Medxnote

Baret Role-Based Messaging for Microsoft Teams

Baret is a secure, targeted role-based messaging solution for Microsoft Teams that enables structured, closed-loop communications across clinical and frontline workers in hospitals and care services.

Features

• EMR Integration
• Microsoft Teams Integration
• Pager Replacement
• Role-based Messaging solution
• Cross Tenant Messaging ICS / ICB
• Task Management

Benefits

• Workflow Improvements
• Process Optimisation
• Value add to Microsoft 365 / NHS365

£66,240 to £429,180 a licence a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at niall.rafferty@medxnote.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

380090082916902

Contact

Niall Rafferty
07397 940 202
niall.rafferty@medxnote.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft 365
• Cloud deployment model: Public cloud
• Service constraints: Requires Microsoft 365
• System requirements:
  • Microsoft 365
  • Microsoft Teams

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour during working day: 9:00am to 5:00pm Monday to Friday
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: We tested that:; Users can get access to information.; The information is understandable.; Everything on the interface is usable.
• Onsite support: Yes, at extra cost
• Support levels: We provide a standard level of support.; Support is included in the license cost.; We provide a technical account manager.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onsite training and online training
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Customers always have access to their data. We do not retain customer data.
• End-of-contract process: As customers always have access to or a copy of their data they are free to move without additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No differences between the mobile and desktop service.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: A conversational interface between clinicians and clinical systems via a clinical chatbot on their smartphone or smart device, enabling real-time information updating and input.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Medxnote integrates accessibility into the design, development and quality assurance processes of all its component products. Compliance with accessibility standards is evaluated through the use of automated testing, manual validation and assistive technologies.
• API: No
• Customisation available: Yes
• Description of customisation: Message Templates

Scaling

• Independence of resources: Elastic scaling

Analytics

• Service usage metrics: Yes
• Metrics types: All data usage; Daily Active Usage; Role-based Messaging Audit
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Baret

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Request data
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%; Credits in lieu of a refund for if we don’t meet guaranteed levels of availability
• Approach to resilience: Available on request
• Outage reporting: An API; email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Active Directory AD and Azure Active Directory AAD Authentication and Authorisation.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Best International Practice
• Information security policies and processes: Best International Practice.; Our CTO manages Information Security and all technical staff report to our CTO. Our CTO ensures policies are followed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The components of our services are tracked through their lifetime and changes are regularly assessed for potential security impact.; Our CTO is responsible for configuration and change management processes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Proactive monitoring assesses potential threats to our services.; We immediate deploy patches.; We get information about potential threats from 3rd party provider.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We identify potential comprises via 3rd party proactive monitoring.; We respond immediately and deploy the necessary corrective measures.
• Incident management type: Supplier-defined controls
• Incident management approach: We have pre-defined processes for common events.; Users report incidents via web portal or e-mail.; We provide incident reports via an e-mail to customers.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  We support the health and wellbeing, including the physical and mental health of the NHS workforce.; Our solutions address healthcare provider burnout by creating innovative, user-friendly digital tools that streamline workflows, enhance efficiency and improve clinical safety. This allows doctors, nurses, and allied health professionals to reduce the administrative burden and focus on patient care. ; By simplifying tasks and improving job satisfaction, our approach supports the overall wellbeing of healthcare professionals. This contributes to a positive social impact.

Pricing

• Price: £66,240 to £429,180 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at niall.rafferty@medxnote.com. Tell them what format you need. It will help if you say what assistive technology you use.