33N LTD

CLEARnotes

CLEARnotes is a clinically-designed patient consultation summary tool. The productivity tool converts clinician-patient conversations into clinical notes automatically - leveraging AI and speech recognition technologies to produce clear structured summaries which are ready to review and edit once the consultation is finished.

Features

• Automatically generated structured clinical summaries
• Option to produce other essential documents including referral/patient letters
• Ability to review and edit notes if required
• Easy to use platform
• Secure and compliant to NHS standards
• Customisable format
• Fully responsive to review on mobile and tablet devices
• Best practice user guide

Benefits

• More time to spend with patients
• Potential to enhance productivity by 20 to 80%
• Potential to reduce paperwork by up to 75%
• Increase capacity with the potential to reduce waiting lists
• Reduced clinical variation and increased standardised practice
• More detail captured in medical records
• Less reliance on external dictation services
• Improved documentation – quality and consistency across the team
• Reduced unnecessary cognitive load
• Improved job satisfaction, reducing burnout and increasing staff retention

£8,000.00 a unit

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@33n.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

673936140988576

Contact

Marc Lyall
03333395343
info@33n.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: There is currently no integration with electronic patient records (EPR). It has been designed for face-to-face consultations in English.
• System requirements:
  • Stable broadband connection
  • Up-to-date compatible web browser
  • Up-to-date operating system (Windows or MacOS)
  • Microphone

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times to support request received during business hours (Mon-Fri 09:00-17:00, except public holidays) are 2 hours. Support requests submitted at weekend or outside of business hours will receive a response within 2 hours of business hours of business hours recommencing.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Every client has the equivalent of five days of customer service included within their contract (total of 35 hours) - for each department where CLEARnotes is rolled out. This provides assistance with the initial set up, configuration, customisation and training as well as virtual meetings and on-site visits. A suite of online training materials is provided comprising a best practice user guide, step-by-step video tutorials and FAQs.; ; A customer service desk is available for troubleshooting Monday to Friday, 09:00-17:00 with problems submitted by email, response times are within 2 hours. ; ; Additional support can be purchased at £1,250 per day (7 hours), if required. ; ; Development requests can be submitted through the dedicated account manager. All users will be informed as updates are released.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: All customers are assigned a dedicated account manager who will support them to identify the clinical areas where they would like to implement CLEARnotes, and the number of clinics they would like to deploy the tool (pricing based on the number of clinics, see our pricing guide for the details).; ; They will then be introduced to the CLEARnotes customer service team, where clinicians with expertise in increasing productivity will provide advice. ; ; To customise CLEARnotes according to each service’s needs, the team will co-design the tool with the client to ensure it is aligned to the organisation’s and department’s workflows and EPR system structure. The configuration can be completed virtually or on-site. ; ; The team will collect names and email addresses of all those who will be using the tool, so that accounts can be created. The first users within a service or clinical area will be trained which will be accompanied with a suite of online training materials for future reference. ; ; Microphones are required, these will be tested to ensure that high quality audio is being captured. No installation onto customer systems is needed.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: If data extraction is requested, client data will be provide in a CSV format and securely transferred.
• End-of-contract process: Contracts will be automatically renewed at the end of the initial 12-month term for successive periods of 12 months. Either 33n or the customer can terminate the contract with 30 days’ notice, on the date six months after the start of the engagement date or at each three-month interval thereafter.; ; On termination of the contract, all licences granted under the contract will be immediately terminated and 33n will destroy all customer data, unless requested otherwise by the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Limited functionality
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: CLEARnotes can be customised to meet both service and organisational needs. Each client will work with their account manager to ensure CLEARnotes is aligned to their organisation’s workflows and EPR systems. ; ; Within different departments or clinical areas, the tool is also tailored to ensure the terminology and desired information is captured and structured appropriately post consultation. This accounts for variations in both clinical summaries and patient letters as well as enabling a seamless switch to the productivity tool.

Scaling

• Independence of resources: The service runs behind a load balancer and additional resources are automatically deployed within the architecture to overcome stresses on bandwidth and processing.

Analytics

• Service usage metrics: Yes
• Metrics types: Audit of user logins and services accessed and an audit of data uploads
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data cannot be exported directly. A request will need to be logged with 33n, upon which any customer data can be batched and sent to a service of the customer’s choosing.
• Data export formats: ODF
• Data import formats: ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The CLEARnotes technical team will ensure, as far as reasonably practicable, that outages are resolved within 24 hours of becoming aware of the issue. Scheduled downtime will take place outside of normal business hours with a 99% uptime, subject to scheduled downtime.
• Approach to resilience: Servers are loaded balanced where required. Automatic replacement of unhealthy servers without loss of service. Additional information is available on request.
• Outage reporting: Clients impacted by service outages will receive notifications via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are restricted to the role based access by specific usernames, support channels are restricted to authenticated users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: The NSH Digital Toolkit assessment is used to help inform our approach to security governance. Security governance is overseen by named personnel in-house with the support of the relevant expert third party specialists to ensure compliance with statutory legislation and other regulation. and that systems and infrastructure are configured to provide the safest environment possible.
• Information security policies and processes: The following are the principle policies and procedures used to control information security: Information governance policy; Information Sharing and Processing policy; Information Risk policy; Confidentiality policy; Consent policy; Data Protection and Information Security policy; Cloud Vulnerability and Patch Management policy.; All staff members receive training on information governance and data protection as part of employee onboarding and complete annual refresher training. Compliance is audited regularly by the DPO. Named personnel are identified to all employees as the key stakeholders in all data security policies and processes, including points of contact for any subject access request or potential or detected security breach. Relevant registers are maintained and regularly audited by information governance personnel to ensure compliance with company policy and statutory obligations. A nominated member of the board is available to lead governance and security personnel to ensure data security is directed and monitored at board level.; Additionally, 33n follow the AWS’s shared responsibility model which includes ISO/IEC 27001:2013 and the Amazon Web Services - Well architected framework - Security Pillar.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: 33n cloud infrastructure is fully captured in the code and stored in versioned source control. Once the infrastructure has been deployed to AWS using Terraform. 33n uses AWS Config service to validate that all AWS resources are configured to specification. AWS config will continuously monitor all provisioned resources and will alert on any resources that have been modified outside the Terraform. These changes will be submitted to our protective monitoring and alerted to the operational team.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All EC2 instances are based on 33n's prefabricated Amazon Machine Images (AMI) which are built using AWS CodeBuild and CIS open source hardening scripts and inspected by AWS Inspectors for vulnerability scanning. Upon scan completion of the AMI a report is produced by AWS inspector which is submitted and stored in SE for safe keeping. The AMI is either approved or rejected. All critical security patches are implemented within five days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: 33n track, monitor and analyse all EC2 instances logs on the metrics as well as logs produced from AWS CloudTrail and AWS GuardDuty. All the logs and metrics are sent to the encrypted AWS Elasticsearch cluster, where the data is stored and processed and alerted upon in the event of performance or security issues. All alerts are triggered by the AWS SNS service. All captured logs and metrics are displayed to the operational team using AWS Elasticsearch - Kibana dashboards and protected with a VPN connection, providing secure access to the dashboards. Response to critical incidents is 24-hours from detection.
• Incident management type: Supplier-defined controls
• Incident management approach: 33n tracks, monitor, analyse, and audit events through the use of AWS CloudTrail. CloudWatch, AWS Config, AWS Config Rules and GuardDuty. 33n uses behavioural-based rules for identifying and detecting breaches or spills with instant notifications about offending user accounts and systems. 33n regularly opens support tickets with AWS Support for cross-validation. In the event of a detection, 33n have SDKs for quick containment using pre-defined restrictive security groups. Once the host or instance is isolated, 33n determine and analyse the correlation, threat and timeline. The host or instance along with any associated volumes and keys are then destroyed

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Wellbeing

  Covid-19 recovery

  CLEARnotes enhances the speed and efficiency of clinical consultations with the potential to increase productivity by between 20-80%, thereby increasing capacity and the potential to reduce waiting lists.

  Wellbeing

  The tool enables clinicians to spend more time with patients and reducing unnecessary cognitive load for clinicians and burnout, improving job satisfaction and increasing staff retention.

Pricing

• Price: £8,000.00 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@33n.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.