CAREIQ LIMITED

CareIQ

The CareIQ platform enables healthcare teams and patients manage long term conditions by working together.

CareIQ empowers healthcare teams to identify patient cohorts, monitor their health, communicate with them and automate administrative tasks.

Example patient cohorts: QOF, DES, LES, Cancer.
Example automation: blood tests, appointment reminders, health monitoring

Features

• Automates workflows
• Communicates with patients
• Risk stratifies to better prioritise workloads based on health urgency
• Quickly identifies at-risk patients
• Empowers timely, informed decisions when managing chronic patient populations
• Supports GPs comply with best practice e.g. NICE
• Web based dashboard

Benefits

• Improves patient outcomes
• Maximises productivity by reducing administrative workloads with same staffing levels
• Improves staff satisfaction by simplifying administrative workloads
• Reduces mortality and morbidity of long term conditions
• Reduces hospital admissions and adverse health complications
• Reduces health inequalities
• Improves patient access and patient empowerment
• Helps healthcare systems meet regulatory requirements e.g. CQC

£1.00 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@careiq.health. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

361607714418082

Contact

Janu Shan
07758938252
admin@careiq.health

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: CareIQ can be used as a standalone web-based service or used alongside principal clinical systems (such as EMIS, TPP or other EPR & PAS providers). These integrations surface patient information, enable workflow automation, and allow users to save digital communications to the patient’s record.
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Our technology stack is set up to auto-scale as demand requires with no overhead. We achieve this through running our applications on elastic containers with auto-scaling based on CPU / Memory utilisation, and our databases are placed in a pool which allows them to comfortably cope with demand surges. We avoid periods of planned downtime by following a trunk-based development model, enabling continuous improvement.
• System requirements:
  • NHS Mail
  • Reliable internet connection
  • Access to the domains careiq.health domains (including the subdomains)
  • Modern browser (e.g. Google Chrome / Microsoft Edge)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We offer email support with a User Support Specialist Monday to Friday (8:30am to 7pm) and Saturdays (9am to 1pm). We typically respond to all user support emails within 24 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Our webchat support software has been audited against WCAG 2.1 AA guidelines, and is designed for accessibility. Our site uses simple language and minimum words per page, supporting translation tools, e.g., Google Translate.
• Onsite support: Yes, at extra cost
• Support levels: Our User Support function is built on the principle that every user should be able to reach friendly, responsive and user-centred support quickly. It’s also a great channel for direct user feedback so we can continuously improve our product.; ; Beyond our core User Support team, everyone in the CareIQ team has developed a deep understanding of user needs. This is a result of everyone in the company spending time on user support each month and visiting healthcare sites each quarter to gain direct exposure of the problems our product addresses.; ; All of our basic support is free of charge and each query is allocated to a member of the support team who will manage that query to completion.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: CareIQ provides dedicated implementation support in bespoke packages tailored to your organisation's needs. We are able to offer bespoke implementation support, onboarding and training as required. ; ; CareIQ is simple, intuitive and easy to use - in less than 3 minutes a healthcare professional can be set up and communicating with patients, or colleagues about patient care. CareIQ has been designed from the ground up to not require any training for users before they start benefiting from the platform, although we offer bespoke training sessions, both in person and remote, to work with your teams in a way that suits them. ; ; Users get an extensive library of support articles to provide visual demonstrations of all our products.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: When the contract ends - in line with the NHS Digital Data Migration Standard - users or user organisations can request an end-of-contract extract of the data held by CareIQ related to their use of the platform by contacting support@careiq.health
• End-of-contract process: The notice period required is 90 days. Should notice not be served the agreement will auto-renew for a further term.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Healthcare professionals are restricted to the desktop experience to make user of all of the CareIQ features.; ; From a patient perspective, everything that they receive from CareIQ can be done on their mobile phone e.g. SMS, responding to surveys and viewing documents.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: CareIQ products can be used fully integrated with your clinical systems. We provide a web based programme which is primarily used in Primary Care. Both platforms can be integrated with your systems to manage patients and save digital communications to the patient’s record.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Our designers are experienced in web accessibility best practices, communicating these to user researchers to help identify research scope/specific representation needed.; ; Our product development process is iterative with user-centred testing at every stage. We collect research on possible digital journey's, iterate through designs and improve the product based on feedback.; ; As a result, the product enables patient accessibility, through:; -Supporting different communication formats (text/email/video); -Integrating with the patient record, where communication preferences are stored. We pull/display relevant consent codes for communication formats; -Being built on semantic web best practices to ensure translation tools for non-English speakers (such tools include: online translators or Translator Web-Extensions.
• API: Yes
• What users can and can't do using the API: The API is integrated within the vendor's clinical system and the system is activated from within the vendor's clinical system. Users will be unable to make changes or set up through the API.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can manage their system via a web portal. Users can request customisations by CareIQ, once checked.

Scaling

• Independence of resources: Our technology stack is set up to auto-scale as demand requires with no overhead. We achieve this through running our applications on elastic containers with auto-scaling based on CPU / Memory utilisation, and our databases are placed in a pool which allows them to comfortably cope with demand surges.

Analytics

• Service usage metrics: Yes
• Metrics types: Customers have access to their own reporting hub. This dashboard provides a breakdown of features of the CareIQ product. ; ; This data can also be aggregated at a practice, PCN or wider level. Furthermore, the data is presented in a format that allows for exporting into other analytics packages, as required.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: If an organisation, user or patient requests a Documented Data Extract, we will provide a structured file with every piece of Data we hold about them.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee maximum availability by ensuring planned and unplanned downtime is minimised. We do this by carrying out rigorous testing before our products are released.; ; This includes software passing Unit testing, then Integration testing, followed by User Acceptance testing. We also do regular penetration testing of all products. Continuous build integrations incorporate testing automation into the software build and distribution processes. We also use cloud infrastructure to ensure we can respond as quickly as possible in the event of downtime.; ; Our product ethos is to have no downtime or maintenance scheduled because our solution maintenance is ongoing. We believe that scheduled periods of unavailability to perform solution maintenance is outmoded.; ; No refund scheme is currently in place.
• Approach to resilience: Our systems are live and have gone through rigorous testing processes in order to get to this stage.; ; As we are continually developing our products, each iteration goes through rigorous testing processes before going live. Our organisational and project specific test processes are founded on the principle that no software will be shipped without a 100% test pass.; ; This includes software passing Unit testing, Integration testing, followed by User Acceptance testing and Load testing. We also do regular Penetration Testing of all products.; ; Additionally, we practice fully agile methodologies and use the Scrum / Kanban model of agile development for iterative improvements. This includes a retrospective session at the end of each agile development sprint to reflect on testing processes and improvement opportunities.; ; Evidence of our successful Penetration Testing and Load Testing is demonstrated through the availability of CareIQ.; ; Our servers are based in a Amazon Web Services (AWS) data centre, the industry-leading cloud platform with countless compliance offerings.
• Outage reporting: CareIQ's status page, accessible to all practices/CCGs/PCNs, is updated by our DevOps Team with real-time updates for ongoing/past incidents and can be used to check for known issues before contacting the Support Team.; ; When issues are detected that impact system availability, our User Support/Communications Teams actively issue communications via our Help Centre and website. In the unlikely event the system is unavailable, users can contact the Support Team for technical support/guidance.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: A temporary access code / link is emailed to the user, providing a secure passwordless authentication experience
• Access restrictions in management interfaces and support channels: Healthcare practitioners are either authenticated by being required to logon via NHSmail whether they will receive a temporary access code / link and having their associated organisation matched to a whitelist of all practices; or they have a whitelisted email address.; ; Patients are either authenticated by being required to logon via email whether they will receive a temporary access code / link and having their associated information cross checked for security.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Description of management access authentication: A temporary access code / link is emailed to the user, providing a secure passwordless authentication experience

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS Data Security and Protection Toolkit assurance (ODS code 8KM74)
  • Cyber Essentials
  • Cyber Essentials Plus* certification
  • Fully compliant with DCB0129 (assured by NHS Digital for this)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have a policy framework in place that aligns with information security and governance practices based on our certifications and guidelines from the following standards/bodies: NHS Digital (DCB0129, ODS code 8KM74), NHS DSP Toolkit, Cyber Essentials (Plus). ; ; Our policies include: a vulnerability management policy requiring regular penetration testing by an external provider; a secure coding policy requiring privacy and security by design in our product development; Data Protection Impact Assessments for all new products. ; ; CareIQ's servers are based in the London AWS Data Centre. Data sent is encrypted when in transit and at rest.; ; ISO27001 certification is currently in progress.
• Information security policies and processes: We have a policy framework in place that aligns with information security and governance practices based on our certifications and guidelines from the following standards/bodies: NHS Digital (DCB0129, ODS code 8KM74), NHS DSP Toolkit, Cyber Essentials (Plus). ; ; Our policies include, but are not limited to: a vulnerability management policy requiring regular penetration testing by an external provider; a secure coding policy requiring privacy and security by design in our product development; Data Protection Impact Assessments for all new products. ; ; CareIQ's servers are based in the London AWS Data Centre. Data sent is encrypted when in transit and at rest.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All development work goes through a pull request testing process: developers submit completed feature code for review, which is added to the master branch upon passing peer code review. Continuous build integrations incorporate testing automation into the software build and distribution processes. We carry out regular penetration testing of all products to assess for potential security impacts. We run infrastructure as code in our cloud environment and therefore all mentioned controls also apply to our infrastructure changes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We carry out regular penetration testing. We are setting up vulnerability scans on our infrastructure/applications.; ; Vulnerabilities are mitigated as per our vulnerability management policy - high/critical risk vulnerabilities must be mitigated within two weeks.; Updates on our cloud environment/Operating System updates on end-user devices are pushed automatically, ensuring we are always running latest secure versions of OS.; ; We get threat intelligence from RSS feeds/National bodies. Potential threats are identified by internal security team.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We run multiple forms of malware scanning in our environments. We also benefit from continuous scanning by AWS.; ; Once reported through our diligent internal process, we aim to remediate a security incident as soon as possible.
• Incident management type: Supplier-defined controls
• Incident management approach: Users and customers report incidents through our User Support Desk by emailing support@careiq.health. In the case of an incident, we use all our user-facing channels to have an incident reported in to us as well as to provide updates on the status of an incident that we are dealing with. All incidents are captured as reports in our incident management platform, covering incident details, actions taken and incident status. We will provide incident reports on request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks: NHSMail

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  CareIQ helps healthcare interactions become more sustainable.; ; CareIQ's platform helps patients and healthcare teams reduce their carbon footprint. ; ; Patients and healthcare teams reduce significant carbon emissions by communicating electronically (digital letters, sms, reminders) and to reduce the use of paper and postage in their services.; ; As a cloud based software empowering healthcare teams to work remotely, individuals reduce their travel and related carbon emissions.; ; Although the platform is hosted on the cloud (managed by infrastructure providers e.g. AWS), the team at CareIQ continually monitor service efficiency and reduce our carbon footprint where possible.; ; CareIQ is committed to climate change and sustainability.

  Covid-19 recovery

  In line with the NHS’ Delivery Plan for tackling COVID-19, we use our technology infrastructure to service public health and improve the way the NHS delivers planned care. ; ; Patient backlog; ; CareIQ's platform helps teams proactively address their backlog and reduce delays with automation. When patients are deteriorating, teams will be able to quickly identify and prioritise high risk patients.

  Tackling economic inequality

  Digital inclusion; ; CareIQ is used by both patients and healthcare teams. Sometimes the use of new digital platforms can have their own learning challenges. CareIQ helps train users and to develop new digital skills. In line with the UK Government’s 2014 Digital Inclusion Strategy, CareIQ is designed to be usable ‘out-of-the-box’, without the need for training sessions and user manuals. This way, less ‘tech-savvy’ users are not excluded but can be confident in using the tool and have a positive experience with the product.; ; At CareIQ, our product development process involves working cross-functionally with other disciplines, ensuring the product is accessible (notably WCAG 2.1 AA) and is clinically safe. We also lead user research on a continual basis to ensure our software is digitally inclusive so that patients do not miss out.

  Equal opportunity

  As an employer we drive equality of opportunity.; ; CareIQ is an equal opportunities employer and proactively encourages applications from people of all economic and cultural backgrounds.

  Wellbeing

  CareIQ is a company built around health and wellbeing.; ; With this core focus, CareIQ extends its mission of improving health and wellbeing not just to users but also staff.; ; CareIQ achieves this by being very focused on unmet needs and avoid duplicating products where we cannot add value. Our teams spends regular time with user support, and visit clinical settings to ensure we truly understand how we can best support our users health and wellbeing.

Pricing

• Price: £1.00 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: CareIQ can offer a trial version of our solution. This is subject to agreement between CareIQ and the contracting authority

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@careiq.health. Tell them what format you need. It will help if you say what assistive technology you use.