IQVIA LTD.

IQVIA Hospital Information System (IQVIA HIS)

IQVIA HIS is a state-of-the-art, fully integrated hospital information system. It provides healthcare organisations with a full suite of tools for improved clinical tasks and patient administration. IQVIA HIS is designed as an integrated, comprehensive application, which offers a full suite of tools for clinical tasks and patient administration.

Features

• Streaming/distribution of scattered information in business functions
• Parameterisation avoids the time-consuming processes
• Efficient/effective best-of-practice processes facilitation
• Interoperable between ICD-10/SNOMED CT/CPTcoding/drug_formularies
• HIS&EMR fully interoperable with any industry standard third-party apps
• Easy_access to KPIs allows to manage chronic disease/reporting/cost_of_care
• Report Writing Tool addresses patient care-to cost analysis
• Integrated solution/no need to change function screens
• Explore treatment options within cost of care context
• Patient portal-view medical_history/health_records/results/visits

Benefits

• Accurate/up-to-date/complete patients_at_point_of_care_info
• Quick access to patient records/more coordinated/efficient care
• Securely sharing electronic information with patients/clinicians
• Helps effectively diagnose patients/reduce medical errors/provide safer care
• Enabling safer/more reliable prescribing
• Promotes legible/complete documentation/accurate/streamlined coding/billing
• Enhancing privacy and security of patient data
• Helping to improve productivity/work-life balance
• Enabling to improve efficiency and meet business goals
• Reducing costs through decreased paperwork/improved safety/reduced testing duplication

£6,681 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nhssolutions@iqvia.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

370001564096772

Contact

Bhavin Shindroja
0203 075 5019
nhssolutions@iqvia.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: A. IQVIA HIS Software Maintenance is based on off-site Level 2 and Level 3 support towards bug fixes, product updates/ upgrades as per IQVIA standard SLA terms.; b. Any third-party Software included in this proposal will be subject to and governed by the third-party Software Vendor’s License and Support Terms and Conditions, which will be made known to client upon Delivery.
• System requirements:
  • Maintenance based on off-site Level2/Level3 support-bug_fixes/updates/upgrades
  • Third-party Software subject to/governed by the third-party Software Vendor’s License/Support_T&Cs

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have standard SLA, and will be further discussed and set out in the agreed SLA with client.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We use IQVIA MS teams for Web chat support.
• Web chat accessibility testing: Not Available.
• Onsite support: Yes, at extra cost
• Support levels: IQVIA has a Maintenance and Support team to manage its projects when they move to the maintenance and support phase. This covers:; a) Application Software Maintenance; b) Application Software Support aspects; ; We will attach the standard SLA process for reference.; ; IQVIA provides L2 and L3 level support, while client IT team is expected to provide the L1 level support.; ; Support Costs are built into the Annual Subscription pricing.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: At contract initiation a member of our team will discuss the client requirements and with the client input, plan and execute an approach. As part of the approach the appropriate training will be provided to the client team(s).
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The system provides master data extracts using excel files and other patient data can be expected in the excel, csv files. Once contract ends IQVIA will support to expect the required data.
• End-of-contract process: The system provides master data extracts using excel files and other patient data can be expected in the excel, csv files. Once contract ends IQVIA will support to expect the required data.

Using the service

• Web browser interface: Yes
• Supported browsers: Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The application is device agnostic with response design so we can access the solution on Mobility devices like Android tablets or iPads.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Web interface.
• Accessibility standards: None or don’t know
• Description of accessibility: The solution is role-based access, during implementation the role access is enabled as per client policy.
• Accessibility testing: Not Available.
• API: Yes
• What users can and can't do using the API: API to exchange information with 3rd party solutions. In our current setup APIs are managed by IQVIA tech team, during the projects we shall share the standard API document for IT user's reference. The APIs methods are read only, the users can channel the required API though interface gateway.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The application is configurable to setup rules, department/ ward, clinical forms, clinical charts etc. Authorised users to create/ modify the configuration panel using the built in admin console.

Scaling

• Independence of resources: Our application is scalable horizontally, which means we can add additional resources based on the concurrent users. we use PM2 as service worker to host the application in cluster mode. This helps in reducing the load in the single node of the application.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Between networks, we will be having the secured communication layer implemented. Apart from this, we maintain security standards across application using below attributes, HTTPS, Prevention of XSS, Prevention of CSRF, Security Policy, Password encryption, Authentication, Authorisation, Prevention of Multiple Sessions, Data Confidentiality / Message Encryption, Message Replay Detection, Message Validation, Auditing and Logging, Exception Management. Apart from this our application undergoes PEN testing and certified by external auditors. Even we allow clients to appoint third party auditors to conduct testing with respect to security.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The options can be discussed with the client to ensure IQVIA provides this appropriately.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • CSV
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • CSV
  • PDF
  • Jpeg
  • PNG

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Our application is scalable horizontally, which means we can add additional resources based on the concurrent users. we use PM2 as service worker to host the application in cluster mode. This helps in reducing the load in the single node of the application.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Between networks, we will be having the secured communication layer implemented. Apart from this, we maintain security standards across application using below attributes, HTTPS, Prevention of XSS, Prevention of CSRF, Security Policy, Password encryption, Authentication, Authorisation,; Prevention of Multiple Sessions, Data Confidentiality / Message Encryption.; Message Replay Detection, Message Validation, Auditing and Logging.; Exception Management. Apart from this our application undergoes PEN testing and certified by external auditors. Even we allow clients to appoint third party auditors to conduct testing with respect to security.

Availability and resilience

• Guaranteed availability: We guarantee 99.9% availability of this service. We have SLA for all sort of downtime.
• Approach to resilience: We will be agreeing on the standards during contract discussion.
• Outage reporting: Outages will be communicated to the users through email and closed end-user's forum.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The application is role based.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: IQVIA takes Data Privacy and Information Security Management seriously and our Global Integrated Information Security Framework (ISSF) is based on industry standards and regulations including HITRUST, the ISO 27000 family, COBIT, HIPAA, HITECH and NIST. ; Our approach ensures a high level of data protection and confidentiality in our Products and Service. ; ; IQVIA staff undertake ISO 27001 Information Security, Code of Conduct, Anti-Bribery/ Anti-Corruption and Data Privacy (GDPR) training at regular intervals to ensure that all data processing is in line with the legal basis, ethics, and the Authority’s instructions. ; ; Please see IQVIA's Doing the Right Thing for more information -https://www.iqvia.com/-/media/iqvia/pdfs/about-us/doing-the-right-thing/iqvia-code-of-conduct-english-en.pdf?la=en&hash=2972A691389DED5EC964C1FB3431962164489A40
• Information security policies and processes: IQVIA manages Information Security through a Global Integrated Information Security Framework (IISF). The ISSF is based on industry standards and regulations including HITRUST, the ISO 27000 family, COBIT, HIPAA, HITECH and NIST. IQVIA’s approach ensures a high level of data protection, security, and confidentiality.; The IISF comprises three types of materials (policy, standards, and procedures/work instructions). At the highest level of the IISF are the Corporate Policies which include the Integrated Information Security Framework Policy and the following policies:; ; • Data Classification Policy: The Data Classification Policy ensures that information assets can be classified for appropriate controls to be implemented to safeguard and protect these assets.; ; • Acceptable Use of IQVIA Information Technology Assets Policy: This defines the rules for appropriate usage of IQVIA information assets and systems.; ; The IQVIA EMEA Information Security Management System (ISMS) team have an established ISO 27001 certified ISMS and adopt the IISF global policies. Internal audits of the EMEA ISMS are conducted to assess the effectiveness of the ISMS and compliance with business policies and processes. Please see IQVIA's Doing the Right Thing for more information - https://www.iqvia.com/-/media/iqvia/pdfs/about-us/doing-the-right-thing/iqvia-code-of-conduct-english-en.pdf?la=en&hash=2972A691389DED5EC964C1FB3431962164489A40

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The IQVIA Service Delivery team follows an Operational Change Management process aligned with ITIL standards.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: To protect the Confidentiality, Integrity, and Availability of the service, IQVIA’s Vulnerability Management process consists of Risk Assessment, Vulnerability and Penetration tests. IQVIA’s Change, Patch and Asset management processes help in identifying and mitigating the vulnerabilities and the associated risks.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring process includes review of access and resource requests, system errors, system logs, security threats, weaknesses or vulnerabilities. These events are logged with a Service Desk and recorded in a Service Management System. Necessary remediation measures are taken to address the risks.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: IQVIA has an integrated Incident and Problem Management process aligned with ITIL standards.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At IQVIA we understand our role as an effective steward of the environment, and we take seriously our responsibility. As members of the United Nations Global Compact, IQVIA aligned with four of the UNGC Sustainable Development Goals (SDG) in 2021. IQVIA is committed to the Science Based Target (SBT) initiative, and we have approved SBTis to guide our roadmap to net zero. Under the contract we will fight climate change through:; • Seeking to deliver additional environmental benefits, including reducing our greenhouse gas emissions, improving air quality, and working with our supply chain to adopt effective practices.; • Work to influence staff, suppliers, customers and communities to support environmental protection and improvement across the length of the contracts.

  Covid-19 recovery

  IQVIA understands the impact Covid-19 has had, and through our social value work we are committed to help local communities’ recover from the impact of the pandemic. Whilst most of these activities are addressed through other TOMs, to further our support we also ensure that we are:; • Creating employment and re-training opportunities for those left unemployed by COVID-19.; • Ensuring support for the social, physical and mental health of employees affected by COVID-19.; • Guaranteeing appropriate workplace conditions that support the COVID-19recovery effort including remote working, and sustainable travel solutions.

  Tackling economic inequality

  IQVIA is committed to tackling economic inequality through the creation of new jobs, develop our workforces’ skills, and increasing our supply chain capacity.; Some of the ways we achieve this through:; • Creating training opportunities for young people through schools, colleges, work experience and apprenticeships.; • Creating employment opportunities, particularly for those who face barriers to employment.; • Diversifying our supply chain including new businesses and entrepreneurs, start-ups, SMEs and VCSEs.; • Taking action to identify and manage cyber security risks internally and across our supply chain.

  Equal opportunity

  IQVIA is committed to providing a workplace of equal opportunity with embedded inclusive working practices supported by our diversity, inclusion and belonging strategy. These include fair pay practices, transparent promotion opportunities, and supporting in-work progression with development and training for all, including those from disadvantaged and minority groups who may face most barriers to accessing higher paid work. ; Some of our examples are: ; • Working as a Disability Confident Employer and ensuring accessible recruitment practices.; • Offering Apprenticeships at all levels. ; • Providing flexible and remote working opportunities for all employees. ; • Focus on identifying and mitigating modern slavery, including through our supply chain.

  Wellbeing

  The wellbeing of staff, suppliers and communities is core to IQVIA’s ways of working. Some of the ways we achieve this through:; • Taking demonstratable action to support health and wellbeing of our workforce, including their physical and mental health.; • We influence staff, suppliers, customers, and communities to focus on their health and wellbeing and provide opportunities for engagement with the community.; • We collaborate with our staff, stakeholders and communities in the co-design and delivery of targeted interventions to support strong, integrated communities.

Pricing

• Price: £6,681 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nhssolutions@iqvia.com. Tell them what format you need. It will help if you say what assistive technology you use.