Skip to main content

Help us improve the Digital Marketplace - send your feedback

Solcom Limited

Whzan Digital Health

Health and activity monitoring using standardised national tools - supporting care professionals and families by highlighting vulnerability and deterioration with evidence-based data.

Whzan includes automated early warning triggers, NEWS2, health and activity pattern recognition, and simple user interface - continually enhanced, developed and updated by our in-house team of developers.

Features

  • Real-time patient/resident data on the Whzan dashboard
  • Collects, records, and displays health and activity data
  • Used to remotely monitor patients in virtual wards
  • Used for monitoring patients post hospital discharge
  • Suitable for care, nursing, and learning disability homes
  • Used for domiciliary care (NEWS2 of patients, etc)
  • Enables remote Annual Physical Health Checks for SMI patients
  • Supported self-management for individuals with single or multiple conditions
  • Supports frail people living on their own
  • Conducts comprehensive clinical assessments, communicating results to healthcare professionals

Benefits

  • Triage patients on surgical waiting lists
  • Reduce demand on NHS services
  • Defer care home admission
  • Empower patients to feel reassured and involved with their health
  • Detect signs of change in health and behaviour
  • No technical knowledge required
  • Portable, wireless, Bluetooth enabled devices
  • Authorised professionals access patient results and analysis in real-time
  • Improve patient health
  • Support patients to self-manage their condition(s)

Pricing

£72 to £400 a licence a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith.chessell@solcom.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 4 0 3 9 1 7 7 2 8 7 8 8 5 7

Contact

Solcom Limited Keith Chessell
Telephone: 01983817000
Email: keith.chessell@solcom.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None.
System requirements
Whzan subscription

User support

Email or online ticketing support
Email or online ticketing
Support response times
Questions are responded to within one hour of receipt Monday to Friday between 9am and 5pm, excluding Bank Holidays. Questions received outside of these hours are responded to within one hour the next working day.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
All customers are provided with an Account Manager as their first point of contact for all queries. For technical support queries, Users are directed to our dedicated full-time help, training and technical support desk. They are available during office hours by phone, email, and video call. Issues are often resolved on the first call. They send replacement equipment and consumables, provide unlimited refresher training, technical advice and support.

If escalation is required, our support staff will pass on the query to our in-house team of developers. If necessary, issues will be escalated to our Directors.

Unlimited support is provided at no additional cost.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide face-to-face and online training for all Users.

We provide as many training sessions as needed with our in-house NHS colleagues, who collectively have over 50-years’ healthcare experience and have been instrumental in development of technology-enabled care used in virtual wards, care homes and managing long-term conditions.

Our training program for clinicians, administrators, and care teams is in two-parts – an admin session and a hardware session. Sessions can be delivered separately or together.

The 30-minute admin session consists of setting up a training caseload for carers and clinicians to practice with. We demonstrate how to add patients, new Users, create caseloads, and upload Whzan data into integrated patient record systems.

The hardware session is attended by the care team who will be using the equipment, or a single champion, and consists of how to use each part of the system, for example taking observations and NEWS2 scores, and setting up activity monitoring sensors.

All training materials are available upon request and via the Whzan dashboard under “HELP”.

Our in-house team of developers provide support for software-related matters by MS Teams, telephone and email.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users extract their data via a secured Excel or CSV document.
End-of-contract process
At the end of a contract when there is no longer a legal basis for retaining data, or removal has been requested, it will be securely deleted from our servers. We can extract data and securely transfer it to the customer.

This is at no additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There are no differences between using Whzan on mobile or desktop.
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
Cloud-based web dashboard groups patients into “caseloads” which are often condition or location specific. Each caseload shows overview information of each patient, including name, DOB, NHS number and verification status, time and value of latest readings, device battery level, and red, amber, green (RAG) status. By default, the caseload dashboard lists patients using the RAG status column with high priority patients at the top.

Once a patient is selected from a caseload, their most recent readings are displayed in real-time alongside historical entries as charts, graphs, and numerically. Whzan facilitates messaging, video consultations, clinical thresholds, and condition specific information sharing.
Accessibility standards
WCAG 2.1 A
Accessibility testing
Whzan is reviewed annually with manual audits by our Accessibility Consultants, by scans with an automated testing tool, and has been reviewed by users with visual impairments.
API
Yes
What users can and can't do using the API
Users can import and export data through the API.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users with the appropriate Role Based Access Controls, such as Healthcare Practitioner, Manager, or Administrator, can customise the dashboard layout, reports, and data content.

The dashboard layout is customised by selecting the caseload type, such as healthcare (default), annual physical health check, or heart health, to customise what data is shown. The list of patients can be sorted by any column by selecting the column title.

Reports are customised by selecting the date range, patient cohort or individual patient, and observations to be included. Reports can be further customised by contacting our support desk and our in-house team of developers will provide a bespoke report.

Data content is customised by selecting a patient from a caseload and assigning them any combination of vital signs, assessments and questionnaires.

Scaling

Independence of resources
The system has been successfully load tested to 10x the current user volume to ensure it remained stable for large numbers of patients, readings and users. Specific cases examined were individual patients with large numbers of readings and multiple concurrent users logged in at the same time.

The server is configured to scale automatically, allocating additional resources as required, and we continuously monitor load levels to ensure this is working as planned.

Analytics

Service usage metrics
Yes
Metrics types
We provide full usage statistics reports including type and quantity of data recorded for a patient cohort or individual patients. Our audit trail report details User logins and all actions taken with timestamps.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Azure Key Vault & Azure Active Director see https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-atrest?msclkid=b2f26c8ea91a11ecac8f8d24fb4e36fc
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users export their data by downloading reports from the dashboard and via specific requests to our support team.
Data export formats
  • CSV
  • Other
Other data export formats
Excel
Data import formats
  • CSV
  • Other
Other data import formats
Excel

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Our Service Level Agreement guarantees 99.98% uptime. Whzan operates from dual locations on Microsoft Azure with an average uptime greater than 99.98%.

Any downtime is credited to the subscriptions
Approach to resilience
Whzan operates from two independent UK Microsoft datacentres for maximum availability. Our data is stored in an encrypted form on the Microsoft Azure Cloud platform, one of the most secure server platforms available, and used by more than 7 million companies. Microsoft Azure is a tier 4 provider.
Outage reporting
We notify our Users of any outages via email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Fully defined in our Quality and Information Security Management System, available on request.

Our developers and users, that have access to client data, use two factor authentication to access the data. Access at developer level is locked to our IP address. Different accounts have different levels of authority, meaning person identifiable data is only available to those who need access to it. Everyone has their own user login, which requires a secure password.

Direct access to the azure back-end always requires MFA and is also restricted to specified IP addresses.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Amtivo Group Limited, trading as British Assessment Bureau
ISO/IEC 27001 accreditation date
03/07/2023
What the ISO/IEC 27001 doesn’t cover
Nothing. Our whole service is covered by our ISO 27001 certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
We are ISO9001, ISO27001, and Cyber Essentials Plus certified, DTAC compliant, and hold NHS DSPT standards exceeded 2023/24.

All staff undergo annual information governance training and abide by our GDPR policies in our Quality and Information Security Management System. Our contracts with NHS and Councils include DPIAs. Our data protection policy ensures the lawful and correct processing of personal and sensitive data. Our website contains our privacy policy.

Our System Security Policy outlines measures in place to control the safety and security of data, including consent, hosting, business continuity, account termination/data destruction, and physical and software security.

Whzan is hosted by Microsoft Azure in the UK, providing data encryption at rest, frequent testing of system security, IP locked access and backup. We conduct annual penetration testing by a CREST certified third party.

Our developers and users with access to client data use two factor authentication to access the data. Access at developer level is locked to our IP address. Different accounts have different levels of authority, meaning person identifiable data is only available to those who need access to it. Everyone has their own user login requiring a secure password.

We conduct annual internal audits to ensure policies are followed.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Fully defined in our Quality and Information Security Management System, available on request.

We track and document all changes to Whzan including source code, documents, client requirements, and software versions.

Our Senior Management Team identify any potential changes, and delegate to a responsible team member to conduct a “research background” to determine the feasibility of the changes. Once completed, this forms part of the Management Review and is included in the internal audit schedule.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our approach to vulnerability management is fully defined in our Quality and Information Security Management System, available on request.

In accordance with our 'Context, Risk, Opportunities and Objectives' matrix we have assessed all Information Security threats based on their potential effects on Confidentiality, Integrity and Availability (CIA) attributes. Following this analysis, appropriate controls have been identified, which feed into our Statement of Applicability identifying controls to mitigate risks following the process of identification, analysis and evaluation.

Security patches are released as soon as practicable after a vulnerability is identified (subject to time required for development, testing, and standard release processes).
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Fully defined in our Quality and Information Security Management System, available on request.

Our Data Protection Policy defines our approach to the management of information security incidents, communication on security events, and weaknesses. Employees raise potential security vulnerabilities with the Executive Director Team immediately so the threat can be assessed and counter measures put in place.

Our Infrastructure Procedure contains our recovery targets and priorities to bring the system back online with minimal delay.

Security patches are released as soon as practicable after a vulnerability is identified (subject to time required for development, testing, and standard release processes).
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Fully defined in our Quality and Information Security Management System, available on request.

Solcom’s Cyber Incident Response Plan and the procedures to be followed in the event of an incident are detailed in our Data Protection and Security Policies. Management responsibilities and procedures are in place to ensure a quick, effective and orderly response to information security incidents.

Our privacy policy instructs Users to report incidents, such as a data breach, to our Data Protection Officer at privacy@solcom.com.

Our Data Protection Officer provides regular incident reports to those affected via email.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

We are committed to achieving net zero greenhouse gas emissions by 2040.
The Solcom Environmental Policy is regularly referred to in decision-making and during the induction of new staff, board members and volunteers. All Solcom staff are trained in understanding factors driving sound environmental practice and management. Solcom employees benefit from the Cycle to Work Scheme, promoting low-carbon transportation options. Environmental criteria are incorporated into our supplier selection and evaluation processes, preference is given to suppliers with strong environmental credentials and sustainable practices. Sea freight is chosen in preference to air wherever possible when importing goods.

We continually reduce our carbon footprint and practice the principles of the 3Rs (reduce, reuse, recycle):
Reduce - non-essential documents and emails are not printed. We annually review which internal documents and external publications are essential, if they are not, they are cancelled thus reducing waste. We avoid disposable cups and food packaging bought by the office and for events.
Re-use – one side pre-used paper is used in printers, for taking messages and for writing notes or draft copies of documents. We re-use envelopes and packaging.
Recycle – all paper waste, toner cartridges and inkjets are recycled. If office furniture or IT equipment is being replaced, then we have those items reused or recycled. We use and support social economy organisations to recycle materials as appropriate. We endeavour to switch all publications and general office papers to 100% post-consumer waste recycled papers. When purchasing other items of office equipment, recycled options are chosen where available.

We comply with all relevant environmental legislation, including the Waste Electrical and Electronic Equipment (WEEE) Regulations. We minimise the use of energy in our activities. For example, lights and equipment are switched on only when needed and not out of routine. Low energy bulbs are used where possible.

Covid-19 recovery

Whzan supports the physical and mental health of people affected by COVID-19 by enabling patients, residents, and staff to record their vital signs, symptoms, and complete assessments on Whzan. Data is automatically uploaded to the dashboard in real-time, monitored by clinicians. Signs of deterioration are detected earlier, reducing the demand on health and care services.

Whzan supports the COVID-19 recovery effort by enabling patients to be monitored remotely including virtual consultations, so there is no need to travel for appointments.

Mid and South Essex ICB used Whzan to increase care capacity during the COVID-19 pandemic, enabling patients to submit vital signs and assessments into Whzan from their own home.

Tackling economic inequality

We prioritise the recruitment of skilled local people. For example, our North East support office is based in Sunderland to support our health and social care work with Sunderland City Council and South Tyneside and Sunderland NHS. Employees working in this office have a Sunderland address. Our Isle of Wight office employs apprentices from the local College to support our work with the Isle of Wight NHS. Our Isle of Wight Office employs multiple local skilled people, including software developers, project coordinators, system builders, accountants and more.

Where installation services are required, we subcontract installation companies local to the contracting area, including new businesses and entrepreneurs, start-ups, SMEs, VCSEs and mutuals. We collaborate with our supply chain partners fairly and responsibly to deliver contracts.

Whzan is brand and device agnostic, enabling us to support innovation and disruptive technologies to deliver lower cost and higher quality services.

We identify and manage cyber security risks in the delivery of contracts, including in the supply chain, by maintaining ISO9001, ISO27001, and Cyber Essentials Plus accreditation.

Equal opportunity

To tackle workforce inequality, we support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the contract. Training and development opportunities include training courses, conferences, seminars, work shadowing, formal study, coaching and mentoring.

We take action to identify and manage the risks of modern slavery in the delivery of the contract, including in the supply chain. Our Anti-Slavery Policy Statement reflects our commitment to acting ethically and with integrity in all our business relationships. We do not support or deal with any business knowingly involved in slavery or human trafficking. Staff are trained to ensure that slavery and human trafficking does not occur within our organisation or our supply chain. All new and existing employees are subjected to right-to-work checks to ensure that we do not employ illegal workers, thereby ensuring compliance with the Immigration, Asylum and Nationality Act 2006.

Wellbeing

We support the health and wellbeing, including physical and mental health, in the contract workforce by providing additional Whzan systems for teams to complete physical health checks, NEWS2, and any assessment such as those for Generalised Anxiety Disorder and Depression. Contract workforces have access to our App containing a library of condition specific self-management information including COPD, asthma, heart failure, diabetes, hypertension, musculoskeletal physiotherapy, pregnancy, and long COVID. We have multiple evaluations from the NHS using Whzan in care homes and community settings, such as North Central London ICB and Sussex NHS, where carers and clinicians use Whzan to monitor themselves and identified high blood pressure and signs of illness. For example, a cook in a North Central London care home often reported he felt unwell. They used the Blue Box to check his vital signs and he reported a NEWS2 score of 9. An immediate call was made to 999 and within 20 minutes was transferred to hospital via ambulance.

We support the welfare of the Whzan team and ensure our working environment is safe and delivers a positive supportive environment. We remain mindful of our duty of care, and legal obligations under the following: Health and Safety at Work Act 1974, Data Protection Act 2018, Safeguarding Vulnerable Groups Act 2006, Equality Act 2010, and Protection of Freedoms Act 2012.

Brian Martin, our Technology Enabled Care Consultant, is a registered paramedic with over 43-years’ NHS healthcare experience, providing our team with comfort a qualified professional is always on hand in case of emergencies.

We collaborate with users and communities in the codesign and delivery of contracts to support strong integrated communities. We continuously work in partnership with end Users in the design of Whzan and customise the system to meet the requirement of different clinical pathways and patient cohorts.

Pricing

Price
£72 to £400 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We provide free trials of up to 6 months with all software, hardware, training, and support provided. No features are excluded.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at keith.chessell@solcom.com. Tell them what format you need. It will help if you say what assistive technology you use.