CareFlow Electronic Prescribing and Medicines Administration (EPMA)
CareFlow Electronic Prescribing and Medicines Administration (EPMA) supports end-to-end prescribing and administration of all medicines for inpatient, outpatient, and discharge prescribing, helping to ensure safe prescribing.
CareFlow EPMA operates across a wide range of care settings, including Acute, Mental Health, and Community, providing an ‘Integrated Care System (ICS) ready’ solution.
Features
- Prescribing functionality which provides comprehensive tools to support all medicines.
- Safety principles to minimise the risk of dosing medication errors.
- Integrated with Pharmacy to seamlessly ensure automated supply of medicines.
- Resultant data to support insights for clinical and operational improvements.
- Enforcement of prescribing, administration, and clinical review standards.
- Enforcement of allergy recording standards.
- Clearer discharge information, presented in a well-structured format.
- Faster, safer, more efficient delivery of care.
Benefits
- Improved patient safety through a reduction in medication errors.
- Reduction in time to prescribe, check, supply, and administer medicines.
- Resultant data to support insights for clinical and operational improvements.
- Quality of care standards incorporated into system/clinical workflows.
- Security assured of sensitive personal identifiable data.
Pricing
£0 a unit
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 6 2 6 5 7 5 3 3 7 1 8 2 5 8
Contact
SystemC Healthcare Limited
Bid Manager
Telephone: 01622 691616
Email: sales@systemc.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Services are available to extend the functionality of existing services to meet or exceed the Digital Capabilities Framework (DCF) to support the Frontline Digitisation Programme.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- The provision of services is subject to System C standard Service Level Agreements (SLAs) and Warranted Environment Specifications (WES).
- System requirements
-
- 1 x dual core 2.5Ghz
- Minimum 1280 x 1024 capable display (1920 x 1080 preferred)
- 4GB memory (2GB available for application)
- 4GB free disk space
- Typical bandwidth per client session - 20Kb
- Windows 10 (to version 22H2)/Windows 11 Pro (to version 22H2)
- .NET v4.7.2
- Chrome/Edge (Chromium)/Safari
- IOS 13, 12, and 11
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response times depend upon the priority level of the ticket raised in our IT Service Management (ITSM) system. For example, Priority 1 calls are responded to within 30 minutes 24/7; lower priority calls are responded to during normal working hours.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- System C provides support via the System C Helpdesk (this includes the Jira online call logging system). We offer a standard support service (with tailored Service Level Agreements (SLAs) depending on the component/function) for each product. This way we know that all customers receive a standardised support service. For priority 1, system down or clinical risk incidents we aim to resolve the incident within 4 hours. Priority 2 incidents within 24 hours, P3 incidents within 30 days and P4 incidents in the next available software release. An incident can only be closed once resolution has been confirmed by the customer. Excluded from the time to resolve an incident is any time during which the issue is with the customer, a third party, or when an agreed code fix is being provided. Each customer is allocated an Account Manager and a Service Delivery Manager who have access to technical, cloud, or other support resource as required. On-site support is not usually needed but may be chargeable if required.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
System C will work closely with the customer’s service teams and/ or third-party suppliers to implement the solution. Full project plans and a Project Initiation Document (PID) is provided. We also provide on-site training (train the trainer), user documentation relevant to the solution being implemented, and eLearning packages (for some functions). Recommended workflows with associated Standard Operating Procedures (SOPs) are also provided, as well as user documentation relevant to the service being implemented.
Complex components (e.g., the CareFlow Electronic Patient Record) require a year or more to deploy using a team of implementation specialists, which will include the following roles:
• Program/Project Manager(s)
• Product specialists
• Data migration specialists
• Integration specialists
• Reporting/Business Intelligence specialists
• Training specialists
• Change management specialists.
Other components require just a few weeks to implement, managed by a small team of clinical and technical specialists, working with the customer's team. - Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- Other
- Other documentation formats
- Microsoft Project
- End-of-contract data extraction
-
Depending on the component/function in question, System C offers the following services:
• For some solutions, all data held within the system, except for letters and scanned images, is made available for the customer to extract via existing Business Intelligence tools.
• For other solutions, a data extract is provided in an agreed format. - End-of-contract process
-
System C works with the customer to produce a high-level Exit Strategy document and Exit Plan which details the methodology for data/service transition from the system. This will be actioned at the end of the contract. These documents would be expected to include:
• The management structure to be employed at contract end.
• Detailed description of both the data and service transfer/termination processes.
• Scope of the services to be provided at contract end.
• Any charges payable for the provision of the Termination Service.
System C's standard approach towards the extraction of data at the end of the contract is to ensure that the customer has the tools and access to the data, such that the customer has the capability of extracting its own data without automatic recourse to System C. We will provide support to the customer in performing any such extraction activities, and if required, we will be happy to provide services to more actively assist the customer in undertaking these tasks. This would be at additional cost and a quote for this would be provided by System C.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Chrome
- Safari
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Some of the components/functions of our service are designed predominantly to work on mobile devices (e.g., electronic observations and mobile care coordination). In these cases, there may be elements of the solution (e.g., a management console) which is browser or desktop based. However, most end users will be accessing the solution via mobile devices.
Other components (such as the CareFlow Electronic Patient Record) are designed primarily for use on the desktop, but may have certain features (e.g., results reporting) which are delivered via mobile devices. - Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
-
System C has developed several Application Programming Interfaces (APIs) to allow clinical application development. These APIs enable interaction with key functionality.
The APIs are hosted as part of the System C software solution. Primary configuration is completed using the main application, after which the APIs can be used to transact with the system.
By calling the APIs and providing the appropriate data and application codes, the API will be able to perform the desired function i.e., transferring a patient between beds.
Individual APIs are designed to support the user performing a specific transactional change to the system. Please note that not all transactions supported via the front-end application are supported within the current API set. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The degree to which customers can customise the service depends upon which components/functions of the service they are implementing. Examples of items which can be configured include (but are not limited to):
• Screen layouts.
• Structured clinical documentation forms.
• Free text fields.
• Lookup tables and values, and dropdown lists.
• User favourites and tailored homepages.
• Reports and dashboards.
• Role Based Access Control (RBAC) permissions.
Some elements are designed to be configured by the end-user; others can only be amended by System Administrators with the appropriate access rights.
Scaling
- Independence of resources
- Services are based on flexible and scalable server designs layered onto virtualisation technologies. This allows horizontal and vertical scaling to be implemented as required. All services are built from multiple servers, so appropriate levels of scaling can be applied to specific areas to ensure application performance is maintained. Most services delivered are from logically separate servers per customer, ensuring that there is no impact between competing needs of different customers. Where applications are multi-tenanted, multiple design features prevent the impact of one user population upon another. We monitor all services proactively to anticipate and prevent problems before they occur.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
The service metrics used will depend upon the component/function purchased. Typically, they will include:
• Service availability (uptime).
• Service incident response and resolution times.
• Service performance.
• Recovery Point Objective (RPO)/Recovery Time Objective (RTO) timings for disaster recovery. - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- We will prepare the data for take-off, and if required provide additional conversion services, as an additional service. As standard, exported data from the system is made available in the structures already defined within the Business intelligence solution. We will provide support to the customer in performing any such extraction activities, and if required, we will be happy to provide services to assist more actively with undertaking these tasks. This would be at additional cost and a quote based on scope of service for this would be provided by System C.
- Data export formats
-
- CSV
- Other
- Other data export formats
- Extensible Markup Language (XML)
- Data import formats
-
- CSV
- Other
- Other data import formats
- Extensible Markup Language (XML)
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.5%. Please see the Terms and Conditions document for the Service Level Availability criteria and Service Credit information should the guaranteed availability levels not be met.
- Approach to resilience
- The service is available on request, utilising high availability design and infrastructure within Microsoft data centres.
- Outage reporting
- All outages are recorded as part of the incident management process, and should a problem be detected, the Service Desk will inform the customer as required.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
- Access and security features implement login and password policies via integration with Active Directory (AD). Role Based Access Control (RBAC) capabilities further restrict logged-in users' access to data and functionality. Remote access via the internet would be expected to be facilitated via a customer’s managed Virtual Private Network (VPN). Therefore, the security architecture of the system would not be any different than on the customer's local network. The software will require all users to be configured and for the usernames to match the customer’s AD accounts that control security.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- National Quality Assurance (NQA)
- ISO/IEC 27001 accreditation date
- 13/02/2024
- What the ISO/IEC 27001 doesn’t cover
- All areas of the business are covered
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- ISO/IEC 27018
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
System C adopts a proactive approach to quality and security management consistent with the broad principles of the ISO/IEC27001 series, ISO 9001, Information Technology Infrastructure Library (ITIL), and industry leading practices. System C proactively identifies the industry and customer related legal and/or regulatory security requirements and incorporates these into the Integrated Management System Information Security Management System. Compliance is monitored by external and internal audits, security monitoring, and process reviews. All personnel, whether employees, contractors, consultants, or visitors, are required to comply with the quality and security guidelines, procedures, and mechanisms, and to confirm compliance annually to ensure that the security guidelines, procedures, and mechanisms are observed in the performance of the company's activities.
System C has a Data Protection Officer & Head of Information Governance who manages the board level information governance strategy for the organisation, as well as the day to day activities of the Information Governance Department.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Configuration and Change Management processes are managed in line with ISO 27001, using the Jira IT Service Management (ITSM) tool. The configuration and change management area of Jira is visible to our customers, allowing them to see Requests for Change (RFCs) and track their progress. As part of the approvals process, a risk assessment is performed to reduce the likelihood of a potential security impact.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- System C subscribes to multiple vendor, supplier, and government (i.e., NHS Digital CareCERT) security advisory emails. All advisories are assessed for risk and applicability to our technology and services, and remedial action (as required) is scheduled accordingly based on this assessment. Routine patches are typically applied quarterly, with any deemed higher risk applied outside of normal cycles (as required based on the risk assessment).
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- System C proactively monitors server and firewall activities for any unusual or unexpected activities that may indicate a potential attempt to breach the service. Should any such attempt be identified then appropriate remedial action will be taken in line with the assessment of the risk. Typically this will include blocking source Internet Protocol (IP) addresses, as well as reporting to UK authorities when appropriate.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
System C’s Incident Management Process is part of an Information Technology Infrastructure Library (ITIL) v4 Framework with a risk-based approach. Users report incidents using our ITIL-aligned IT Service Management (ITSM) tool, Jira.
The Service Desk has full online capabilities for raising, recording, and monitoring issues, including real-time Service Level Agreement (SLA) management.
Pre-defined processes are established for major incident, clinical safety, or system down events which trigger internal business alerts to ensure the correct teams are on hand.
Users can view the progress of any issue online with real-time updates. Monthly reports can also be provided to the customer.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
System C has an established Environmental, Social, and Governance (ESG) committee, with a clear direction to achieve Net Zero and subsequently, a climate positive status. For example, we have committed to using 100% renewable energy in all our offices by 2026. This is within the contract lifespan for forthcoming contracts with Acute NHS Trusts.
85% of our offices use renewable energy, including new energy efficient offices we have recently opened in central Leeds and Liverpool. Not only is this intended to reduce the energy requirements of those locations, but also to increase usage of public transport. This is in addition to other environmental initiatives to offset carbon emissions such as the use of energy-efficient lighting and waste disposal for offices. The ways in which we reduce energy usage and introduce energy efficient measures include:
•To reduce carbon emissions, we have completed the CVC Greenhouse Gas (GHG) Foundation Assessment via Schneider Electric. This will enable us to establish our Science Based Targets initiative (SBTi) and facilitate our strategic decarbonisation programme.
•The CareFlow Electronic Patient Record (EPR) automates processes to remove paper-based activities.
•To decarbonise energy supply to data storage, System C already use ‘green’ data centres. We use Microsoft Azure data centres, which are up to 93% per cent more energy efficient than using a traditional enterprise data centre and have been carbon neutral since 2012.
•Our cloud strategy means that we plan to ensure all our solutions are available via the cloud, many of which already are. This reduces our customer’s carbon footprint.
•We assess the percentage of our supplier base that comply with ISO 14001 (environmental management systems).
•We have embedded home and hybrid working into working practices, with colleagues encouraged to work flexibly. Deployment staff have vastly reduced travel to customer sites too.Covid-19 recovery
By leveraging System C’s products, healthcare providers will not only recover more robustly from the impacts of COVID-19 but can establish a more resilient and patient-centric healthcare system for the future. For example:
•Optimisation of outpatient departments and elective waiting lists: optimising and cleansing elective waiting lists to ensure prioritisation result in an accurate and reduced waiting list. For example, to restore normal outpatient activity post-pandemic, Southport and Ormskirk Hospital NHS Trust increased capacity by using our patient administration function to improve the re-use of cancelled outpatient slots.
•Streamlining admission and discharge processes: efficiency gains through the utilisation of electronic clinical documentation and improved patient visibility results in reduced discharge delays.
•Enhancing communication: ensuring that critical patient information and updates are communicated promptly to the care team leads to reduced delays in treatment. For example, the affiliated networks feature in our mobile care co-ordination solution has improved the co-ordination of care across the NHS Bristol, North Somerset, and South Gloucestershire Integrated Care Board (ICB).
•Task management: enhancing patient throughput and supporting reductions in Length of Stay (LoS).
•Improvements in patient deterioration and unplanned Intensive Care Unit (ICU) admissions: reductions in unplanned costs and services, and improvement in patient health. For example, Barnsley Hospital NHS Foundation Trust has delivered marked improvements in the identification and treatment of sepsis.Tackling economic inequality
As a leading employer of almost 900 colleagues or Full Time Equivalent (FTE) direct local employees, System C’s personnel are based all over the UK, covering England, Wales, Scotland, and Northern Ireland. This means that for our customer contracts, we are in a position to secure locally employed people who are hired or retained for the duration of our contracts, which ensures regional/local value per contract.
These individuals are directly employed staff, rather than contractors. For our Electronic Patient Record (EPR) deployments, we use local staff wherever possible to reduce carbon emissions and advocate use of public transport. We have a cycle to work scheme and salary sacrificed electric car scheme in collaboration with Octopus Energy.
In line with the government’s levelling up agenda, all our offices are based outside of the M25 and are geographically dispersed across the UK. Our head office is in Stratford Upon Avon, with further offices in Liverpool, Leeds, Basildon, Nottingham, Bristol, and Edinburgh. Over 90% of our workforce work remotely from home or on a hybrid working basis, as part of a conscious effort to reduce the organisation’s carbon footprint.
System C has been a major employer in the UK and its local regions for over 40 years, supporting economic stability and growth. Several of our strategic suppliers are also UK based, further increasing our contribution to employment and the economy in local regions.
We are committed to increasing the diversity of our workforce and positively encourage talented new entrants regardless of educational heritage to join our High Performing Entry Level (HPEL) scheme. We will work with local education providers help accelerate this programme.
Finally, 100% of our staff are paid the Real Living Wage as a minimum, and 96% are paid the London Living Wage, regardless of where they live.Equal opportunity
System C has launched a new Diversity, Equality, Inclusion, and Belonging (DEI&B) committee, which will develop priorities for FY25.
We aim to recruit and retain the best people, regardless of ethnicity, gender, disability, and age. Equality in the hiring process and equal treatment in terms of pay and progression are central to this.
For example, System C’s performance on gender pay is considerably stronger than the national and sector averages. Our mean gender pay gap is 7.6%, which is lower than the 18.3% average for our industry sector. Several initiatives are in place to further reduce the gender pay gap:
•As reported in Digital Health, System C has the smallest gender pay gap when compared to other major healthcare IT suppliers. We will continue to focus on gender equality across all Human Resources (HR) policies, including our maternity, paternity, and adoption leave policies, to ensure we keep leading the way.
•We aim to remove unconscious bias. All recruitment is undertaken via our diverse in-house Talent Acquisition team, and we use a 15-minute assessment tool at the heart of initial selection. Hiring managers are mandated to interview those candidates who have successfully passed the assessment; leading to a significantly more diverse set of candidates coming to interview and joining us.
•Our current ‘License to Manage’ course for future leaders has a significant number of female participants, who will be given every opportunity to progress in their careers.
•We are identifying high-performing women in our workplace through succession planning, who will be offered mentoring.
•System C is working with techUK to support their ‘Women in Technology’ initiative and highlight the issue of gender imbalance in our industry, e.g., by increasing the proportion of women coming forward as software developers. This is a long-term strategy, and an entry-level recruitment programme will support this.Wellbeing
To support mental health at work, employees can talk to qualified advisors as part of our Employee Assistance Programme, operated by Aviva. They have access to:
•Stress free island: a proactive digital prevention tool to help manage stress and anxiety.
•Direct access to 24/7 counselling provided by Care First’s British Association for Counselling and Psychotherapy (BACP) accredited counsellors.
•Care First lifestyle: an information resource containing advice, articles, and webinars on a range of everyday topics including relationships, childcare, and bereavement.
•Access to Care First’s specialists, contactable from an app for help and practical advice on a range of subjects, work-related or personal.
The programme involves support from a specialist team of nurses. This is in addition to the option of employees discussing any issues with line managers or our Human Resources (HR) team in confidence. We have also appointed Mental Health First Aiders who work alongside HR and employee forum representatives.
Employee well-being initiatives
System C has launched a new mental health and wellbeing series, designed to support, and enhance the health and wellness of our colleagues. These initiatives cover mental and physical health and awareness, emotional intelligence, unconscious bias, working and menopause, men’s health, ageing, and LGBTQ+ in our workplace.
Steps challenge initiative
Of benefit to physical and mental health was our steps challenge, which helped System C colleagues to create healthy lifestyle changes and ensure wellbeing.
The challenge was six weeks long and involved 196 participants who were split into teams. The three winning teams were awarded a sum of money, which was donated to a charity of their choice. Our UK owners, CVC Capital Partners, kindly agreed to match fund the amount awarded. Altogether, the teams managed a massive 85,887,772 steps, which is the equivalent of travelling around the world over 1.75 times!
Pricing
- Price
- £0 a unit
- Discount for educational organisations
- No
- Free trial available
- No