cyber Essential Plus Certified NHS Digital Took Kit - Exceed Standards Annual Penetration Testing - external party ICO - Registered

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components are managed and measured for efficacy and availability throughout their lifecycle. Continual monitoring of security vulnerabilities and issues helps ensure team provide immediate as-and-when patching / securing of environment.; All changes are managed and control using Microsoft DevOps digital tool.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Continual monitoring based on third party provider recommendations and published vulnerability assessments. Also for our systems, the client security team have also validated our controls and given the approval as it fulfils the NHS Trust security protocols. As and when a change process is triggered by us or client, we follow the formal change procedure agreed by the client with appropriate release notes for patch deployment.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Direct monitoring of network activity, logins, and server processes. We use auto operational management tools that provides the necessary alerts in case of events on the network. As we provide 24/7 support capability, we take immediate actions to (ERIC) Eliminate, Reduce, Isolate and control the situation in line with our ISO 27001 standards. All the risks and controls are identified in the Clinical Safety Case and are managed in line with the NHS Trusts agreed process. We will respond to all incidents immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: All incidents are categorised as Low, Medium, High. However, immediate remediative action is performed by dedicated personnel within the organisation, and all incidents are investigated through to deep root cause analysis regardless of the category type. We use Microsoft CRM tool to keep track of all incidents logged and we monitor the progress until case completion.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At SwiftCare, our commitment to reducing carbon emissions and achieving Net-Zero by 2030 aligns with Crown Commercial Standards. We design and deploy sustainable digital tools for clinical teams, contributing to lower CO2 emissions. Shared cloud infrastructure and the integration of IoT/edge compute technologies enable real-time event handling in remote healthcare, a crucial step towards a 'Net Zero' NHS. To stay aligned with healthcare's sustainability goals, we collaborate with the NHS and Crown Commercial to review our practices and set achievable emission reduction targets. Our MediWork application, designed for occupational health management, streamlines workflows and reduces the need for travel, supporting sustainable healthcare innovation.; ; We focus on Scope 3 emissions, targeting transportation/distribution, business/employee travel, and waste management. Upstream activities like transportation/distribution involve rebuilding computers with refurbished hardware and using cloud-first solutions like Microsoft Online to reduce carbon usage. Our remote workspace/hybrid working model significantly reduces carbon emissions from employee commuting and building energy usage. Waste management practices include scanning and archiving physical letters before recycling and responsibly recycling outdated hardware.; ; Our office implements energy-efficient initiatives such as auto management of utilities and maintaining a cooler environment during warmer days. Looking ahead, we plan to enhance our policies to minimize business travel, utilize reputable carbon offsetting sources for necessary trips, and assess our entire supply chain to ensure alignment with or surpassing Carbon Neutral practices.

  Covid-19 recovery

  We maintain a close partnership with NHS clinical teams to craft and refine digital solutions, addressing operational and data management gaps highlighted during the pandemic. Our solutions have significantly impacted:; ; - Improving patient experience - Providing care at local settings or directing patients to the appropriate care pathway on the first attempt.; - Decreasing costs (or optimization) - demonstrated the attendance to emergency department visits by 50%.; - Enhancing health outcomes - Offering clinical experts' guidance to remote teams on a timely basis.; - Improving clinician experience - Eliminating the need for extensive training in the use of our solutions by teams.

  Tackling economic inequality

  Addressing economic inequality requires a comprehensive approach that tackles systemic barriers and promotes inclusive growth. At Kinseed, we're dedicated to playing our part by fostering equal opportunity through our hiring practices, internal policies, and community initiatives. We prioritise diversity and inclusion, ensuring individuals from all backgrounds have the chance to thrive within our organisation. Additionally, we support programmes and partnerships aimed at providing economic opportunities to underserved communities. Through investments in education, mentorship, and job creation, we believe we can contribute to narrowing the economic gap and building a more equitable society.; ; Furthermore, the design of our solutions, particularly MediWork Occupational HealthCare Solution, is tailored to address affordability challenges faced by small to medium-sized enterprises in managing the health and wellbeing of their employees.

  Equal opportunity

  Kinseed operates on the principles of equal opportunity and maintains an open-door policy, allowing individuals to utilise their natural talents and advance within the company. We are dedicated to fostering a working environment free from discrimination based on race, sex, pregnancy and maternity, marital or civil partnership status, gender reassignment, disability, religion or beliefs, age, sexual orientation, social or economic status. Our Internal Employee Policies aim to eliminate unfair and discriminatory practices and encourage full participation from our diverse community.; ; In our hiring process, we consider three key elements:; ; Can do: assessing if the individual possesses the necessary skills and experience for the job.; Will do: determining if the individual is genuinely interested in the role and aligned with their passion and purpose.; Will fit: ensuring alignment between the company's values and the individual's values to enhance their working experience.; Given the highly regulated nature of our sector, we conduct security checks to safeguard both our business and our customers' interests. Additionally, our CEO provides mentorship to young people, especially those from underprivileged backgrounds, to ease their transition from academia to the workforce. Our Chief Commercial Officer serves as a board member for a charity supporting children and young people with autism. We offer student work experience opportunities and recently hired a graduate who struggled to find employment despite achieving a first-class honours degree from a reputable London university in 2020.; ; While certain resources mentioned are prioritised for the project, we are flexible and inclusive in our approach, welcoming other specialists to contribute to both UX and technical delivery. Our priority is to ensure a successful outcome for the Trust while aligning with our values and internal CSR policy. We are open to discussing the best approach that aligns with the Trust's values and internal CSR policy.

  Wellbeing

  Kinseed, as a small company recognises the important of health and wellbeing. Kinseed's CEO previously held the role; of Health & Safety and Compliance Officer, promoting health and wellbeing within the company. Kinseed, supported by; Occupational Healthcare specialist are designing a SwiftCare MediWork, Occupational Healthcare (OH) Operational tool; allow OH specialist to service a greater population remotely, including delivering more services. Increasing clinical; consultation capabilities by delivery of evidence-based healthcare services to the employed population we will help to; reduce the burden on the NHS. We are delivering an affordable and sustainable Occupational Health Platform that will; provide integration of specialist equipment which would enable employee /patients to undertake assessments in the; workplace (home or on-site), whilst analytical tools can be used remotely to assess the information provided and video; conferencing to communicate with the employee. ; As part of the above innovative approach, we hold internal sessions supported by Occupational Health expert to guide; the leadership and employees the importance of both physical and mental well-being.

Pricing

• Price: £11.99 to £99.50 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pal.bhusate@kinseed.com. Tell them what format you need. It will help if you say what assistive technology you use.