Skip to main content

Help us improve the Digital Marketplace - send your feedback

EQL LIMITED

Phio Collect

Phio Collect provides a seamless way to collect bespoke outcome and experience measure (PROMS/PREMS) data across pathways. Using an intuitive chatbot interface, it can be deployed at any stage of the patients healthcare journey, enabling valuable longitudinal insights. Data from different pathways can be compared to support pathway transformation

Features

  • Human like interactions via conversational AI chatbot
  • Engaging and interactive user interface
  • Can incorporate any outcome measure question set
  • Can be deployed at any stage of the patient pathway
  • Supports translation into 120 languages
  • Direct capture mechanism allowing patient to be contacted via email/SMS
  • Supports data collection through any web enabled device
  • Developed in accordance with NHS and NICE approved clinical frameworks
  • Accessible anytime 24 hours a day with >95% uptime SLA
  • Can be deployed on any pathway, including face-to-face and digital

Benefits

  • Seamless outcome measure collection for any pathway
  • Data available for immediate clinical review
  • Remotely accessible requiring no face to face appointment
  • Ability to collect other clinical data eg. medical history
  • Ability to capture patient experience data
  • Ability to capture healthcare utilisation data
  • Ability to compare outcome data for multiple pathways
  • Less patient repetition thanks to comprehensive clinical data capture
  • Accessible any time via any web enabled device
  • Exceptional user acceptance

Pricing

£0 to £50,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@eql.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 0 4 3 8 4 2 6 4 1 4 0 7 3 6

Contact

EQL LIMITED Jason Ward
Telephone: 07884008770
Email: info@eql.ai

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Internet Access via a modern web browser (supported down to IE11), further constraints can be covered in SLAs at time of contracting.
System requirements
  • Internet connection
  • A modern internet browser (supported down to IE11)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 48 hours
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
No
Onsite support
No
Support levels
EQL provides onboarding support for Phio Collect for the initial phase. This integration team comprises clinical representatives (qualified Physiotherapists), operations support, customer success manager, engineering, governance (clinical and information), and where appropriate GP liaison support. They will discuss all integration routes and confirm which route is most appropriate. The integration team will be on hand throughout the onboarding process to provide staff training, governance set up, project management, operational & technical support. EQL clinical representatives will work with all necessary clinical stakeholders to configure the decision tree. This includes pathway mapping and exit points, ensuring the unique instance of Phio Collect reflects local frameworks and desired clinical outputs inclusive of patient communication (i.e. defining appropriate messaging for a given outcome). EQL are also able to provide ongoing clinical support via our internal Clinical Services Team. Phio Collect requires relatively little ongoing support. However, our post-onboarding service includes personal account management support and ongoing KPI’s. We also provide online support to end users of the platform for any technical support that might be required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onboarding Project Management is provided to our customers via our dedicated onboarding team to assist them with their set up of Phio Collect. This includes a mixed approach of online training and demos along with training documentation. Once onboarding has taken place the project will move to a "business as usual" function whereby regular contacts will be established to maintain and monitor ongoing success of the project and report on service level agreements. Each contract benefits from a designated Customer Success Manager who will coordinate and mobilise the various EQL teams (e.g. clinical, operational, technical) where and when appropriate.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
All outstanding data (not previously provided to them) is provided to the user via their integration route; either API or Admin Portal.
End-of-contract process
Our service for the specific customer goes offline and no new patients are allowed access to the service. We ensure the customer has been provided all outstanding data. We keep all patient data for the customer for the timeframes assigned in our data retention policy.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There is no difference between the mobile and desktop Phio Collect service. Phio Collect has been developed to be completely responsive to the screen size therefore the platform is not affected by things such as device or screen size.
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
API's & Admin Portal our clients use to interact with our services
Accessibility standards
None or don’t know
Description of accessibility
Phio Collect is accessible via web URL
Accessibility testing
None
API
Yes
What users can and can't do using the API
Users can use our suite of API endpoints to refer a patient to Phio Collect and retrieve completed Phio Collect data.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The back-end decision trees used to power Phio Collect are entirely customisable. This extends to both the types of questions that are asked as well as including a variety of outcome measures. Customisation in this way allows for the creation of unique decision trees for different pathways (e.g. those who receive care in primary care, ED or a variety of MSK services), as well as those that are at different stages of their treatment. This significantly increases the versatility of the platform as well as the type of data it can report on.

Scaling

Independence of resources
We have load balances in place that help distribute the load on a single server.

Analytics

Service usage metrics
Yes
Metrics types
Monthly MI which includes key data metrics such as; Total Referral Count, Completion Rate, Outcome Breakdown, Age Demographic and Injured Area Data Analysis.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
We use a 3rd party service provider, Google Cloud Platform, and therefore benefit from all of their security polices and protocols.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
This is dependent on the users integration route. This could be either via API or our Admin Portal rendering each patients data into PDF format.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • JSON
Data import formats
Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Access control layers which limits/controls access to data within our network.

Availability and resilience

Guaranteed availability
We work to maintain a high level of availability at 95%. Our approach is to minimise downtime to provide consistent access to our services.

In the rare event that our services become unavailable, we work with customers to resolve issues promptly. Our customer support team is available to support customers, ensuring quick communication and timely issue resolution.
Approach to resilience
Our service is designed to run on Google Cloud Platform (GCP). GCP utilises the byzantine fault tolerant technique to replicate servers into zones. As these zones are isolated from each other it is highly unlikely that all zones fail from the same cause and at the same time.
Outage reporting
We are notified of any outages via GCP's zone status API

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Other user authentication
Users can access the service via multiple routes these all have different authentication. When customers access the service via API they are authenticated by unique key authentication and data match requirements. When customers access the service via Admin Portal they are authenticated by Username & Password requirements. When a patient (end user) access the service they are authenticated via a JSON web token for Phio Triage.
Access restrictions in management interfaces and support channels
Our management interface is restricted by layered access levels. This ensures members of staff are only provided access to the level of data required to successfully complete their job while at the same time restricting them from any access not required for their job. This allows us to protect the data.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Username or password
  • Other
Description of management access authentication
Internal management are provided access to the Admin Portal service via personal username and passwords that are subject to our password policy which involves passwords being changed every 90 days.

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
23/02/2024
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We follow our own internal information security policies and processes. These include Information Classification, Security Awareness & Training, Acceptable Usage, Access Controls, Password Policy, Physical Security, Protecting Data in Transit and at Rest, Disposal of Data, Data Protection by Design etc. We hold various security accreditations including Cyber Essentials, Cyber Essentials Plus, and ISO27001.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Change management is handled without our QMS system. All requirements are kept up to date and are fully traceable throughout the lifecycle of the change and archived for future reference if required. All requirements are to be reviewed and signed off by both our Data Security Officer and our Clinical Safety Officer in line with DCB 0129
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our regular pen-tests and overall security assessments help us identify our vulnerabilities and other risks. Our agile and highly competent team are able to patch a security flaw within the time limit specified in our SLAs.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
All our exposed services (available on the internet) utilise GOOGLE FRONT END as reverse proxy. This layer also provides real time threat detection. When a potential risk is identified we have settings in place to temporary disable the service involved or, as in the case of a DoS attack, our system intelligently throttles inbound requests.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incidents are handled in accordance with our internal Security Incident Process and Data Breach Policy. Business Continuity plans are in place in case of severe incidents which could threaten the continuity of the organisation. Incidents can be reported via a business email account and all incidents are logged and tracked.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

Fighting climate change

EQL's Phio technology promotes remote, digital data capture which minimises paper based approaches to collecting information and reduces visits to the hospital.

Covid-19 recovery

MSK waiting lists have been significantly impacted by Covid-19, with some patients waiting over a year for an appointment. The NHS will restore services by reducing unnecessary face to face care for appropriate patients.

Phio Collect helps understand how patients are responding to each service, helping identify key areas for improvement for COVID recovery.

Tackling economic inequality

Phio is made available to all patients, regardless of economic background. Tackling inequality in healthcare is a core ambition for the EQL team, and Phio helps NHS services collect richer data from their patient population to improve services for poorer communities. By taking the pressure off MSK services and saving clinical time, NHS Trusts can reallocate resources to meet the needs of patients that need it the most.

Equal opportunity

Phio Collect is made available to all patients, providing equal opportunity for the population. Phio Collect can also be made available in multiple languages, reducing barriers to engagement for all communities

Pricing

Price
£0 to £50,000 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@eql.ai. Tell them what format you need. It will help if you say what assistive technology you use.