SALUTARE GROUP LTD

Salutare Dialogue Monitor

For clinical teams who track patients for disease progression, complications, or the medicine safety. Chronic conditions like diabetes or fatty liver, and patients treated for cancer. Monitor worsened control, liver fibrosis, development of cancer, or recurrence of cancer. Currently requires repeated visits which can be automated with alerts on abnormalities.

Features

• Integrates with national and hospital systems for input and output
• Tracking and alerts for follow up on referrals and monitors
• Automated monitoring and Digital Blood Forms to patients
• Simple, automated reporting of adverse events to Yellow Card Service
• Groups multiple tests needed into one or more sets
• Informs patients of their results and any critical alerts
• Collates from SCR on the Spine for MDT or prescription
• Digitally records discussions, consultations and recommendations
• Automates requests for baseline tests and monitoring tests
• Tracks drugs with borderline safety margin in the community effectively

Benefits

• Multiple clinicians on a single referral can contribute with ease
• Reduces the time from referral to treatment
• Never lose track of a patient
• Reduce effort and time collecting data on investigations
• Reduce medical errors and delay with simple, controlled forms
• Keep patients in the loop on their progress
• Manage referrals and monitoring in a single place
• Beautiful, simple design reduces staff training time
• Monitor borderline safety medicines in the community, effectively
• Clinical governance framework for NICE or guideline compliance

£10 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris@salutare.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

618795062981390

Contact

Chris Dial
+447759521985
chris@salutare.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Salutare Dialogue is usually used with EPR systems such as Cerner and EPIC, with GP systems such as EMIS and Systm3, and with LIMS such as ICE and tQuest. It also works with Cancer Registry software such as Somerset Cancer Registry.
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: For public cloud deployments, there are no constraints. Our products are built on the Microsoft Azure platform following the blueprint for NHS platform-as-a-service products. For private cloud deployments, we require a virtual machine infrastructure to support containers, Kubernetes, virtual networks, and the Docker service. We've demonstrated 99.9% uptime for usage by tens of thousands of patients, and we have shown scalability beyond 5 million test requests. Our product is available for use by 100% of NHS trusts.
• System requirements:
  • NHS email
  • 1TB hard drive space
  • 16GB working RAM
  • Docker or Kubernetes service
  • Reliable internet connection and wifi access
  • Microsoft Windows 8 or higher for client machines
  • Stable, maintained remote access to server infrastructure
  • Stable, maintained access to third party EPR and LIMS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During business hours M-F, 8 AM to 6 PM, responses are within 4 hours. Outside business hours and on weekends, responses are generally made within 4 hours of the next business day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Basic onsite support is offered as part of the subscription. More advanced support or implementation help is available on a per-day basis. Standard engineers are available at 900GBP per day and Senior Engineers are available at 1100GBP per day.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a series of Standard Operating Procedure documents for reference along with a set of training videos available online at Vimeo for all users and administrators. Upon service installation and set-up, we offer an in-person training session with staff users and administrators to walk through the basic features of the service.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: DOCX
• End-of-contract data extraction: When the contract ends - in line with the NHS Digital Data Migration Standard - users or user organisations can request an end-of-contract extract of the data held by Salutare related to their use of the platform by contacting support@salutare.co.uk.
• End-of-contract process: The notice period required is 90 days. Should notice not be served the agreement will auto-renew for a further term unless otherwise specified in the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile devices must be used on the premises where the service is deployed as it must have access through the local wifi network. This makes the printing work correctly.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: No
• Customisation available: Yes
• Description of customisation: Staff users can customize their profile details. Proforma and process paths can be altered according to the needs of the department for referrals or for MDTs.; ; Users can define and customize simple reports on service performance and usage. ; ; Users and Administrators also set the customization and parameters to integrate with the third-party applications such as EPR systems, LIMS systems, and other patient record systems.

Scaling

• Independence of resources: The service is designed to run on cloud infrastructures using a multi-tier model. The core service manages login/user, referrals, email, review, and reporting, and we can scale up multiple, ephemeral instances so that they can be scaled according to requirements. The patient ingest and third-party SSO are independent and can be scaled up as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide a set of metrics on the patients attended, referrals status, usage by clinician, usage by MDT, and many other patient criteria can be used for filtering.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: If an organisation, user, or patient requests a Documented Data Extract, we provide a structured JSON file with every piece of data we store on them.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We have a standard SLA to provide the service 99.5% available uptime, and our average uptime for the previous twelve months is greater than 99.9%. For outages, our SLA specifies service credits that are available to refund on a monthly basis if the service goes down beyond those limits.
• Approach to resilience: Our systems are live and have gone through rigorous testing processes.; ; Our products must pass Unit testing, Integration testing, User Acceptance testing with feedback, and Load testing. We also do regular Penetration Testing of all products with Armadillo, a Cyber Security Consultancy.; ; Evidence of our successful Penetration Testing and Load Testing is demonstrated through the availability of Salutare - our average availability for the past twelve months is 99.9%.; ; We operate a continuous development procoess, and every iteration goes through rigorous testing processes before going live. Our organisational process principle is that no software will be shipped without a 100% test pass.; ; We use agile methodologies and the Scrum model for iterative improvements. We review code at the end of each sprint to reflect on testing, processes, and improvements.; ; Our public cloud services run in the Microsoft Azure data centre, the industry-leading cloud platform with more than 90 compliance offerings.
• Outage reporting: We maintain transparent relationships with our customers and users. Primarily email alerts and notifications are sent to the administrators, and if we have their permission to message the staff users, we will email them notifications of the service being down. We follow up with a series of emails to notify of changes or updates and our latest estimate as to when the service will be back up. ; ; We have built a specific service for our products that manages and keeps track of performance and availability on a regular basis. It can track and give updates on specific instances or performance across a linked region, such as multiple hospitals across an NHS Trust or ICS.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Teams and Users management is restricted to staff users who are assigned as Administrators in the system. These roles can add, update, and delete users as well as assign them to location teams for work and auditing.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: DSPT

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We follow ISO 27001 standards and use security and compliance software to track compliance in the organization. We plan to apply for ISO certification in the coming year. We follow the Cyber Essentials certification and the DSPT.
• Information security policies and processes: Salutare has a trained and experienced Security & Governance members that manages information security policies and processes. These include, but are not limited to: penetration testing by an external provider at least every year; privacy by design product development with expert review; Data Protection Impact Assessments for all new products and forms of data sharing; data protection and security training of all employees; user support on data protection issues. Our Board includes Information Security and Information Governance leaders.; ; We put procedures in place for secure and confidential data sharing, the handling of sensitive data, and information security. Salutare's products and tenants are based in the London [UK South] Microsoft Azure Data Centre. We follow best practice guidance from NHSEI, the UK National Cyber Security Centre (NCSC) and Microsoft. Data sent is encrypted when in transit (when it is sent) and at rest (when it is stored). We are fully compliant with DCB0129, and we've been assured by NHSEI against their information security and governance standards. Salutare have NHS Data Security and Protection Toolkit assurance, and the Cyber Essentials certification. Salutare aims to be IS027001 certified by 2024.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We follow agile methodologies and Scrum model for change implementation and management. We practice test-driven development and use retrospective sessions at the end of each sprint to reflect on testing processes and improvements. ; ; All development work goes through a pull-request testing process, whereby developers submit their completed feature code for review and is only added to the master branch upon passing a peer code review. Continuous build integrations [CI/CD] use testing automation into the software build and distribution processes.; ; We carry out yearly penetration testing of our products to assess for potential security impacts.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We execute regular penetration testing. Currently we are establishing more vulnerability management processes such as dependency tracking and automated pull requests for any vulnerabilities that are found. Pull requests will also apply to old software versions to quickly deploy patches to our services.; ; Our security assessor, Armadillo, identifies potential threats. They are CREST approved Penetration Testing, Vulnerability Assessment and a STAR and GBEST Attack Simulation testing company. They are also accredited by the NCSC as a green light company authorised to perform CHECK ITHC assessments for government departments.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We are building custom, internal monitoring services for our products, and we work with Azure logging and alerting for our public cloud tenants. This means we can find compromises and do further investigations.
• Incident management type: Supplier-defined controls
• Incident management approach: Our customers have two options to resolve common events - they can either go through our user support team to have real-time support or can independently resolve their issue using our support articles and videos.; ; In the case of an incident, we use all our user-facing channels to have an incident reported to us. We provide updates on the status of an incident that we are dealing with. All incidents are captured as reports in our incident log, covering incident details, actions taken and incident status. This is linked to our general task tracking system.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Traditional processes often involve significant resource consumption, including high energy use and paper waste. They also typically require patients to make multiple visits to healthcare facilities, leading to increased travel and associated emissions. Our solution addresses these challenges by reducing the need for in-person consultations and minimizing the use of paper.; ; The new automated blood testing system allows us to streamline the initial stages of patient diagnosis. This means fewer appointments are necessary, which helps reduce the strain on our clinical staff and facilities. By complementing this with digital follow-ups, we can continue providing care and monitoring patients without them needing to travel back to our facilities. This shift to digital platforms not only saves resources but also reduces carbon emissions from patient and staff travel.; ; These changes, while improving operational efficiency, also bring environmental benefits. By conducting more processes digitally, we significantly cut down on paper usage. Less frequent patient visits directly contribute to lower vehicular emissions, promoting better air quality and contributing to a healthier environment.

  Tackling economic inequality

  Access to healthcare is a significant factor in economic inequality. By minimizing the need for travel, automated blood testing and digital follow-ups significantly reduce the travel expenses traditionally associated with healthcare, such as transportation costs and lost wages due to time taken off work. For many individuals and families, especially those from lower-income backgrounds, these savings can be substantial, reducing the financial burden of seeking medical care.; ; Furthermore, by facilitating early detection and ongoing management of health conditions through more accessible testing and follow-ups, this system can help reduce the long-term healthcare costs for patients. Early diagnosis and effective management of diseases typically result in better health outcomes and lower healthcare costs over time. Patients can avoid more costly and extensive treatments that might be necessary when diseases are diagnosed at later stages.; ; Moreover, this technology-enhanced model of healthcare delivery can contribute to broader economic benefits by keeping the population healthier and more productive. Healthier individuals can maintain their ability to work, attend school, and participate in community life, which are all critical components of economic stability and growth.; ; By improving access to healthcare services through automated blood testing and digital follow-ups, we not only address health disparities but also contribute to reducing economic inequalities. These technologies ensure that healthcare is more accessible, affordable, and equitable, supporting broader societal goals of inclusivity and equality.

  Equal opportunity

  Automated blood testing and digital follow-ups fundamentally change how healthcare services are delivered, ensuring that they are more accessible to a broader range of people. This technology-driven approach reduces the need for physical presence at healthcare facilities, which is particularly beneficial for individuals in remote or underserved areas who may not have easy access to such facilities. By providing consistent healthcare services regardless of geographic location, these innovations promote equal opportunities for all patients to receive timely and accurate medical care.; ; This approach also supports people who might have difficulties attending regular appointments due to physical disabilities, work schedules, or caregiving responsibilities. Digital follow-ups can be conducted via video calls, emails, or mobile apps, offering flexible alternatives that accommodate various personal circumstances, thus ensuring that healthcare is accessible to everyone, not just those with flexible schedules or physical ability to travel.; By improving access to healthcare services through automated blood testing and digital follow-ups, we not only address health disparities but also contribute to reducing economic inequalities. These technologies ensure that healthcare is more accessible, affordable, and equitable, supporting broader societal goals of inclusivity and equality.

Pricing

• Price: £10 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Includes full use and visibility of the features for making referrals, setting up monitoring, or automating investigations. Does not include the ability to save or send summaries or recommendations.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris@salutare.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.