Interneuron CIC

Interneuron openEPMA - Electronic Prescribing & Medicines Administration

The Interneuron openEPMA - an open source Electronic Prescribing & Medicines Administration Cloud service is designed for secondary care organisations that are looking to implement a paperless EPMA and Formulary medicines management solution.

Features

• Medication reconciliation
• Inpatient prescribing
• Out patient prescribing
• Role based Order sets
• Medication administration record
• Pharmacy review
• Allergies
• Integration with Clinical Decision Support
• Discharge summary
• Business continuity support

Benefits

• Integration with local systems including PAS and Laboratory Results
• Custom medicines configuration and formulary management
• Full EPMA reporting for analytics
• Integration with Interneuron fluid balance, discharge summary and pre-operative assessment
• Intuitive user interface

£120,000 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@interneuron.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

594173831987009

Contact

Interneuron
07951558835
bids@interneuron.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: None
• System requirements: The system requires a modern supported mainstream browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority 0: The system is not operational, call response within 30 mins. ; Priority 1: Material functionality is not available that is critical to the Client’s business, response within within 1.5 hours. ; Priority 2 : Important but non-material or non-critical functionality is not available, response within within 2 hours. ; Priority 3: Important but non-material or non-critical functionality is not available, response within 4 hours. ; Priority 4: Any other service related incident, response within 4 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support provided by Interneuron includes, at no extra cost:; Technical Support; • Troubleshooting related to software bugs and issues; • Escalated technical issues from Level 1 point of contact; • Unusual SQL DB behaviour; • Escalated software performance issues from Level 1 point of contact; • Advanced IIS troubleshooting ; Business Support ; • Escalated need for assistance with application functionality; • Escalated need for assistance with advanced customisation and configuration
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We are able to provide:; Online training resources, user documentation, training environments and train the trainer services.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users are left with the data repository that they can continue to manage on their own (the platform is open source) or directly extract the data via SQL queries or via the platform API.
• End-of-contract process: At the end of the contract Interneuron's support for the software ceases. However, as there is no licence free the customer is free to continue using the software for as long as they wish. As the software is open source - the customer is also free to find alternative support services and make modifications to the software as required.; At contract termination Interneuron will uninstall any installed software components and decommission user accounts as requested by the customer. Upon request data can be securely transferred to an alternative data repository.; Once transferred Interneuron will securly decommission any remaining infrastructure and notify the customer when this have been completed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our service is delivered through responsive, web based applications using the latest web development technologies. Our designs are constructed using a mobile-first approach where appropriate and our user experience is consistent across all device types.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: All data is accessible and modifiable through our Open API, but it is strongly controlled by our authentication and authorisation services to ensure appropriate access. ; ; Our API follows a RESTful approach with object based APIs for basic create, update and delete operations. ; ; In addition to the standard object based API, users can dynamically define new API endpoints through our web based management tools (Synapse Studio)
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our Service is extensively configurable and includes a powerful web based management tool for the creation, updating and management of:; ; - Entities, relationships and constraints; - Views and Lists; - APIs; - Users and permissions; - Applications and settings; - Integrations and feeds; ; Access to the management tools is based on Super User permissions, but any use can be granted permissions if required.

Scaling

• Independence of resources: Each customer will be provided with an independent instance of the cloud service. Performance therefore will not be affected by users outside of the customers instance. Where the number of users within the customer account increases the affect performance - the cloud infrastructure and network specifications can be increased to maintain performance. The cost of this will be provided on a case by case basis.

Analytics

• Service usage metrics: Yes
• Metrics types: Interneuron will agree Key Performance Indicators with each customer according to their service needs in advance of any contract.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Directly via SQL queries or by calling the open API
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • HL7 v2.x
  • FHIR
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • XML
  • HL7 v2.x
  • FHIR

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We will provide application availability of 99.9% with a threshold of 99%. This excludes downtime for routine scheduled maintenance.
• Approach to resilience: Resilience provided by the cloud hosting platform (Amazon AWS - by default). The customer may request a change of hosting infrastructure which will be possible so long as the cost is comparable.
• Outage reporting: Our service team monitor our service and automatic emails will notify customers of any service outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Application level role-based access control
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Interneuron takes the security of our services extremely seriously and have our own security governance processes in place. We are currently working toward ISO 27001 accreditation.
• Information security policies and processes: Interneuron has a nominated security officer that ensure's adequate processes are in place and all Interneuron employees are aware of these and their responsibilities. Interneuron have regular internal audits to review our security policies and processes and our compliance them. The security officer is a board member and all security related issues are reported directly the them. The security officer is empowered by the Chief Executive to mandate adherence with our policies and processes and make changes to them as necessary. Our Security Officer is responsible for: Risk assessments, Security policy, Organisation of information security, Asset management , Human resources security, Physical and environmental security, Communications and operations management, Access control, Information systems acquisition, development and maintenance, Information security incident management, Business continuity management, Compliance.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A comprehensive change management process is followed for all changes, with two categorisations. Business as usual changes follow a pre-defined template and are reviewed by (Change Advisory Board)CAB for approval. Non-business as usual changes require a more thorough validation process before being submitted to CAB.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All Interneuron services are scanned via a third party software composition analysis tool for vulnerabilities on a regular basis and before every release. We have a regular rolling penetration and security audit of all our services both internal and external using industry recognised tool. Security patches are deployed as soon as possible - while maintaining our service continuity. We have multiple sources of intelligence for vulnerabilities - such as the national vulnerability database in addition to our third party open source vulnerability database that we review on a regular basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Interneuron performs regular automated scans of all service logs and associated environments to proactively identify any potential security breaches or compromised services. Upon identification of any potential high risk activity alerts are automatically sent out to Interneuron's support and security teams who will first establish if a compromise has indeed taken place and act accordingly to fix any vulnerabilities. Interneuron treats security incidents as 'Severity A' and will fix these within 4 hours as per our standard service level agreement.
• Incident management type: Supplier-defined controls
• Incident management approach: Interneuron operates and ITIL aligned incident management process with associated procedures for security related incidents. These support both common and uncommon support events. The process has a clearly defined governance framework including roles and responsibilities, clear policies and associated KPIs. Users report incidents via telephone, our online portal or by email to our support team. Each incident is ticketed and managed according to its severity. Reports are made available to our customers upon request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  Interneuron is committed to support the fight against climate change. In our business strategy we consider the risks and opportunities that climate change presents. We are advancing the reduction of energy used in our operations and work with suppliers to reduce their carbon footprint. We support a company wide remote working policy and encourage video/audio meeting wherever possible. The company utilises electric verhicles when business travel is required.

Pricing

• Price: £120,000 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We ofter a public facing 'playground' where users can test and experiment with our software. This is not to be used with real patient data.
• Link to free trial: https://www.modularcarerecord.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@interneuron.com. Tell them what format you need. It will help if you say what assistive technology you use.