FUTURE PERFECT (HEALTHCARE) LIMITED

PANACEA Shared Care Platform for Whole System Personalised healthcare - Future Perfect (Healthcare)

PANACEA digital applications and innovations platform, open standards interoperability (openEHR). Vastly accelerates (+at lesser cost) deploying AI innovations working with EPRs/LIMs. PANACEA enables 2-way realtime shared care for interoperable whole system care planning: complex discharges, home-before-hospital, virtual wards, patient flow. Clinical network data archivals. Clinically consultancy: DCB0129/0160 standards. Economic evaluation.

Features

• PANACEA provides holistic real-time view of 2-way openEHR patient records.
• OpenEHR standard enables global shared care, by being future-proof nationally/internationally.
• Intuitive customer-tailored user interface into lists, tasks, workflows and pathways.
• Agile service delivery, stakeholder collaboration at heart of our methodology.
• Component based customisable UX enables easy aggregation of CDS/AI applications.
• Custom Forms-Designer capability, for clinical noting, building bespoke clinical processes.
• Deploys applications via containerised microservices for flexibility and customer-configuration.
• Open security standards (OAuth2/OpenIdConnect) providing Single-Sign-On with the customer’s systems.
• Panacea-Integration-Hub normalises HL7-FHIR messages making patient data available in real-time.

Benefits

• Real-time updating ensures clinicians are always viewing current records.
• Information sharing for integrated care, clinical networks, regionalised diagnostic services.
• Data Federation supporting shared care, either place-based or regional/national/international.
• Benefits Framework: stakeholder engagement, business case, deployment, realisation, evaluation.
• Liberating patient data, enabling new uses cases and advanced analytics.
• Modern UX standards/Web-Components deeply integrating with new and legacy systems.
• Extensible design enabling access to significantly more knowledge and information.
• Open Standards (openEHR) preventing vendor lock-in. PANACEA is vendor neutral.
• Detailed auditing of user actions enabling stronger information governance.
• Genomics+AI for new model of healthcare: PREDICT/PREVENT/DIAGNOSE/TREAT, not just DIAGNOSE/TREAT.

£4,667 to £27,611 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robin.stern@future-perfect.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

464950265432067

Contact

Robin Stern, Director
07785 375700
robin.stern@future-perfect.co

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: See other Cloud Software & Support Services offered, including artificial intelligence (AI), Clinical Decision Support (CDS), Genomic Data Management and Secure Clinical Messaging.
• Cloud deployment model: Hybrid cloud
• Service constraints: None
• System requirements: OpenEHR Platform

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: With our default service level agreement, 9 to 5 (UK time), Monday to Friday, we respond to all service incidents within 30 mins to 1 hour, depending on the urgency. For any out-of-hours requirements, details are available on request.; ; FPH Support are alerted, through text messages and Teams notifications, to new incidents, and subsequently to approaching SLA action points, so as to ensure key SLA points are met.; ; Through our Customer Support Portal, customers are able to monitor the progress of their tickets, and engage directly with the FPH Support team.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: In addition to our own internal testing, we have not performed any web chat testing with assistive technology users, but we are currently seeking to engage with our customers and their disabled staff, who will be able to provide a valid assessment of our meeting accessibiblity criteria, on our web chat and other customer engagement tools.
• Onsite support: Yes, at extra cost
• Support levels: See Service Definition Document.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation and online training is provided as standard.; On-site training and floorwalking can be provided. See SFIA rate card.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of a contract, users can export their configuration and data before the infrastructure is securely cleared of data. ; Bespoke data exports are available on request.; Future Perfect retains all intellectual property in the software. The customer owns the configuration of the Panacea solution at the customer site. The customer does not receive the source code of the software.
• End-of-contract process: An agreed exit plan will be included in any contract with a customer, and Future Perfect would comply fully with the requirements as set out for contract exit in the contract. The exit plan will contain all the detail necessary to affect a smooth and orderly termination of the services and hand-over to the customer or a new service provider. As such the deliverables and activities that would typically form part of an exit and handover include the obligations of each party, applicable schedule and timescales and the approach to data migration.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Panacea user interface uses a responsive web design approach meaning it can be used on a range of device form factors, ranging from tablets to desktops. Minimum browser window sizes apply.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: User support portal.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have not performed any web chat testing with assistive technology users.
• API: Yes
• What users can and can't do using the API: The APIs' capabilities are principally designed to allow the exchange of data using standards such as openEHR, HL7v2 or FHIR. Future Perfect has a number of interfaces and API's developed and is able to create specific solutions against clients' requirements
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Data interfaces for retrieving and persisting data. User Interface.; Customisation by Future Perfect. See SFIA rate card.

Scaling

• Independence of resources: Performance monitoring included.; Additional storage and compute resources can be quickly scaled using Rackspace Government Cloud secure hosting option.

Analytics

• Service usage metrics: Yes
• Metrics types: • Users; • Patient records; • Transactions; • Storage utilisation; • Compute utilisation
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Any
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • OpenEHR
  • HL7 all versions
  • FHIR
  • Custom
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • OpenEHR
  • HL7 all versions
  • FHIR
  • Custom
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Panacea's architecture is designed for continuous operation.; Planned maintenance episodes are minimised as much as possible and are only required in exceptional circumstances – non-disruptive approaches to software release, patching, database maintenance are used to maximise the availability of the solution.; Though Rackspace Government Cloud service, resilience techniques such as load balancing/service discovery, replication of data and duplication of server roles can be employed to minimise the impact of component failure. Extensive monitoring and alerting tooling is deployed; this enables issues to be quickly identified and addressed, often without end-user impact.
• Approach to resilience: Available on request.
• Outage reporting: • Dashboard; • Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is controlled via Multi-Factor Authentication for the background cloud infrastructure and by username and password from whitelisted IP addresses for the web administration portal.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certificated by QMS, accredited by ASCB
• ISO/IEC 27001 accreditation date: 08/07/2020
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Security by Design

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ITIL & Azure DevOps
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: See Rackspace Government Cloud on Azure.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: See Rackspace Government Cloud on Azure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Conforms to ITIL and ISO20000

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  We started and have continued as a business without central premises, our staff working home-based, if they are not with customers. We encourage use of public transport over private cars, when travelling on business. We are sensitive to the varying efficiency of IT platforms and solutions, especially in how large volumes of data are processed.
• Covid-19 recovery:

  Covid-19 recovery

  Our business was founded in April 2020, two weeks following lockdown. We do not have an "old normal" to fall back on and we have worked hard with our staff and customers to uncover and evolve their varying wishes and needs in achieving a "new normal". While virtual screen-based communication suffices for many people and circumstances, we appreciate and share people's needs for direct contact, with all the otherwise foregone value of informal but highly productive interactions that can occur.
• Tackling economic inequality:

  Tackling economic inequality

  In our main sectors of health and care, economic inequality is often reflected in the range of how differently advantaged people experience their services. We are purveyors of the latest decision support and artificial intelligence systems and services, which, implemented appropriately, can contribute significantly to redress the impact of economic imbalance in healthcare - both in the outcomes of people's care and, also, in their experience of that care. For example, AI systems needing "training" in data that sufficiently represents diversity to avoid risks of inadvertent bias; or care pathways that involve people in interacting with their own care via their own data.
• Equal opportunity:

  Equal opportunity

  In our main sectors of health and care, unequal opportunity is often reflected in the range of how differently advantaged people experience their services. We are purveyors of the latest decision support and artificial intelligence systems and services, which, implemented appropriately, can contribute significantly to redress the impact of unequal opportunity in healthcare - both in the outcomes of people's care and, also, in their experience of that care. For example, AI systems needing "training" in data that sufficiently represents diversity to avoid risks of inadvertent bias; or care pathways that involve people in interacting with their own care via their own data.
• Wellbeing:

  Wellbeing

  The essence of our offering concerns health and care, all improvements of which are fundamental to wellbeing. A big difference to be made is the democratising of services, using technologies such as artificial intelligence that invite, welcome and utilise people's input to their own needs that gets factored into decisions made together with care professionals. We match that commitment in another core issue about which we are passionate: democratising people's care data. Most IT systems bought until now are highly proprietary, extracting data from which is made difficult, complex and extremely costly. We are committed to open standards digital platforms into which we extract such data, rendering it directly usable on behalf of the people who are the subjects of that data.

Pricing

• Price: £4,667 to £27,611 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robin.stern@future-perfect.co. Tell them what format you need. It will help if you say what assistive technology you use.