Digitals for Health

CareHome Web System

A comprehensive, fully integrated online care management system designed for care homes, enabling them to provide end-to-end care for their residents. This system encompasses all aspects of care management: daily duty allocation, appointment management, bed management, duty rota planning, event reporting, audits and inspections, as well as supervision and appraisal.

Features

• Care provision records
• Staff Duty Rota Planning
• Daily Duty Allocation
• Event Reporting
• Repairs and Maintenance
• Audits and inspections
• Staff Supervision and Appraisal
• Appointment Management
• Document Management
• Bed Management

Benefits

• All aspects of care home management in one integrated solution
• Accessible by all staff regardless of location they are working
• Ensures compliance with CQC standards is maintained
• Integrates with GP records
• Uses open APIs to integrate with smart health apps
• Real-time access to health data, alerts
• Strict data governance policies
• Advanced analytics for care decisions
• Available on the app
• Available to add any external innovative modules easily

£1,500 a licence a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@digitals.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

687134036159584

Contact

Andy Green
020 7193 1174
admin@digitals.org.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The system has been designed to run on Microsoft Azure. It can be run on other hosting environments though this would incur additional setup costs.
• System requirements: Microsoft 365 license required for each user to enable 2FA

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Blocker - Security incident where data security is in question - 1 business hour; Critical - Whole of or a critical part of the system(s) unusable, causing immediate and significant business impact - 4 business hours; Major - A significant, but not immediately critical, part of the system(s) unusable, creating some business impact - Next business day; Minor - One or more users are unable to access the system but alternative access or workarounds are available - Next business day; Trivial - Non-urgent causing inconvenience only. A workaround is available. A request for information or query.; Next business day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support levels and costs will depend on the specific requirements.; We will be providing an account manager and support engineer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will provide documentation and will provide both online and onsite training if required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users will need to submit a request to us to have their data extracted
• End-of-contract process: The access is terminated, the data is erased from our system and any help that the customer needs during this process is given.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No significant difference
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: It is a fairly typical web application with an extensive collapsible menu on the left-hand side and a responsive main area to the right of the menu.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: As the service is not intended to be used by members of the general public it has not been designed with accessibility as a primary consideration. However it has been tested extensively with staff of care homes to ensure it meets their diverse accesability needs.
• API: Yes
• What users can and can't do using the API: Currently, our API is not available for external access, ensuring we maintain strict control over our technological environment and data security. However, we are considering strategies for future API externalisation. This potential expansion would involve rigorous testing and compliance measures to meet industry standards and client expectations.; ; Limitations:; External developers and third-party users cannot access the API at this time.; Changes and setups are restricted to internal operations and must be conducted by our authorised IT staff.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Our service offers a bespoke solution tailored to meet the specific needs of each implementation. Customisations are not user-configurable and must be executed by our team to ensure consistency, reliability, and compliance with existing systems.; ; Customisation possibilities include but are not limited to:; ; User Roles and Permissions: Tailoring access levels and permissions for different users to ensure security and operational efficiency.; Operational Settings: Configuring service parameters such as operating hours, resource allocation, and specific workflow requirements.; System Integrations: Integrating with other internal or third-party systems to create a seamless operational environment.; User Interface: Customising the user interface to reflect corporate branding and enhance user engagement.

Scaling

• Independence of resources: Each customer will have their own instance of the service which will be independent of all other instances.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Some, but not all, parts of the service include a data export function. If users require data to be exported from a part of the service where the export function is not built-in then they will need to submit a request to us.
• Data export formats: Other
• Other data export formats:
  • XLSX
  • PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee 99% availability
• Approach to resilience: Strong coding practices and use of Azure Cloud infrastructure. We deploy our production environments with multiple redundancy on all components from computing resources to data storage level.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Through identity federation with Microsoft 365 and 2FA
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: The Board of Directors is ultimately responsible for ensuring that Digitals meets its legal obligations by setting and endorsing the Information Governance (IG) Strategy and to formally review the agreed policies and procedures to ensure continued compliance.; The Managing Director, has overall responsibility for Digitals’ compliance with IG and is responsible for:; Keeping the board updated about data protection responsibilities, risks and issues; Reviewing all data protection procedures and related policies, in line with an agreed schedule.; The Head of Operations and Security, is responsible for:; Arranging data protection training and advice for the people covered by this policy; Handling data protection questions from staff and anyone else covered by this policy; Dealing with requests from individuals to see the data Digitals holds about them (also called ‘Subject Access Requests’); Checking and approving any contracts or agreements with third parties that may handle the Company’s sensitive data.; The IT Manager, is responsible for:; Ensuring all systems, services and equipment used for storing data meet acceptable security standards; Performing regular checks and scans to ensure security hardware and software is functioning properly; Evaluating any third-party services the Company is considering using to store or process data.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We standardise and automate configuration management through the use of automation scripts as well as documentation of all changes to production systems and networks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our process focuses on assessing and prioritising vulnerabilities, identifying which patches are most relevant, ensuring funds and resources can be deployed to best effect.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We collect and analyse information to detect suspicious behaviour or unauthorised system changes on your network
• Incident management type: Supplier-defined controls
• Incident management approach: We log the incidents, categorise them, prioritise them, assign for resolution, manage as per our SLA, resolve, close.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our care home software system is engineered to significantly enhance the wellbeing of residents by seamlessly integrating health monitoring and community engagement into our platform. ; ; Automated Health Monitoring: Our software features open APIs to add health monitoring indicators, alerting care staff in real-time about residents' needs, which allows for prompt and effective medical responses.; ; Mental Health Modules: We provide modules within the software that facilitate regular mental health check-ins supporting residents' emotional and psychological wellbeing.; ; Staff Wellness and Training: Our software an integrate with an e-learning platform specifically designed for staff, offering courses on health, social care, and resident engagement. This can not only enhance their professional capabilities but will also focus them on their own mental and physical wellbeing.

Pricing

• Price: £1,500 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@digitals.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.