Skip to main content

Help us improve the Digital Marketplace - send your feedback

NEUREX AI LIMITED

Neurex iPACS : AI Powered Image viewer, exchange & reporting platform

Neurex iPACS is AI Powered Medical Image Management, Sharing and Exchange Platform. It ensures image and data integrity, high-availability, and performance. AI automates report generation, image annotations and operate inside, outside and across the NHS trust network, using compression and encryption. Our proprietary PACS viewer is highly optimised for cloud.

Features

  • Extendable and scalable Cloud platform
  • Secure and trusted Cloud Storage
  • AI generated study report and image annotation
  • Supports all modalities such as MR/CT/PET, CR, US & MG.
  • Seamless HL7 integration with EPR
  • Fast, secure transfer - DICOM, WADO, HL7
  • Secure real-time image sharing to anyone, anywhere
  • AI powered intelligent routing mechanism
  • Comprehensive ACL to manage user roles and granularity in access.
  • HIPAA and GDPR compliant

Benefits

  • Minimize cost of storage, hardware maintenance, and IT infrastructure.
  • Eliminate the need for CDs through cloud-based image sharing.
  • Seamlessly integrate images into patient portals and EPR.
  • Vendor agnostic flexible and scalable storage capabilities.
  • Integrated reporting with EPR
  • Reduced delays in reporting of radiology examinations
  • Reduce workload pressures and quality concerns
  • Reduce burden on radiologist and reduce backlogs
  • Early detection of rare diseases using trained AI model

Pricing

£400 to £1,200 a unit a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at anupam.das@thoughti.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 2 0 1 1 8 7 7 6 6 3 8 5 8 3

Contact

NEUREX AI LIMITED ANUPAM DAS
Telephone: 07442009457
Email: anupam.das@thoughti.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Private cloud component runs on Windows Server 2012 R2 64-bit or higher and a minimum of 8 cores, 32GB memory and 250GB SSD
System requirements
  • Microsoft Windows Server 2012 R2 64-bit
  • Hardware 8 core, 32GB 250GB SSD
  • VPN access for installation and support
  • TLS enabled for access to Neurex Platform
  • Signed SSL certificate

User support

Email or online ticketing support
Email or online ticketing
Support response times
9:00 - 17:00 Monday to Friday support response. Tickets can be logged at any time.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Client support is provided at no extra cost, and is included in standard terms and conditions of contract. For Severity 1 issues customers may contact support via the support telephone number. For Severity 2,3,4,5 issues customers may contact Support via the Neurex Support Portal as well as emails via 'support@neurexhealth.ai'. When an issue is reported by a customer, the Support team will respond to the customer within the time designated by the SLA identified in the customer's contract. All clients will be provided an Account Manager and a Support Lead. Support is provided 9:00 to 17:00 UK Monday to Friday excluding public holidays.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onsite training, online training and user documentation are all provided.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Standard functionality within the solution enables customer data to be extracted via either a SQL database or csv format file extraction.
End-of-contract process
At the end of the contract user accounts for the customer site would be disabled and any private cloud components of the solution would also be disabled. Customer data both in terms of input and results can be extracted from the solution as part of standard functionality.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile version is for ambient scribing and dashboard view.
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
Documented APIs are available which allow integration between Neurex RevFlow and other local systems. APIs provide access to automated coding and analysis capabilities, as well as the ability to load clinical narrative documentation into the system. All system set up and configuration processes are undertaken directly through the system's user interface.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Single tenant hosting provision.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is made available via APIs and or ETL, as well as SQL dump or csv file extractions.
Data export formats
  • CSV
  • Other
Other data export formats
SQL Dump
Data import formats
  • CSV
  • Other
Other data import formats
  • HL7
  • FHIR Resource

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The SLA provided for the service is available between 9:00 and 17:00 Monday through Friday, excluding public holidays.
Approach to resilience
Each layer in the Neurex architecture is distributed across availability zones. Because availability zones are geographically separated data centers with independent access to power and networking, operations continue even if one or two availability zones become unavailable. In addition, the database storage layer leverages the cloud provider’s resilient
storage service to provide highly durable, costeffective storage. When a transaction is committed in Neurex, the data is securely stored in the cloud
provider’s highly durable data storage, which enables data survival in the event of the loss of one or more disks, servers, or even data centers. It is designed for eleven 9s (99.999999999%) of data durability.
Outage reporting
Public dashboard at https://status.neurexhealth.ai/

Anyone can subscribe to e-mail alerts via the above status page

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
Authentication requirements configurable.
Username/password authentication with or without MFA.
OAuth 2.0 either with built in or external OAuth server.
Federated authentication & SSO with configurable identify providers via Okta, AD FA or other SAML2.0 compliant service.
Access restrictions in management interfaces and support channels
Management Interfaces and support channels are secured using roles applied to users to maintain the separation of ability of users. The system is designed to allow only specific and absolutely necessary users the ability to alter authentication and authorisation. Default permission for new users is always set to deny all access until it is specifically granted by and administrative account.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Description of management access authentication
Level of access is determined by user role. Process for authentication for management access is exactly the same as all other user authentication.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
HIPAA
Information security policies and processes
Neurex has an Information Security Policy and an IT Code of Practice which are reviewed by each employee as part of induction and signed as reviewed before any access is granted to Neurex systems. The Neurex HIPAA Manual sets out policies and procedures relating to technical, physical, and administrative controls in support of the HIPAA legislation. As part of HIPAA an annual risk assessment is undertaken and reviewed covering physical, technical and administrative safeguards. All employees undergo compulsory HIPAA training as part of induction and annual HIPAA refresher training. HIPAA compliance is backed off to a HIPAA compliant hosting partner hipaavault.com Neurex has an appointed Privacy and Security Officer.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All software updates are handled by Neurex themselves with no user intervention.
Security announcements, services alerts, pending behaviour changes and release history are available at https://community.neurexhealth.ai/announcements

Anyone can subscribe to e-mail notifications of any of these announcements from the same page
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Threats at the hosting level are assessed on an ongoing and proactive basis by our hosting partner hipaavault conforming to CSA CCM v3/SSAE-16. The exact details are subject to non disclosure. Threat testing is undertaken regularly in relation to the Neurex product components of the service. Issues identified are mitigated inline with their severity and impact. Monthly vulnerability testing of the overall service take place utilising industry standard independent cyber risk management software.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring of the service is provided by our hosting partner hipaavault. Full details of this are subject to a non disclosure.
Incident management type
Supplier-defined controls
Incident management approach
An incident can pertain to a number of areas across the service. Incidents from customers will be raised with the Neurex Support team through phone, portal or email and logged on our industry standard support system. Common FAQs are available through this system also. Should an incident relate to the hosting then it can be escalated to Neurex.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

Fighting climate change

Fighting climate change

We endeavour to do our best in fighting climate change and have made an active effort to switch our delivery to remote working vs onsite delivery where possible, thus reducing our travel & impact on the environment.

Pricing

Price
£400 to £1,200 a unit a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
For educational medical schools and health tech departments of NHS organizations, we offer a limited time free version for joint research and proof of concept.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at anupam.das@thoughti.com. Tell them what format you need. It will help if you say what assistive technology you use.