FUSION PRACTICES LTD

Fusion Practices Business Process Now

BPN is a one-stop, multilingual, and highly configurable platform which enables users across sectors such as healthcare, education, facility management, sales, and government to automate their business processes completely and boost business efficiency. BPN HealthNow enables medical practitioners to offer online & video consultations.

Features

• Multilingual solution
• Digital Health Management
• Constant, automated software updates.
• Online and Video consultation
• Digital central repository for patient history and diagnostics
• Available on native mobile apps, the web, telephony, and chatbots
• Service Desk (Ticket Management)
• Native mobile applications (iOS and Android)

Benefits

• Single source of truth for data
• Archival and reporting
• Scalable reporting platform on cloud
• Cloud based document repository
• Configurable platform

£10,000 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at consulting@fusionpractices.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

480297192480177

Contact

Anil Passi
+442071019621
consulting@fusionpractices.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Not Applicable
• System requirements:
  • Latest version of web browsers
  • Phone/computer with a camera, microphone, audio.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to questions in 30 mins.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Priority 1 (P1) - Critical: An Incident that is business-critical relating to a business outcome, (including but not limited to the financial impact) (a) affects all Users within a department; or (b) affects users carrying out vital business tasks.; ; Priority 2 (P2) - High: An Incident that is business-critical that affects a single department and either:; A production system’s processing/ effectiveness/ performance (is significantly degraded where the cause of the degradation is the fault of the Supplier and not as a result of third parties or unplanned actions of Users including, but not limited to, running unscheduled reports, the input of incorrect data).; ; Priority 3 (P3) - Medium: A fault that is business/mission-critical and affects a single User.; ; Priority 4 (P4) - Low: A fault that is not business/mission-critical. User does not need the function to perform work tasks; or; Users can continue to use function and therefore can continue to work; ; We provide a technical account manager to provide managed support services to our clients.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide users with various artefacts such as user documentation and training manuals. User training is provided while onboarding the client.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Videos
• End-of-contract data extraction: We will assist users to extract their data in Excel format or using our APIs.
• End-of-contract process: We have a subscription-based model. The scope of work is well-defined during the contract signing stage with the buyer. Additionally, required services & support are charged extra at actual.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are no differences between the mobile and desktop service
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Users can make the following changes through the API:; Create service request; Create notes; Create task; Update status ; Update priority; Update task; Update service request
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Fusion Practices BPN is a completely configurable solution. Users will have access to configure the solution as per their needs.

Scaling

• Independence of resources: BPN HealthNow is a Software as a Service (SaaS) application built using Oracle Autonomous Database which is Self-Driving, Self-Securing, Self-Repairing, and allows on-demand scalability. It also leverages AI and machine learning to provide full, end-to-end automation for provisioning, security, updates, availability, performance, change management, and error prevention.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage statistics and data reports
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: We will assist users to extract their data in Excel format or using our APIs.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The availability of Oracle Cloud is 99.9 %. Users are refunded through service credits in case guaranteed levels of availability are not met. Service credits are calculated as a percentage of the net fees you have paid to Oracle for an Oracle Cloud Infrastructure Service in the month in which any applicable Service Commitment was not met and are credited to you in the calendar month following Oracle’s approval of your claim.
• Approach to resilience: It's available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We use role-based access control to restrict access to management interfaces and support channels.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 04/09/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Fusion Practices' Information Security Policy guides the principles and practices to be followed by employees at all times. Fusion Practices' addresses the great importance of information security. An Apex Committee is formed, comprised of Directors, Key Managers, Administrators, Users, Inspectors and Specialists with the aim of establishing a management framework to coordinate, encourage and control the development of information security within the organization. Mr. Mukesh Jain is appointed as the CISO. Mr. Goutham Sridharan is appointed as the Management Representative. Both would be responsible for the implementation of IMS and overall security. MR / CISO will engage the professional auditing services of specialist to conduct internal audit of the organization.; ; General Functions of the Apex Committee includes:; • Examination and approval of the information security policy and general responsibilities.; • Control of major changes affecting the informational assets of the organization.; • Examination and monitoring of information security incidents.; • Authorization of initiatives aiming to improve security within the organization.; ; We ensure policies are followed by taking the following steps:; 1. By sharing the Risks with Every Employee Team; 2. By helping Employees Identify Threats; 3. By educating employees on best practices; 4. By conducting review meetings

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We follow Information Technology Infrastructure Library-based change management process where every change that goes into production is assessed, planned, and approved to eliminate any service disruptions. Our change management process will follow ITIL best practices templates for emergency, normal, pre-approved changes capturing: • Risk assessment considering business impact • Affected application/business services criticality, collision, historical change information • Compliance with maintenance windows. • Review and testing of implemented changes. All change requests are documented in an electronic, access-controlled ticketing system. The workflow prevents the ticket from being moved into the 'scheduled for implementation' phase without the required review and approvals.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Penetration tests of the system are conducted at least annually. A commercial vulnerability scanning tool is configured to scan all external IP addresses and internal nodes at least quarterly. The results of vulnerability scans and penetration tests are reviewed by management. Vulnerabilities and threats are assessed, documented and tracked through resolution. Oracle Cloud Infrastructure has deployed security information and event monitoring (SIEM) solution which ingests and stores security-related logs and alerts from networking devices, hosts and other components within the infrastructure. SIEM is monitored 24x7x365 basis designed to defend and protect against unauthorised intrusions and activity in the production environment.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: OCI's deployed SIEM ingests logs and alerts from networking devices, and hosts. SIEM is monitored 24x7x365 basis designed to defend and protect against unauthorised intrusions and activity in the production environment. In the event of a security incident, Oracle Cloud Infrastructure activates an agreed protocol which includes GIS, Global Product Security, and Privacy & Security Legal, as applicable, to provide specialist subject matter expertise to respond to the incident. In the event that Oracle determines that it is required to report an incident involving the breach of personal information to a customer, Oracle will promptly notify the affected customer.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents, including incidents reported directly to a customer’s account manager, are recorded via an internal access-controlled electronic ticketing system. Routing, communication, and escalation of incidents vary depending on a number of factors including urgency and impact to customers. The severity definitions are detailed below. Incidents reported via My Oracle Support (MOS) or through the external user incident reporting process are routed to Oracle Cloud Infrastructure personnel and tracked in the electronic ticketing system in the same manner as an internally identified incident.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Equal opportunity:

  Equal opportunity

  Fusion Practices Limited is dedicated to encouraging a supportive and inclusive culture amongst the whole workforce. It is within our best interest to promote diversity and eliminate discrimination in the workplace.; Our aim is to ensure that all employees and job applicants are given equal opportunity and that our organisation Fusion Practices Limited is representative of all sections of society. Each employee will be respected and valued and able to give their best as a result.; This policy reinforces our commitment to providing equality and fairness to all in our employment and not provide less favorable facilities or treatment on the grounds of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, ethnic origin, colour, nationality, national origin, religion or belief, or sex and sexual orientation. We are opposed to all forms of unlawful and unfair discrimination.; All employees, no matter whether they are part-time, full-time, or temporary, will be treated fairly and with respect. When Fusion Practices Ltd selects candidates for employment, promotion, training, or any other benefit, it will be on the basis of their aptitude and ability.; ; Fusion Practices Ltd commitments:; • To create an environment in which individual differences and the contributions of all team members are recognized and valued.; • To create a working environment that promotes dignity and respect for every employee.; • To not tolerate any form of intimidation, bullying, or harassment, and to discipline those that breach this policy.; • To make training, development, and progression opportunities available to all staff.; ; • To regularly review all our employment practices and procedures so that fairness is always maintained.; ; Our equality and diversity policy is fully supported by senior management and has been agreed with trade unions and/or employee representatives.

Pricing

• Price: £10,000 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Buyers will have access to the complete system for a limited time period

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at consulting@fusionpractices.com. Tell them what format you need. It will help if you say what assistive technology you use.