Argyle IT Consulting Ltd

Argyle Digital Microscopy Services Platform

Argyle Digital Microscopy Services (DMS) is an online web-based service aimed at NHS Trusts, Independent Pathology providers and Educational Bodies. The service is based on a modular platform and available on a per seat or storage basis.

Features

• Access from any internet connection from your browser
• Upload share and display of whole slide image (WSI)
• Storage of WSI
• Annotation of WSI with download in XML/CSV
• Construction of educational modules/tutorials based around digital slides

Benefits

• Publish and access WSI from any internet connected device
• Conduct teaching sessions on publicly available or institutionally owned WSI
• Comprehensive permission structure allowing sharing of slides appropriately
• Use preconfigured system or custom front end

£6,000 to £30,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at arjun.dhillon@nhs.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

504748310009173

Contact

Arjun Dhillon
+447788425875
arjun.dhillon@nhs.net

Service scope

• Software add-on or extension: No
• Cloud deployment model: Community cloud
• Service constraints: Support is limited to the support channels, service hours and the supported browsers outlined in the service definition document.
• System requirements:
  • Internet Connection
  • Compatible browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please see service definitions for details of support levels provided.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Please see service definition document for the details of support levels provided.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Users can start using the service following an online registration process to create a new user account.; Once their registration is approved, user can access user documentation within the system.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can download their documents anytime during the contract period.; An offboarding service is provided as an optional service at the end of the contract for providing customer data in an electronic format at an additional cost.
• End-of-contract process: At the end of the contract, the services and data will cease to be accessible to the users. Customer data will be retained for a period of 120 days to enable the customer to reactivate the service without additional costs.; Any services required at the end of the contract will be provided at an additional cost to the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Service is provided via a browser both on mobile and desktop devices.; There is no difference in functionality between mobile and desktop devices provided a compatible browser is used.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Each customer instance of the service is allocated dedicated minimum resources to serve the contracted user base.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide service metrics on number of active users per month and data storage utilisation
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Imports and exports are limited to documents for the document library. Users can upload and download their documents using the browser interface.
• Data export formats: Other
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: No availability guarantee is provided as part of this service.
• Approach to resilience: Service is provided on a resilient infrastructure with geographic redundancy. Details are available on request.
• Outage reporting: Service outages are reported via email and/or SMS alerts to agreed users.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: A full granular role base access is used for managing access controls across the entire system.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance framework is designed to meet the control objectives of the Cyber Essential scheme.
• Information security policies and processes: We have information security policies and protocols covering hardware configuration management, firewalls, monitoring, access controls and management, protection from malicious code, password management, acceptable use, systems vulnerability testing, acceptable use and information classification and handling. Each policy and procedure has a defined owner and approver and outlines responsibilities for auditing and monitoring compliance where applicable.; In addition, we undertake regular internal and external penetration testing through an independent third party to ensure any deviations from these policies are protocols that have not been identified internally are detected and rectified.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Each software component is tracked from creation using version control with each version of the code archived when replaced/updated.; We carry out internal penetration testing after each version update and we contract a third party to carry out penetration testing following each major update.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We carry out routine penetration testing internally and commission third party service following major upgrades. We subscribe to vendor's alert and update services for server and database systems. Critical patches are usually tested and applied within 24 hours.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Servers, firewalls, network traffic and ports are monitored using automated alert systems. Different thresholds are set for alerts depending on the component.; Critical alerts are usually responded to within 1 hour.
• Incident management type: Undisclosed
• Incident management approach: Please see service definition document for the details of the incident support process.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  Our services are are all Healthcare focused. They are designed to reduce costs for the health service, improve patient outcomes & reduce provider burden. This directly supports COVID19 recovery by improving efficiency and productivity of healthcare organisations.

Pricing

• Price: £6,000 to £30,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at arjun.dhillon@nhs.net. Tell them what format you need. It will help if you say what assistive technology you use.