Skip to main content

Help us improve the Digital Marketplace - send your feedback

ReStart Consulting Ltd

IMX Platform

A platform with cloud deployed applications which can support EPR implementations, data archiving, PROMs, business continuity, integration, data migration and transformation. It's flexible, interoperable, and scalable, seamlessly integrating with existing ICT infrastructures. Suitable for use across any health and care organisation.

Features

  • Patient Reported Outcomes Measures functionality
  • Clinical Portal/Shared Care Record
  • Archive Solution
  • Electronic Document Management
  • Interoperability Solutions
  • Dashboards and Real time Reporting
  • Business Continuity
  • Support, Alerts and Monitoring
  • Integration
  • Integration Engine

Benefits

  • Interoperable with any system
  • Access and use on any device
  • Highly configurable to support local processes
  • Intuitive
  • Secure with full RBAC access
  • Modern microservices architecture
  • Auditing and reporting functionality
  • User led design
  • Full compatibility between applications
  • Flexible, agile and phased implementation approaches

Pricing

£15,000 to £200,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@restartconsulting.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 0 4 6 3 3 3 7 7 8 4 8 4 3 1

Contact

ReStart Consulting Ltd Geri Boynova
Telephone: 01392 363888
Email: commercial@restartconsulting.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Can be launched in patient context or embedded within any system.

Compatibility across all IMX solutions regardless of the initial application deployed.
Cloud deployment model
Private cloud
Service constraints
None.
System requirements
  • Integration Engine licence (if required for the specific IMX application)
  • Document conversion licence (if required for the specific IMX application)
  • EMPI/MDM software licence (if required for the specific IMX application)
  • Database software licences (if required for the specific IMX application)

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLAs available on request and can be configured to suit an organisations requirements.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support costs can vary between IMX applications and are dependent on the term of the contract selected by the organisation.

ReStart adopts a flexible pricing approach to suit any capital and revenue budgets and can modify pricing to fit any organisation's budget requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
ReStart can support any training requirements. Our preferred approach is Train the Trainer but we can provide classroom training and documentation as required.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
If the solution is within the organisation's data centre, they will retain the data. If ReStart are holding the data, it will be exported and provided to the organisation in agreed location.
End-of-contract process
If the system is being replaced we will work with the new supplier to do a sufficient hand over process. This process and the exit extract, if required, will not be at an additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There is no difference. They are the same solution.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
IMX has a fully open API available to organisations and their partners.

IMX can communicate with any API used in other solutions. It is a fully interoperable platform.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
The IMX interface has been designed to be accessible for all users including those using assistive technology. All aspects of the solution have been user tested and approved for us by Health and Care organisations.
API
Yes
What users can and can't do using the API
User organisations can configure their internal systems to launch IMX via our openAPI.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
All aspects of the solution can be customised to suit the organisation and their users needs.

Scaling

Independence of resources
If IMX is hosted in the organisation's environment then ReStart can recommend that additional resources are added to the deployment environment if concurrency becomes an issue.

If IMX is hosted in ReStart's environment, the environment will be configured to add additional resource as required.

Analytics

Service usage metrics
Yes
Metrics types
IMX has a full suite of auditing and logging tools that provide complete metrics to appropriate users in the organisation.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Qvera (QIE)

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users of IMX are clinicians. Should the data owner (patient/service user) require an export of their data, this can be obtained through a Subject Access Request to the data controlling organisation.

If the data controller is a health or care organisation then the process for exports will depend on local policy.

If the solution is hosted in ReStart's cloud, then users can place a subject access request with ReStart directly.
Data export formats
CSV
Data import formats
Other
Other data import formats
Not applicable.

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99% up time guaranteed with service credits associated with any breaches.
Approach to resilience
IMX is a high availability solution with 99.9% up time. In terms of resilience, the IMX solution is composed of microservices running in Kubernetes. This allows us to scale the workload flexibly when demand changes. Kubernetes spreads the workload across multiple servers, providing resilience to server failures. On our Cloud environment, these servers and other resources such as databases are distributed across Availability Zones, providing resilience against availability zone failure.

The Kubernetes cluster configuration is kept up-to-date with security best practices and each container is frequently scanned for CVEs to ensure the IMX solution is kept secure. ReStart's resilience policy is available on request.
Outage reporting
Email alerts are used to report the majority of outages.

Within IMX one of the applications IMX Alert has a customer facing dashboard which reports any issues in an organisations integration environment.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Users are assigned roles based on RBAC principals. This allow access to interfaces and support channels to be managed.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
Data Security and Protection Toolkit

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
At ReStart ensuring the security and confidentiality of sensitive health data is paramount. We have established robust information security policies and processes to safeguard data integrity, protect against unauthorised access, and mitigate potential risks. All Restart's information security policies/processes are available on request. Some of these include:

- Data Protection Policy: This defines our procedures for handling, storing, and transmitting sensitive health information in compliance with relevant regulations such as GDPR (General Data Protection Regulation).

-Incident Response Plan: Outlines steps to be taken in the event of a security breach or data incident, including incident detection, containment, investigation, and reporting.

- Employee Training and Awareness: Requires regular training sessions and awareness programs to educate employees about information security best practices and their responsibilities in safeguarding sensitive data.

We conduct periodic audits and security assessments to evaluate compliance with information security policies and identify areas for improvement.

The reporting structure in place to ensure that policies are followed includes:

An Information Security Officer who oversees the development and implementation of information security policies and procedures.

Information Security Team: Responsible for monitoring systems, conducting risk assessments, and responding to security incidents.

Senior Management: Provides oversight and support for information security initiatives.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We track components throughout their lifecycle and assess changes for security impact. Our version control processes ensure accurate tracking, while documentation provides clarity. Changes undergo formal requests, risk assessments, and security reviews. Vulnerabilities are addressed pre-deployment through testing and remediation. Our Change Control Board approves changes based on impact and alignment with goals. Post-Implementation Reviews capture lessons for improvement. These processes maintain the integrity and security of our solutions.

ReStart's configuration and change management policy can be made available on request.
Vulnerability management type
Undisclosed
Vulnerability management approach
ReStart's vulnerability management policy is confidential and available to organisations on request.
Protective monitoring type
Undisclosed
Protective monitoring approach
ReStart's protective monitoring approach is confidential and available on request.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have predefined processes for common events, ensuring swift resolution. Users report incidents through various channels, including email, or phone.

Our incident response team triages and prioritises issues based on severity. Regular updates are provided to users throughout the resolution process via email or an agreed system such as Jira. Post-incident, detailed incident reports can be generated, outlining the root cause, impact, actions taken, and preventive measures. These processes ensure timely resolution and transparency. ReStart's Incident Management policy is available on request.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Our Environmental Strategy has clear targets outlining how we work to ensure that we are contributing to our overall goals of achieving net zero greenhouse gas emissions. The strategy describes the risks, measures, and considerations we take across our organisation, partners and supply chain including but not limited to reduction in transport, paper use, recycling processes etc. We are happy to share this strategy on request.

Tackling economic inequality

Our Equality, Diversity, and Inclusion Strategy outlines how we will ensure that we will continuously learn about the inequalities within the sector, relevant to the solution and services we provide and ensure fair recruitment processes are adopted and progression is promoted across all existing employees. We are happy to share this strategy on request.

Equal opportunity

ReStart is committed to promoting equal opportunity by prioritising accessibility, diversity, and fairness. We adhere to accessibility standards to ensure all users can access our services. Our workforce and supplier base are diverse, reflecting our commitment to inclusivity. We uphold fair hiring practices, offer training opportunities for skill enhancement, and engage with local communities to understand their needs. These efforts collectively contribute to a more inclusive and equitable environment within our organisation and beyond.

Wellbeing

Our Health and Wellbeing Strategy outlines our commitments in ensuring health and wellbeing for employees. Tools, such as questionnaires, will be used to obtain feedback and develop further improvement strategies. We are happy to share this strategy on request.

Pricing

Price
£15,000 to £200,000 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@restartconsulting.com. Tell them what format you need. It will help if you say what assistive technology you use.