Patchwork.health

Patchwork Agency Manager

Patchwork Agency Manager consists of a portal for NHS organisations to manage the end-to-end agency staffing process, an agency portal for efficiently proposing workers, and a worker web app . Key functionality includes agency-tiering, auto-cascade, integrated ratecard, agency portal, direct engagement, contract builder, in-system timesheets, self-bill and outsourced payroll.

Features

• Intuitive vendor management system for all healthcare staff
• Transparency of all agency workers and direct engagement status
• Rate management - breakdown of agency, worker and VAT charges
• Request shifts in real-time, assign and approve workers
• Compliance - automated contractual/safe working checks and document management
• Integrated timesheeting process with payroll interface
• Agencies can view available shifts, suggest workers and rates
• Easy agency tier creation using trusted and selected frameworks
• Integrated, market-leading data analytics and reporting platform
• Upstream and downstream interoperability with Bank and Roster platforms

Benefits

• Seamless management of the agency staffing process
• Achieve full visibility of agency workforce
• Seamless process for proposing, reviewing and accepting agency workers
• Management of agency usage with increased reassurance and predictability
• Enhanced rate control, management and contractual compliance
• Integrated hub and web app delivering centralised, integrated system
• Easily identify appropriate and cost effective agency workers
• Tailored reporting providing complete transparency of usage, spend and targets
• Automation of time consuming, repetitive tasks which eliminate administrative burden
• Dedicated account management and transformation support focussed on outcomes achievement

£1.00 to £50.00 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at procurement@patchwork.health. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

436203279729977

Contact

Anas Nader
02033717556
procurement@patchwork.health

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Minimum browser requirements
  • Hospital site must be authorised to access Employer Hub

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour during business hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A, we use a third party solution
• Onsite support: Onsite support
• Support levels: Customer Support Services operates Monday-Friday 8am-6pm, we also have an emergency out-of-hours service that provides 24-hour support for any urgent technical issues. Delivering in-app support, Customer Support acts as a first line of support. Any issues that require more specialised support are triaged to our Engineering and Client Partnership Teams. We operate the following escalation process: ; ; - Account Manager - Once 75% of the workaround target service level time has been exceeded without a workaround being implemented . ; - Account Director - Workaround target service level exceeded - Head of Accounts - Further escalation relating to service availability or response times; - Chief Operating Officer - Unacceptable response to escalation process This support is provided at no additional cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We adopt a mature implementation programme that ensures a safe transition from legacy systems and a smooth on-boarding process for all departments/services. We provide on site training for administrators with refresher sessions available on request. This is coupled with online training resources, digital walkthroughs and webinars. We also provide a dedicated account manager who is available for on-site support and trouble-shooting.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Our data management and reporting features enable full data extraction at any point during the course of the contract. Patchwork support team can also assist with data migration and extraction if required.
• End-of-contract process: Termination can be requested based on the termination clauses outlined in the contract. There are no termination costs. No uninstallation is required. The end-user’s account would be disabled with immediate effect.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: We are committed to promoting and facilitating full interoperability with other NHS services, and our solutions have been designed specifically to interface with third party solutions. We therefore provide and API that receives and transmits data from bank and rostering providers. We have a dedicated Integration Team consisting of Project Managers and Software Engineers that are responsible for scoping, data mapping and user acceptance testing any integration requirements for our clients.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The software has in-built features to enable users to customise based on organisational and departmental requirements. The implementation team assist with customisation and configuration during the implementation process.

Scaling

• Independence of resources: We have monitoring tools and server capacity can be expanded instantly with demand. We scale our database automatically using Amazon RDS, and our front end servers using Elastic Load Balancing. Our solution ensures there are always multiple healthy servers available and will automatically provision additional servers to meet demands on the service or remove servers that are failing health checks

Analytics

• Service usage metrics: Yes
• Metrics types: Through our integrated management information suite, Patchwork Insights, organisations have complete transparency of agency usage, allowing them to make evidenced decisions around agency usage and easily create NHSEI agency returns. This also supports organisations to manage actual and forecasted spend, meet their targets, assess shift cover issues and more.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported in CSV and Excel format via the data export function within the employer hub.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Multiple Virtual Private Cloud (VPC) networks are configured so that traffic is highly isolated and access controlled by firewalls. Database servers have no direct routes to public internet and internal traffic between the databases and application servers is encrypted. Certificates and access to these networks is restricted and strictly managed. Test and Demo environments are on separate isolated environments to provide additional safeguards.

Availability and resilience

• Guaranteed availability: We offer 99% uptime SLA for end-users. Should SLA availability not be met, we offer 0.5% of total charges for each percentage under target.
• Approach to resilience: Our server provider (AWS) guarantees 99.99% network up-time. Further information can be provided upon request.
• Outage reporting: We provide live updates using the website - https://status.patchwork.health/. Updated every 60 seconds, this outlines the level of uptime over the last 90 days, overall uptime, and status updates over the last 30 days.We would also provide email and telephone alerts to all affected users during an outage. Account managers and Customer Support Team would provide ongoing support.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Patchwork has a full set of roles and permissions for user accounts, with different access privileges for Patchwork staff, customer's managers, customer's administrators and clinicians.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint, accredited by IAF member the Dutch Accreditation Council
• ISO/IEC 27001 accreditation date: Held by our suppliers
• What the ISO/IEC 27001 doesn’t cover: Held by our suppliers
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: AWS aligned this to ISO 27001
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our security policies and processes are fully aligned with the standards and principles of ISO 27001, and we maintain and enact all expected policies and processes. This includes access control policy, cryptography policy, data and information retention policy, data protection policy, information classification policy, information security policy, password policy and removable media device policy. Our practices meet the full NHS Data Security standards required through the Data Security and Protection Toolkit (DSPT), as well as UK Data Protection Legislation. Our practices are outlined in our Privacy Policy (available here: https:// www.patchwork.health/privacy/) and user T&Cs accessible on our website/mobile app.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes to code are peer reviewed during development and prior to release. All features are QA tested by a team separate from the product development team to provide additional safeguarding and operational review. Automated tooling to ensure compliance to development standards is enforced as part of our CI and deployment pipelines. Major changes use a Feature Flag system to allow code to deployed and then activated on a per-organisation basis alongside the necessary organisational process updates and training. All features are continually tracked from both a technical and operational perspective.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: As part of our CI and deployment pipeline all code is automatically scanned for potential vulnerabilities in the code by static analysis tooling. Additionally imported libraries are checked against a registry of known vulnerabilities. In all cases, detection of a risk prevents shipping the code. We have multiple monitoring solutions at each level of our solution stack which includes pro-active error notifications, performance monitoring and automated blocking of potential risks detected. Patches and hotfixes are deployed on demanded with zero down-time rollouts following the Blue/Green deployment pattern.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Ongoing automated monitoring at both an infrastructure and application level with alerts configured to detect unusual activity, errors, or performance been impacted in any way. Audits of logs are performed on an ongoing basis. If issues are detected engineering resources immediately priorities further investigation, patching, and prevention of the issue. If required an account manager will liaise with the Trust. Breaches are logged with the ICO within 72 hours as per GDPR requirements.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Application errors are automatically tracked and reported to the engineering team to be dealt with as a priority without needing to be reported by the end user. Infrastructure has monitoring and reporting in place to alert the engineering team of issues and health checks automatically replace servers exhibiting issues. Users can report issues via support channels or escalated to named senior account managers. All issues are reviewed within the product development process to address why it happened, our response, and how we can improve the system to prevent it in the future.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Patchwork respects the needs and concerns of the communities in which it operates; and it cares for the environment, seeking where practicable, to reduce the impact of its global operations on the environment. ; ; Welfare, recycling, energy conservation, carbon impact and waste minimisation are integral to its business and Patchwork is committed to integrating sustainability and environmental considerations into all its business decisions At Patchwork we strive for continuous improvement and specific measures to prevent pollution, reduce carbon impact, and to comply with applicable environmental legislation. ; ; Our Corporate Social Responsibility Policy, includes our sustainability and impact statements and commitments, and can be provided upon request. ; ; Whilst not needing to legally report on its emissions due to being a small business with less than 250 employees, Patchwork wholly supports the Climate Change Act 2019 (amendment) target for at least a 100% reduction of greenhouse gas emissions by 2050 and the sixth Carbon Budget 2021 target to reduce emissions by 78% by 2035. In 2022 Patchwork formed an internal Sustainability Committee. The purpose of this committee is to ensure Patchwork meets its own pledges, declarations and working practices as outlined in the Corporate Social Responsibility Policy and to research and suggest further methods and initiatives to reduce the Company’s carbon impact. ; ; This committee meets monthly to discuss and work towards Patchwork’s Sustainability Roadmap and goals, which include:; ; • Reduce our carbon footprint as much as practicable.; • Offset carbon impact by investing in a cause or programme that actively reduces global carbon emissions. ; • Calculate our carbon footprint. ; • Publish our carbon footprint. ; • Gain carbon neutral accreditation.; ; As part of our commitment to climate impact reduction we have partnered with Ecologi to support us in offsetting our carbon emissions by planting trees for new joiners and our entire existing team.

  Covid-19 recovery

  Since the onset of the pandemic, Patchwork Health have been involved in a number of initiatives to support organisations to manage and recover from the impacts of COVID-19:; ; • COVID Vaccination Banks - We provided a bank of staff to deliver vaccinations throughout Cheshire/Merseyside, across Primary and Secondary care. The bank was comprised of clinical/non-clinical workers from diverse networks, including GP Practices and Secondary Care facilities, and services are similarly delivered across a diverse range of settings, including PCNs, Schools, Vaccination Centres and Pharmacies.; ; • National Vaccination Programme - Commissioned by NHS England in December 2021, we developed a VMS Platform to support 42 Lead NHS Employers positioned across the country to fill unfilled vaccination shifts through approved workers. Through this platform, any shifts which the Lead Employers could not fulfil through their substantive or bank staff would be automatically cascaded and advertised to approved agencies through our dedicated platform. We were contacted by NHS England on 07/12/21 with the requirement to deliver a solution at pace given the spike in rate of infection caused by the Omicron variant. By 30/12/21 we had mobilised and configured our solution in-line with NHS England’s requirements, and onboarded the c.300 framework agencies, their workers, and the 42 Lead Employers across England involved in the project.; ; • PPE Donation – During the pandemic, in partnership with SheildNHS we delivered hundreds of thousands of protective shields to NHS workers. With the generous help of the Archbishop of Canterbury, London Fire Brigade, Salvation Army and many other volunteers, we assembled and delivered over 60,000 protective shields to 20+ Trusts, including the likes of Liverpool University Hospitals NHS Foundation Trust, Imperial College Healthcare NHS Trust, Bradford Teaching Hospitals NHS Foundation Trust, London North West University Healthcare NHS Trust, St John Ambulance and many more.

  Tackling economic inequality

  There are a number of key features and functions that we have built across our platforms, specifically to tackle economic inequality and deliver greater transparency for our users:; ; • Pay Equality/Standardisation - Our solution delivers a standardisation of contracts, full visibility of rates to clinicians, and rates are automatically adopted from pre-configured rate cards based on role and timing. Our solution therefore delivers transparency and full visibility of rates and pay, whilst payments are founded on equality and based only on role, skills required and timings.; ; • Affordability - The system is completely free to use for all clinicians and we do not charge for additional admin licenses). There are also no hidden costs - all features are fully available, free of charge, to all users, from day one.; ; • Financial Wellness Initiative - We have teamed up with Financial Wellness provider Wagestream to try and reduce the heavy reliance of NHS staff on ‘pay-day loans’ and credit cards. We understand that many workers may book bank shifts to support with unexpected personal expenses and our partnership with Wagestream allows them to draw down this salary as soon as they have earnt it.

  Equal opportunity

  Patchwork Health have developed a solution that tackles inequality by prioritising accessibility and equality for all users. Our work in this area was recently recognised by the National Spectator Newspaper who awarded us their Social Impact Award.; ; • Accessibility - To ensure accessibility our products are accessibility tested and adhere to Web Content Accessibility Guideline standards. This ensures that, for example, our product continues to function with different levels of text zoom or with colour-blindness colours in place. Through our participation on the DigitalHealth.London Accelerator, we worked closely with a focus group of speech and language therapists to assess the suitability of our product.; ; • Flexibility - As a direct consequence of how we seamlessly enable flexible working for members of the community, we support organisations to develop a diversity in their workforce and tackle inequality. For instance, our solution offers greater work/life balance for individuals with caring or paternal/maternal responsibilities.; ; • Availability – We have prioritised the availability of our products by making our solutions device agnostic. Our solutions consist of native apps (available on iOS(v10+) and Android(v5.0+), and across a range of personal devices including mobile and tablet) and web applications (available on all web browsers and accessible on Mac, PC, tablets and smartphone). Designing our solutions with availability in mind, means that we have provided resilience/flexibility should a clinician not be able t access/use smart personal devices.

  Wellbeing

  • Employee Assistance Programme - Health Assured provides our staff with a comprehensive employee assistance programme, offering counselling sessions and various health and wellbeing resources through a dedicated app.; ; • Wellness Hub - Accessible via Perkbox, our awards and benefits platform, the Wellness Hub provides a range of expert-produced content for personal wellbeing, from workout videos to guided meditation. Available 24/7 on multiple devices, it supports employees' mental and physical health.; ; • GP Appointments - Through Perkbox, employees enjoy free same-day and next-day virtual appointments with qualified NHS GPs. The service facilitates faster referrals, prescription delivery, and on-the-go access to doctor's notes.; ; • Mental Health and Wellbeing Committee - Ten trained Mental Health First Aiders at Patchwork Health serve as the initial point of contact for employees seeking support, offering chats or directing them to professional help as needed.; ; • Mental Health Resources Hub - In addition to Health Assured and Perkbox resources, our internal Mental Health Resources Hub features regularly updated multimedia content on topics like sleep, depression, and stress.; ; • DSE Assessments - In collaboration with Hofy, our IT equipment provider, employees access DSE home and workplace assessments to enhance ergonomics, reducing tiredness, eye strain, and physical discomfort associated with prolonged work/equipment use. Free ergonomic equipment is also provided.; ; • Personal Days - Recently implemented, our personal days policy allows employees additional time off beyond their annual leave for burnout, stress, or mental health concerns.

Pricing

• Price: £1.00 to £50.00 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We offer a limited free use period for Patchwork Health. The length and scope of the free use period is decided on a case by case basis.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at procurement@patchwork.health. Tell them what format you need. It will help if you say what assistive technology you use.