Beamtree UK

Performance Indicators for Coding Quality (PICQ)

PICQ is a quality assessment tool for assessing and reporting on the accuracy and specificity of clinical coding data. It uses more than 200 indicators to assess and measure coding accuracy against the ICD-10 classification. This enables benchmarking across hospitals and provides insights to improve the accuracy of reported activity.

Features

• Web-accessible application.
• Automated data ingestion via secure file transfer or via API.
• Automated data processing across organisations entire coding dataset.
• Daily email notifications or real-time notifications to coders and managers.
• Measurement and reports on compliance with coding standards and rules.
• Workflow functionality for correction of coding compliance errors.
• Insights dashboards and performance reporting for coders, managers and executive.
• Benchmarking across health services, hospitals and coding teams.
• Revenue assurance functionality, including monitoring and reporting of HRG changes.
• Real-time coding education via links to coding standards and rules.

Benefits

• Maintain accurate, consistent coding quality across any health service level.
• Tailor audits, training, and education to coder's needs, fostering improvement.
• Real-time education on coding errors, ​helping improve skills and accuracy.​
• Reliable measure of compliance with Coding Standards.
• Ensures coders maintain the necessary level of coding specificity.
• Revenue assurance, minimising impact of misallocated funding.
• Ensures resources are allocated more effectively to benefit healthcare organisations.
• Coders can work more efficiently, reducing the burden on resources.
• Facilitates smoother transitions between clinical coding editions, minimizing workflow disruption.
• Performance improvement through benchmarking across health services, hospitals and teams.

£1 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jennifer.nobbs@beamtree.com.au. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

401930501091500

Contact

Jennifer Nobbs
07400836269
jennifer.nobbs@beamtree.com.au

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Beamtree conducts scheduled maintenance outside of business hours to minimize interruptions. Any maintenance windows will be communicated within the application.; ; There are no constraints on the application's use from the user's perspective, other than the requirement of access to modern web browsers.; ; Clients who wish to provide data automatically may need to install SFTP software on their end.
• System requirements: Clients may need to install SFTP software

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Automated response within 15 minutes.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Level 1 customer service. Cost built in; Level 2 customer service. Cost built in; Level 2 technical support. Cost built in; Level 2 customer service on-site. Extra cost; Level 3 programmatic support. Extra cost
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: PICQ Client Onboarding Documentation provided to clients (including PICQ Data Extract Specification, PICQ Implementation Guide and PICQ User Manuals). ; Beamtree PICQ Product Specialists and technical SMEs will provide a walk-through of all documentation, and provide support to client teams on the technical set up of PICQ, including data extract development and submission protocol.; Beamtree Product Specialists manage initial user set-up and access permissions. ; PICQ training sessions for application end-users are provided face-to-face and virtually. ; PICQ user guides, videos and online training are provided to users, including via the online Support Portal.; Quarterly PICQ Product User Groups provide demonstrations and training, share best practice across peers, and discuss product roadmaps and user requirements.; PICQ product and application support is provided 8am to 5.30pm GMT times via support helpine, email and online support portal.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: 1. Client notifies Beamtree of intention to terminate contract by set date, including if a copy of the client's data stored by Beamtree is required or if destruction of all data is required.; 2. Beamtree disables data ingestion for client organisation on agreed data, and secure keys are disabled.; 3. Beamtree disables client access to application on agreed date, and creates a copy of data or deletes all data stored by Beamtree.; 4. Data is provided to client via Secure File Transfer Protocol SFTP (if requested); 5. Attestation letter is provided to client confirming all data held by Beamtree has been deleted (where data is deleted) within 60 days of client deletion request.
• End-of-contract process: Within price of contract the following steps are followed when contract ends:; 1. Client notifies Beamtree of intention to terminate contract by set date, including if a copy of the client's data stored by Beamtree is required or if destruction of all data is required.; 2. Beamtree disables data ingestion for client organisation on agreed date, and disables secure data transfer keys.; 3. Beamtree disables client access to application on agreed date, and creates a copy of data or deletes all data stored by Beamtree.; 4. Data is provided to client via Secure File Transfer Protocol SFTP (if requested).; 5. Attestation letter is provided to client confirming all data held by Beamtree has been deleted (where data is deleted) within 60 days of client contract end date.; Any additional requirements required by a client organisation at the end of the contract over and above the steps outlined above can be negotiated with Beamtree for an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: PICQ is a web-based application. Users access it through major web browsers to interface and interact with the platform.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: No testing has been done before.
• API: No
• Customisation available: Yes
• Description of customisation: Organisational hierarchy and structure within application can be customised to meet client organisational structure (single hospital site, networked organisation).; Clients can opt to submit additional data fields within data extracts for presentation within application. ; Coding indicator sets can be customised for client organisations in consultation with Beamtree SMEs.; Clients can configure indicator notification settings to align with local and user preferences.

Scaling

• Independence of resources: To ensure users are not affected by the demand placed on the service by other users, the cloud infrastructure utilises horizontal scaling to increase the number of active nodes based on utilization.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage metrics; Status metrics
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Our solution is hosted on AWS, which handles physical security. AWS's infrastructure is complying with CSA STAR CCM v4.0. Additionally, we implement encryption for all physical media to enhance security further.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported from the application via a download functionality available on most reports.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Text file (.txt)
  • Excel file (.xlsx)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Details available on request.
• Approach to resilience: Resiliency achieved through redundancy and fault tolerant design. Details available on request.
• Outage reporting: Dashboard and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: A role-based access will be implemented with specific permission groups that allow access to the analytics interface, used by privileged users.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: We are Cyber Essentials certified in UK. Although not currently certified, our governance practices are aligned with the ISO/IEC 27001 standard and incorporate elements of the NIST Cybersecurity Framework where relevant. Our objective is to achieve certification by the end of 2024, enhancing our compliance with these benchmarks.
• Information security policies and processes: Our information security framework is governed by a core Information Security Policy, supplemented by a Risk Management Framework & Policy, and operationalized through specific standards:; Data Classification and Handling Standard; Cloud Security Standard; Threat and Vulnerability Management Standard; Security Event Logging and Monitoring Standard; IT Acceptable Use Standard; Third-Party Risk Management Standard; Incident Response Standard; Physical Security Standard; User Access Management Standard; Cryptography Standard; End-Point Protection Standard; Human Resource Security Standard; Secure Development Standard; Network Security Standard; Business Continuity Plan Standard; Asset Management Standard; Change Management Standard; Compliance Management Standard; ; To ensure adherence to our policies, we've instituted comprehensive documentation, including procedures, checklists, and guidelines, to support the implementation of our security controls.; ; Our reporting structure includes monthly risk governance meetings with stakeholders, monthly security reports to the CTO, frequent updates to the executive team on risks and mitigations, and a quarterly risk report to the Audit and Risk Committee.; ; Regular audits, training, and policy reviews underpin compliance, with a Change Management Standard to keep our practices current against the evolving security landscape.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration Management Process:; Baseline configuration entered into CMS; Updates by Architectural Review Board and integration with Change Management Process; Yealy audit of CMS; ; Change Management Process:; Change proposals triaged into Emergency, Standard or Normal Change types; RFC artifacts developed by implementation team as appropriate for Change type. ; CAB review as appropriate to Change type, including security review; Resourcing and scheduling deconfligration performed; Approval appropriate to Change type recorded on RFC artifacts; Implementation of Change; Verification of Change; Update to CMS; ; Operational Governance Process:; Technology Governance Committee reviews Architectural Review Board and CMS audit.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management process is designed to identify, analyze, prioritize, and remediate cybersecurity threats efficiently. We assess potential threats through a combination of vulnerability scanning tools (Rapid7, AWS inspector, Snyk and more), threat intelligence feeds, and external reports, ensuring a comprehensive understanding of potential risks. Patches are deployed rapidly, adhering to our SOP which mandates specific time frames for remediation based on the severity of the vulnerability, ensuring critical patches are deployed within 14 days.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our monitoring systems, including SIEM, IDS, and EDR, swiftly identify potential security breaches. Our Cyber Security Incident Response Team (CSIRT) categorizes the incident based on its severity and impact, and immediately initiates containment, eradication, and recovery procedures as per our detailed Incident Response Plan. Critical issues are tackled within an hour to reduce impact. Our methodical approach and incident categorization ensure efficient, effective responses.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management processes are well-defined and structured to address common events effectively. We have pre-defined processes for various types of incidents, ensuring swift and organized responses. Users can report incidents through multiple channels, including direct communication to our security team and automated alerts from our security systems like EDR and SIEM. For incident reporting, we utilize a centralized incident register where all incidents are logged, analyzed, and categorized based on their severity and impact. Incident reports are provided through a structured process, ensuring all relevant stakeholders are informed according to the severity of the incident.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: NHS Network (N3)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  PICQ is a cloud-based application that uses public cloud infrastructure to effectively manage our computing resources. Our system is set up within secure, shared cloud facilities, allowing us to adjust our computing needs up or down based on client demand. This flexibility helps us minimize our carbon footprint. By optimizing resource use, we contribute to fighting climate change by ensuring that we only use the energy we need, reducing unnecessary power consumption and emissions.

  Covid-19 recovery

  Help local communities to manage and recover from the impact of COVID-19:; PICQ indicators includes indicators focussed on the coding standards and rules related to COVID-19, to support documentation and coding quality, reporting, monitoring and surveillance and funding related to COVID-19 diagnoses and medical treatment.; ; PICQ is an online accessible application, so it supports remote and virtual working enabling effective social distancing.

  Tackling economic inequality

  Create new businesses, new jobs and new skills:; PICQ supports learning and development for the clinical coding workforce through continuous feedback and embedded education.; PICQ supports coding auditing efficiencies, enhancing this scarce and expensive workforce.; ; Increase supply chain resilience and capacity:; PICQ supports the accuracy and specificity of clinical coded data across an organisation's entire population data set which is critical for tackling economic inequality through: ; 1. Efficient resource allocation: accurate clinical coding provides a clear and accurate representation of healthcare activities, enabling healthcare providers to allocate resources more effectively. It ensures that funds are directed where they are most needed, helping to maintain the efficiency of services and facilitating patient access to necessary treatments and care.; 2. Improved access to healthcare services: accurate clinical coding is essential for securing appropriate funding and reimbursement for hospitals and trusts. By accurately capturing the complexity and breadth of patient care, hospitals can ensure they receive the correct level of funding. This, in turn, supports the sustainability of healthcare services and enables providers to offer appropriate and accessible care to their population.; 3. Public health initiatives: accurate clinical coded data supports research and monitoring of public health trends, including those that disproportionately affect lower-income populations. It supports the planning and implementation of public health initiatives aimed at improving the health of the population; 4. Policy making: accurate clinical coded data can be used by policymakers to develop legislation and policies that aim to reduce health disparities, such as improved funding for healthcare programs in low-income communities.; ; PICQ indicators include indicators related to hospital acquired complications (HACs) and healthcare associated infections (HAIs). This data and reporting supports hospital quality and safety initiatives in monitoring and decreasing the occurrence of HACs and HAIs. This reduces the economic impacts on patients and families.

  Equal opportunity

  Reduce the disability employment gap; PICQ supports the accuracy and specificity of clinical coded data across an organisation's entire population data set which supports equal opportunity through:; 1. Supporting identification of disparities in healthcare access and outcomes across different populations. ; 2. Informing the equitable allocation of healthcare resources.; 3. Informing healthcare policy and planning that promotes equal opportunities for health and wellbeing.; 4. Enhancing and evaluating public health initiatives to ensure they address the needs of diverse populations.; 5. Monitoring the safety and quality of care to identify any disparities in care delivery.

  Wellbeing

  Improve health and wellbeing:; PICQ indicators include indicators related to hospital acquired complications (HACs) and healthcare associated infections (HAIs). This data and reporting supports hospital quality and safety initiatives in monitoring and decreasing the occurrence of HACs and HAIs. This supports wellbeing by addressing and reducing complications that can occur during hospital stays, through improving patient satisfaction, reducing hospital length of stays, and minimising instances of injury and mortality.

Pricing

• Price: £1 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jennifer.nobbs@beamtree.com.au. Tell them what format you need. It will help if you say what assistive technology you use.