Skip to main content

Help us improve the Digital Marketplace - send your feedback

SystemC Healthcare Limited

CareFlow Electronic Prescribing and Medicines Administration (EPMA)

CareFlow Electronic Prescribing and Medicines Administration (EPMA) supports end-to-end prescribing and administration of all medicines for inpatient, outpatient, and discharge prescribing, helping to ensure safe prescribing.

CareFlow EPMA operates across a wide range of care settings, including Acute, Mental Health, and Community, providing an ‘Integrated Care System (ICS) ready’ solution.

Features

  • Prescribing functionality which provides comprehensive tools to support all medicines.
  • Safety principles to minimise the risk of dosing medication errors.
  • Integrated with Pharmacy to seamlessly ensure automated supply of medicines.
  • Resultant data to support insights for clinical and operational improvements.
  • Enforcement of prescribing, administration, and clinical review standards.
  • Enforcement of allergy recording standards.
  • Clearer discharge information, presented in a well-structured format.
  • Faster, safer, more efficient delivery of care.

Benefits

  • Improved patient safety through a reduction in medication errors.
  • Reduction in time to prescribe, check, supply, and administer medicines.
  • Resultant data to support insights for clinical and operational improvements.
  • Quality of care standards incorporated into system/clinical workflows.
  • Security assured of sensitive personal identifiable data.

Pricing

£0 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@systemc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 6 2 6 5 7 5 3 3 7 1 8 2 5 8

Contact

SystemC Healthcare Limited Bid Manager
Telephone: 01622 691616
Email: sales@systemc.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Services are available to extend the functionality of existing services to meet or exceed the Digital Capabilities Framework (DCF) to support the Frontline Digitisation Programme.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
The provision of services is subject to System C standard Service Level Agreements (SLAs) and Warranted Environment Specifications (WES).
System requirements
  • 1 x dual core 2.5Ghz
  • Minimum 1280 x 1024 capable display (1920 x 1080 preferred)
  • 4GB memory (2GB available for application)
  • 4GB free disk space
  • Typical bandwidth per client session - 20Kb
  • Windows 10 (to version 22H2)/Windows 11 Pro (to version 22H2)
  • .NET v4.7.2
  • Chrome/Edge (Chromium)/Safari
  • IOS 13, 12, and 11

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times depend upon the priority level of the ticket raised in our IT Service Management (ITSM) system. For example, Priority 1 calls are responded to within 30 minutes 24/7; lower priority calls are responded to during normal working hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
System C provides support via the System C Helpdesk (this includes the Jira online call logging system). We offer a standard support service (with tailored Service Level Agreements (SLAs) depending on the component/function) for each product. This way we know that all customers receive a standardised support service. For priority 1, system down or clinical risk incidents we aim to resolve the incident within 4 hours. Priority 2 incidents within 24 hours, P3 incidents within 30 days and P4 incidents in the next available software release. An incident can only be closed once resolution has been confirmed by the customer. Excluded from the time to resolve an incident is any time during which the issue is with the customer, a third party, or when an agreed code fix is being provided. Each customer is allocated an Account Manager and a Service Delivery Manager who have access to technical, cloud, or other support resource as required. On-site support is not usually needed but may be chargeable if required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
System C will work closely with the customer’s service teams and/ or third-party suppliers to implement the solution. Full project plans and a Project Initiation Document (PID) is provided. We also provide on-site training (train the trainer), user documentation relevant to the solution being implemented, and eLearning packages (for some functions). Recommended workflows with associated Standard Operating Procedures (SOPs) are also provided, as well as user documentation relevant to the service being implemented.

Complex components (e.g., the CareFlow Electronic Patient Record) require a year or more to deploy using a team of implementation specialists, which will include the following roles:
• Program/Project Manager(s)
• Product specialists
• Data migration specialists
• Integration specialists
• Reporting/Business Intelligence specialists
• Training specialists
• Change management specialists.
Other components require just a few weeks to implement, managed by a small team of clinical and technical specialists, working with the customer's team.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
Microsoft Project
End-of-contract data extraction
Depending on the component/function in question, System C offers the following services:
• For some solutions, all data held within the system, except for letters and scanned images, is made available for the customer to extract via existing Business Intelligence tools.
• For other solutions, a data extract is provided in an agreed format.
End-of-contract process
System C works with the customer to produce a high-level Exit Strategy document and Exit Plan which details the methodology for data/service transition from the system. This will be actioned at the end of the contract. These documents would be expected to include:
• The management structure to be employed at contract end.
• Detailed description of both the data and service transfer/termination processes.
• Scope of the services to be provided at contract end.
• Any charges payable for the provision of the Termination Service.
System C's standard approach towards the extraction of data at the end of the contract is to ensure that the customer has the tools and access to the data, such that the customer has the capability of extracting its own data without automatic recourse to System C. We will provide support to the customer in performing any such extraction activities, and if required, we will be happy to provide services to more actively assist the customer in undertaking these tasks. This would be at additional cost and a quote for this would be provided by System C.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
  • Safari
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Some of the components/functions of our service are designed predominantly to work on mobile devices (e.g., electronic observations and mobile care coordination). In these cases, there may be elements of the solution (e.g., a management console) which is browser or desktop based. However, most end users will be accessing the solution via mobile devices.

Other components (such as the CareFlow Electronic Patient Record) are designed primarily for use on the desktop, but may have certain features (e.g., results reporting) which are delivered via mobile devices.
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
System C has developed several Application Programming Interfaces (APIs) to allow clinical application development. These APIs enable interaction with key functionality.

The APIs are hosted as part of the System C software solution. Primary configuration is completed using the main application, after which the APIs can be used to transact with the system.

By calling the APIs and providing the appropriate data and application codes, the API will be able to perform the desired function i.e., transferring a patient between beds.

Individual APIs are designed to support the user performing a specific transactional change to the system. Please note that not all transactions supported via the front-end application are supported within the current API set.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The degree to which customers can customise the service depends upon which components/functions of the service they are implementing. Examples of items which can be configured include (but are not limited to):
• Screen layouts.
• Structured clinical documentation forms.
• Free text fields.
• Lookup tables and values, and dropdown lists.
• User favourites and tailored homepages.
• Reports and dashboards.
• Role Based Access Control (RBAC) permissions.
Some elements are designed to be configured by the end-user; others can only be amended by System Administrators with the appropriate access rights.

Scaling

Independence of resources
Services are based on flexible and scalable server designs layered onto virtualisation technologies. This allows horizontal and vertical scaling to be implemented as required. All services are built from multiple servers, so appropriate levels of scaling can be applied to specific areas to ensure application performance is maintained. Most services delivered are from logically separate servers per customer, ensuring that there is no impact between competing needs of different customers. Where applications are multi-tenanted, multiple design features prevent the impact of one user population upon another. We monitor all services proactively to anticipate and prevent problems before they occur.

Analytics

Service usage metrics
Yes
Metrics types
The service metrics used will depend upon the component/function purchased. Typically, they will include:
• Service availability (uptime).
• Service incident response and resolution times.
• Service performance.
• Recovery Point Objective (RPO)/Recovery Time Objective (RTO) timings for disaster recovery.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
We will prepare the data for take-off, and if required provide additional conversion services, as an additional service. As standard, exported data from the system is made available in the structures already defined within the Business intelligence solution. We will provide support to the customer in performing any such extraction activities, and if required, we will be happy to provide services to assist more actively with undertaking these tasks. This would be at additional cost and a quote based on scope of service for this would be provided by System C.
Data export formats
  • CSV
  • Other
Other data export formats
Extensible Markup Language (XML)
Data import formats
  • CSV
  • Other
Other data import formats
Extensible Markup Language (XML)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.5%. Please see the Terms and Conditions document for the Service Level Availability criteria and Service Credit information should the guaranteed availability levels not be met.
Approach to resilience
The service is available on request, utilising high availability design and infrastructure within Microsoft data centres.
Outage reporting
All outages are recorded as part of the incident management process, and should a problem be detected, the Service Desk will inform the customer as required.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Access and security features implement login and password policies via integration with Active Directory (AD). Role Based Access Control (RBAC) capabilities further restrict logged-in users' access to data and functionality. Remote access via the internet would be expected to be facilitated via a customer’s managed Virtual Private Network (VPN). Therefore, the security architecture of the system would not be any different than on the customer's local network. The software will require all users to be configured and for the usernames to match the customer’s AD accounts that control security.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
National Quality Assurance (NQA)
ISO/IEC 27001 accreditation date
13/02/2024
What the ISO/IEC 27001 doesn’t cover
All areas of the business are covered
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
ISO/IEC 27018

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
System C adopts a proactive approach to quality and security management consistent with the broad principles of the ISO/IEC27001 series, ISO 9001, Information Technology Infrastructure Library (ITIL), and industry leading practices. System C proactively identifies the industry and customer related legal and/or regulatory security requirements and incorporates these into the Integrated Management System Information Security Management System. Compliance is monitored by external and internal audits, security monitoring, and process reviews. All personnel, whether employees, contractors, consultants, or visitors, are required to comply with the quality and security guidelines, procedures, and mechanisms, and to confirm compliance annually to ensure that the security guidelines, procedures, and mechanisms are observed in the performance of the company's activities.

System C has a Data Protection Officer & Head of Information Governance who manages the board level information governance strategy for the organisation, as well as the day to day activities of the Information Governance Department.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration and Change Management processes are managed in line with ISO 27001, using the Jira IT Service Management (ITSM) tool. The configuration and change management area of Jira is visible to our customers, allowing them to see Requests for Change (RFCs) and track their progress. As part of the approvals process, a risk assessment is performed to reduce the likelihood of a potential security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
System C subscribes to multiple vendor, supplier, and government (i.e., NHS Digital CareCERT) security advisory emails. All advisories are assessed for risk and applicability to our technology and services, and remedial action (as required) is scheduled accordingly based on this assessment. Routine patches are typically applied quarterly, with any deemed higher risk applied outside of normal cycles (as required based on the risk assessment).
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
System C proactively monitors server and firewall activities for any unusual or unexpected activities that may indicate a potential attempt to breach the service. Should any such attempt be identified then appropriate remedial action will be taken in line with the assessment of the risk. Typically this will include blocking source Internet Protocol (IP) addresses, as well as reporting to UK authorities when appropriate.
Incident management type
Supplier-defined controls
Incident management approach
System C’s Incident Management Process is part of an Information Technology Infrastructure Library (ITIL) v4 Framework with a risk-based approach. Users report incidents using our ITIL-aligned IT Service Management (ITSM) tool, Jira.

The Service Desk has full online capabilities for raising, recording, and monitoring issues, including real-time Service Level Agreement (SLA) management.

Pre-defined processes are established for major incident, clinical safety, or system down events which trigger internal business alerts to ensure the correct teams are on hand.

Users can view the progress of any issue online with real-time updates. Monthly reports can also be provided to the customer.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

System C has an established Environmental, Social, and Governance (ESG) committee, with a clear direction to achieve Net Zero and subsequently, a climate positive status. For example, we have committed to using 100% renewable energy in all our offices by 2026. This is within the contract lifespan for forthcoming contracts with Acute NHS Trusts.
85% of our offices use renewable energy, including new energy efficient offices we have recently opened in central Leeds and Liverpool. Not only is this intended to reduce the energy requirements of those locations, but also to increase usage of public transport. This is in addition to other environmental initiatives to offset carbon emissions such as the use of energy-efficient lighting and waste disposal for offices. The ways in which we reduce energy usage and introduce energy efficient measures include:
•To reduce carbon emissions, we have completed the CVC Greenhouse Gas (GHG) Foundation Assessment via Schneider Electric. This will enable us to establish our Science Based Targets initiative (SBTi) and facilitate our strategic decarbonisation programme.
•The CareFlow Electronic Patient Record (EPR) automates processes to remove paper-based activities.
•To decarbonise energy supply to data storage, System C already use ‘green’ data centres. We use Microsoft Azure data centres, which are up to 93% per cent more energy efficient than using a traditional enterprise data centre and have been carbon neutral since 2012.
•Our cloud strategy means that we plan to ensure all our solutions are available via the cloud, many of which already are. This reduces our customer’s carbon footprint.
•We assess the percentage of our supplier base that comply with ISO 14001 (environmental management systems).
•We have embedded home and hybrid working into working practices, with colleagues encouraged to work flexibly. Deployment staff have vastly reduced travel to customer sites too.

Covid-19 recovery

By leveraging System C’s products, healthcare providers will not only recover more robustly from the impacts of COVID-19 but can establish a more resilient and patient-centric healthcare system for the future. For example:
•Optimisation of outpatient departments and elective waiting lists: optimising and cleansing elective waiting lists to ensure prioritisation result in an accurate and reduced waiting list. For example, to restore normal outpatient activity post-pandemic, Southport and Ormskirk Hospital NHS Trust increased capacity by using our patient administration function to improve the re-use of cancelled outpatient slots.
•Streamlining admission and discharge processes: efficiency gains through the utilisation of electronic clinical documentation and improved patient visibility results in reduced discharge delays.
•Enhancing communication: ensuring that critical patient information and updates are communicated promptly to the care team leads to reduced delays in treatment. For example, the affiliated networks feature in our mobile care co-ordination solution has improved the co-ordination of care across the NHS Bristol, North Somerset, and South Gloucestershire Integrated Care Board (ICB).
•Task management: enhancing patient throughput and supporting reductions in Length of Stay (LoS).
•Improvements in patient deterioration and unplanned Intensive Care Unit (ICU) admissions: reductions in unplanned costs and services, and improvement in patient health. For example, Barnsley Hospital NHS Foundation Trust has delivered marked improvements in the identification and treatment of sepsis.

Tackling economic inequality

As a leading employer of almost 900 colleagues or Full Time Equivalent (FTE) direct local employees, System C’s personnel are based all over the UK, covering England, Wales, Scotland, and Northern Ireland. This means that for our customer contracts, we are in a position to secure locally employed people who are hired or retained for the duration of our contracts, which ensures regional/local value per contract.
These individuals are directly employed staff, rather than contractors. For our Electronic Patient Record (EPR) deployments, we use local staff wherever possible to reduce carbon emissions and advocate use of public transport. We have a cycle to work scheme and salary sacrificed electric car scheme in collaboration with Octopus Energy.
In line with the government’s levelling up agenda, all our offices are based outside of the M25 and are geographically dispersed across the UK. Our head office is in Stratford Upon Avon, with further offices in Liverpool, Leeds, Basildon, Nottingham, Bristol, and Edinburgh. Over 90% of our workforce work remotely from home or on a hybrid working basis, as part of a conscious effort to reduce the organisation’s carbon footprint.
System C has been a major employer in the UK and its local regions for over 40 years, supporting economic stability and growth. Several of our strategic suppliers are also UK based, further increasing our contribution to employment and the economy in local regions.
We are committed to increasing the diversity of our workforce and positively encourage talented new entrants regardless of educational heritage to join our High Performing Entry Level (HPEL) scheme. We will work with local education providers help accelerate this programme.
Finally, 100% of our staff are paid the Real Living Wage as a minimum, and 96% are paid the London Living Wage, regardless of where they live.

Equal opportunity

System C has launched a new Diversity, Equality, Inclusion, and Belonging (DEI&B) committee, which will develop priorities for FY25.
We aim to recruit and retain the best people, regardless of ethnicity, gender, disability, and age. Equality in the hiring process and equal treatment in terms of pay and progression are central to this.
For example, System C’s performance on gender pay is considerably stronger than the national and sector averages. Our mean gender pay gap is 7.6%, which is lower than the 18.3% average for our industry sector. Several initiatives are in place to further reduce the gender pay gap:
•As reported in Digital Health, System C has the smallest gender pay gap when compared to other major healthcare IT suppliers. We will continue to focus on gender equality across all Human Resources (HR) policies, including our maternity, paternity, and adoption leave policies, to ensure we keep leading the way.
•We aim to remove unconscious bias. All recruitment is undertaken via our diverse in-house Talent Acquisition team, and we use a 15-minute assessment tool at the heart of initial selection. Hiring managers are mandated to interview those candidates who have successfully passed the assessment; leading to a significantly more diverse set of candidates coming to interview and joining us.
•Our current ‘License to Manage’ course for future leaders has a significant number of female participants, who will be given every opportunity to progress in their careers.
•We are identifying high-performing women in our workplace through succession planning, who will be offered mentoring.
•System C is working with techUK to support their ‘Women in Technology’ initiative and highlight the issue of gender imbalance in our industry, e.g., by increasing the proportion of women coming forward as software developers. This is a long-term strategy, and an entry-level recruitment programme will support this.

Wellbeing

To support mental health at work, employees can talk to qualified advisors as part of our Employee Assistance Programme, operated by Aviva. They have access to:
•Stress free island: a proactive digital prevention tool to help manage stress and anxiety.
•Direct access to 24/7 counselling provided by Care First’s British Association for Counselling and Psychotherapy (BACP) accredited counsellors.
•Care First lifestyle: an information resource containing advice, articles, and webinars on a range of everyday topics including relationships, childcare, and bereavement.
•Access to Care First’s specialists, contactable from an app for help and practical advice on a range of subjects, work-related or personal.
The programme involves support from a specialist team of nurses. This is in addition to the option of employees discussing any issues with line managers or our Human Resources (HR) team in confidence. We have also appointed Mental Health First Aiders who work alongside HR and employee forum representatives.
Employee well-being initiatives
System C has launched a new mental health and wellbeing series, designed to support, and enhance the health and wellness of our colleagues. These initiatives cover mental and physical health and awareness, emotional intelligence, unconscious bias, working and menopause, men’s health, ageing, and LGBTQ+ in our workplace.
Steps challenge initiative
Of benefit to physical and mental health was our steps challenge, which helped System C colleagues to create healthy lifestyle changes and ensure wellbeing.
The challenge was six weeks long and involved 196 participants who were split into teams. The three winning teams were awarded a sum of money, which was donated to a charity of their choice. Our UK owners, CVC Capital Partners, kindly agreed to match fund the amount awarded. Altogether, the teams managed a massive 85,887,772 steps, which is the equivalent of travelling around the world over 1.75 times!

Pricing

Price
£0 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@systemc.com. Tell them what format you need. It will help if you say what assistive technology you use.