PCMIS HEALTH TECHNOLOGIES LTD

PCMIS Case Management System

PCMIS is an easy to use digital case management system for mental health, CYP and NHS IAPT services. PCMIS is a clinically proven and evidence based SAAS application. PCMIS supports a wide range of pathways, risk management, patient tracking and analysis, helping you to effectively monitor and report service activity.

Features

• Highly configurable and flexible system
• Dynamic and granular real-time reporting options
• Built-in, evidence based clinically proven risk management technology
• Seamless integration with digital therapies and other clinical systems
• Integrated Digital Pathway for online patient access and Spine Integration
• Intuitive User Interface and system design
• NHS Dataset compliant including IAPT and MHSDS data sets
• Centralised appointment and slot booking system
• Comprehensive Clinical Note section and Supervisor Notes
• Pathways supported include IAPT, CYP, Staff Wellbeing and Complex Services

Benefits

• Effectively manage risk and prevent deterioration
• Improve patient engagement with online digital patient portal services
• Reduce time consuming administration tasks and processes
• Achieve 360 view of service performance using dynamic reporting dashboards
• Increase patient engagement with integrated SMS text communications
• Ensure the highest levels of data quality, completeness and compliance
• Enjoy full system access remotely and securely
• Access comprehensive user guides and video walk-throughs for staff training
• Integrate with a range of Digital Therapies and Clinical Systems
• Reduce treatment and administration costs and increase outcomes

£4,950.00 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@pcmis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

488798475264304

Contact

Byron George
01904 321322
enquiries@pcmis.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: A current supported web browser is required with at least 2Mbps Internet Connection.
• System requirements:
  • Current supported Web Browser including Edge, Chrome, Safari and Mozilla
  • Internet, VPN or HSCN/NHSNet Connection
  • Minimum Internet Speed of 2 Mbps

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Telephone and email support, 08:30-17:00 Monday to Friday. Excludes bank holidays and public holidays.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: A dedicated PCMIS client engagement manager will be assigned to the life time of the contract to monitor and review contract performance. System service management is proactively monitored and any issues raise automatic alerts to the PCMIS support team who will investigate as a priority.; The delivery of PCMIS is supported by a dedicated service desk team and is included within the contract as standard. Project management and system development team ensuring that an acceptable level of service is provided. We are passionate about providing a high quality service. 8 out of 10 services ranked PCMIS as good or very good in the following areas; customer contact and communication, data protection and security, PCMIS system functionality, compared to other IT systems and help desk support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A dedicated Client Engagement Manager will be assigned to your service and a kick off meeting arranged to gather and elicit service requirements and project scope. A project plan and timescales will be produced and used to manage and track progress of system implementation. The PCMIS business team and BA team will undertake initial scoping and project management, system configuration and training needs analysis. UAT will be included to ensure sign off of system and that it meets service requirements.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Video Guides
  • DOCX
  • DOC
  • XLSX
  • XLS
• End-of-contract data extraction: At the end of a contract, all service data will be returned to the organisation that holds the contract for that instance of PCMIS (the service), who is the Data Controller. ; ; A single file transfer of the data will be sent to the service securely within thirty days following the termination of the contract. Data will be returned in a standard CSV format and uploaded documents attached to patient records will be returned in their original file format.
• End-of-contract process: All data will be securely destroyed using industry standard NHS approved data destruction tools. A single full data extract is included within the price of the contract. Additional data extracts are chargeable, please see the rates card for pricing.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: PCMIS supports a wide range of system integration capability using PCMIS API Web Services and coding standards including HL7, XML and JSON through integration with digital therapy platforms, national and local Trust integration engines.; ; The following interfaces have been developed and are currently operationally live:; Web API HL7; Web API IAPT Portal eReferrals; Web API IAPT Patient Portal; Web API Platform integration with Digital Enabled Therapies; Web API eReferral registration integrated with Digital Enabled Therapies; Healthy London Partnership eReferral Integration; NHS Choices/NHS.UK eReferrals; NHS Spine; Postcode Lookup API; SMS Appointment Reminder API; Patient Portal Appointment Reminder API; Patient Experience PEQ SMS API; Patient Portal Choose and Book API; Patient Portal SMS API; Database Analytics API; ; Implementation and changes are coordinated via PCMIS Support.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: PCMIS includes a high level of flexibility and customisation, including the ability to add/remove and update data fields on data entry screens through assigned system permissions, including custom fields, customising drop down items, setting fields as mandatory and adding local reporting items.; PCMIS menus are tailored to access levels. Built in systems permissions grant/deny access to menu items and built-in user preferences can be set to customise individual view settings.; Display columns are configurable to allow users to select which details are to be included in the display.; PCMIS system configurability including custom fields, custom forms, letter templates and configurable care pathways can all be used to create and define local care plans.; Built in role based systems permissions allow users with the appropriate system access to add/amend reference data. These permissions are granular and can be setup to ensure only appropriate users can amend appropriate fields.; Granular system permissions and comprehensive audit trails ensure appropriate clinical access and governance is maintained.

Scaling

• Independence of resources: PCMIS operates on a dedicated server, data is not shared or accessible by any other organisation, guaranteeing data security but also high performance as the speed of the system will not affected by numbers of active users.; ; PCMIS is hosted on scalable infrastructure using state of art technologies and by default can support over1,000,000 patient records. The architecture of the storage capacity is designed not to impact the system operations.

Analytics

• Service usage metrics: Yes
• Metrics types: PCMIS operates on a dedicated server, data is not shared or accessible by any other organisation, guaranteeing data security but also high performance as the speed of the system will not affected by numbers of active users.; We provide a high level of resilience and capacity using dedicated servers with fail-over to ensure high availability.Any performance or service delivery incidents are reported automatically using built in network system monitoring. PCMIS operates with spare capacity and additional capacity is available for future increased volumes.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data will be returned in a standard CSV format by PCMIS Support using a fully encrypted and secure transfer facility.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • SQL
  • Excel
  • Word
  • PDF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: All transferred data is fully encrypted throughout the entire technology stack. PCMIS is protected by five levels of security including internal and external E3 compliant firewalls and Elliptic Curve Cryptography (ECC) technology.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: All transferred data is fully encrypted throughout the entire technology stack using the latest Elliptic Curve Cryptography.

Availability and resilience

• Guaranteed availability: Our average up time exceeds 99.9256%, which includes downtime for scheduled out of hours system patches (that may require a server restart). A service level agreement is available on request.
• Approach to resilience: A high level of resilience is built into PCMIS to ensure the highest levels of availability. ; The PCMIS application is hosted on infrastructure with built in fail-over and redundancy, including backup power generators with 24 hour backup power.
• Outage reporting: Email alerts are used to inform services in advance of any planned maintenance. We aim to provide at least one week advance notice for maintenance and two weeks advance notice for system upgrades.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access, application security controls, system permissions and firewall network restrictions are used to restrict system permissions, system access and access to management interfaces.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Digital Data Security Protection Toolkit (Level 3)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus. ; NHS Digital Data Security and Protection Toolkit (DSPT) Level 3.
• Information security policies and processes: PCMIS is Cyber Essentials Plus accredited, NHS Digital DSPT Approved and hosted within an ISO27001 compliant data centre. We have a dedicated internal security team and are annually audited by CREST security specialist. Controls and security policies are implemented to ensure patient data is protected at all times. Mandatory Information Governance/Data Security training is annually monitored for all staff. Spot checks are undertaken and all security policies are annually reviewed including Disaster Recovery, Business Continuity, Acceptable Use Policy,Secure Application Development, Physical Access, Patch Management and Anti-virus/anti-malware policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ITIL best practice change management process is used to approve any security changes. Staff are ITIL qualified.Change requests are logged, risk assessment undertaken and approval process signed off prior to any configuration changes. The risk assessment process is used to identify and potential security impact. The requests for change(RFC's) are linked to Incident Management process to allow components to be tracked through their lifetime. Each release of PCMIS also includes Privacy Impact Assessment and Clinical Risk Assessment compliant with NHS Digital DCB160/DCB0129. Application development changes are tracked using centrally managed version control with access control.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: PCMIS receives automatic notification of any potential threats and vulnerabilities from security bulletins, from the specialist security team and direct from IT system suppliers. Application vulnerability scanning is undertaken, IT security specialist are used to assess any risks and critical patches are installed within 48 hours, following internal testing. Monthly released security updates are installed within 14 days of release.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: A dedicated security team proactively monitor security threats. Automated frequent vulnerability scanning is undertaken. Annual penetration testing is undertaken by external security specialists. Any identified threat would be responded to immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are reported to senior management immediately and the security and data protection team informed. An incident report is completed and reviewed by security and IG specialists to identify impact and actions taken compliant with best practice security and GDPR. Client will be contact immediately and actions are reviewed and implemented on all systems and processes involved in the incident to mitigate further risk and prevent further re-occurrence.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  As a Software As A Service (SAAS) system provider our case management system and supporting digital technologies are designed to reduce paper use in service by automating and digitising a lot of tasks traditionally done by administrative and clinical teams. Our online eReferral forms and Patient Portal SMS functionality remove the need for paper form completion before and during appointments, and cut down significantly on the need for communicating with patients by postal letters. ; ; As a wholly-owned subsidiary company of the University of York, we adhere to and support their Sustainability Plan which commits to carbon neutrality by 2030
• Covid-19 recovery:

  Covid-19 recovery

  As an employer we have supported our workforce through the Covid-19 pandemic, facilitating a safe working environment and encouraging a hybrid working approach to minimise risk. ; ; As an NHS technology supplier we are actively involved in supporting the Covid-19 recovery through provision of digital triage and case management tools for a range of COVID-19 specific mental health services. We have also made COVID-19 related data items available in our system to support NHS and ONS (Office for National Statistics) data gathering as part of the ongoing effort to understand and overcome the impact of the pandemic.
• Tackling economic inequality:

  Tackling economic inequality

  PCMIS is a wholly-owned subsidiary company of the University of York. The University of York exists to aid public good. As such, the University has a range of scholarship funds, established to support students to come to York from underrepresented backgrounds including asylum-seeking students, those who have disabilities, those from Black and Minority Ethnic (BAME) backgrounds, as well those who are the first in their families to access higher education and those who are living in, or have lived in, the care system in the UK for neglected and abused children and young people.
• Equal opportunity:

  Equal opportunity

  As a wholly-owned subsidiary company of the University of York, PCMIS strives to be diverse and inclusive – a place where we can all be ourselves. The University particularly encourages applications from people who identify as Black, Asian or from a Minority Ethnic background, who are underrepresented at the University.; We offer family friendly, flexible working arrangements, with forums and inclusive facilities to support our staff.
• Wellbeing:

  Wellbeing

  PCMIS technology is clinically proven to facilitate better mental health care treatment outcomes. Our technology is utilised by a range of mental health and wellbeing services, from NHS IAPT or Staff Wellbeing Services to Eating Disorder Services and Student Support. ; ; All technical development and system improvements are underpinned by innovative, evidence based mental health research, transforming clinical insight and study into real world impact. As a team we work towards one goal: Improving Patient Wellbeing.

Pricing

• Price: £4,950.00 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@pcmis.com. Tell them what format you need. It will help if you say what assistive technology you use.