Strata Health LTD

03. e-RS A&G, Triage & Patient Portal

Strata Health integrates seamlessly with NHS e-Referral Service (eRS), boosting capabilities for both senders and receivers. Users can execute workflows directly within PathWays™, tailored to each client's needs and care types, enhancing efficiency and coordination across healthcare services.

Features

• Centralized hub for healthcare professionals to manage and track referrals
• Customizable Referral Workflows
• Seamless Integration
• Unique Booking Reference Number (UBRNs) generation
• Comprehensive analytics and reporting tools to track referral volume

Benefits

• Improved Efficiency
• Enhanced Communication
• Workflow Optimization
• Increased Visibility
• Customization
• Compliance and Quality Assurance

£12,000 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@stratahealth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

696100380715374

Contact

Strata Sales Team
+44 (0) 3330 020233
Sales@stratahealth.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Strata Pathways can be used standalone or integrated with other strata or third party systems. ; Strata Pathways offers a service user/ patient facing portal enabling wider access where appropriate, empowering the patient to self-manage. ; e.g. PAS, EMR, EPR, SCR, video consultation etc.
• Cloud deployment model: Private cloud
• Service constraints: No. Strata PathWays is provided as a managed service. Maintenance & down time is planned with clients in advance.
• System requirements:
  • Access to internet connected device
  • Access to up to date internet browser
  • Valid user account

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Strata Pathways is a cloud-based solution accessible and supported around the clock, 24/7/365. Every component of the system remains consistently available. As a global provider, we adopt a 'follow the sun' approach to support and maintenance, ensuring assistance is available at any hour. Depending on priority, tickets receive a response within 20 minutes to 4 hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Here's a breakdown of the support levels provided by Strata Health:; ; Standard Support Level: Included in the base cost, this level ensures that all NHS clients receive equal treatment and access to support services. It includes 24x7x365 availability for support, with all parts of the system accessible at all times, provided clients have internet access. Scheduled upgrades and maintenance are communicated in advance and conducted outside of normal business hours.; ; Premium Support Level: This level offers enhanced support features beyond the standard package, such as dedicated technical account managers or cloud support engineers. The cost for premium support varies depending on the scope of services required and the size of the client's implementation.; ; Customized Support Level: For clients with specific support needs or requirements beyond the standard or premium levels, Strata Health offers customized support solutions. The cost for customized support is determined on a case-by-case basis, tailored to the unique needs of the client.; ; By offering these support levels, Strata Health ensures that clients receive the appropriate level of assistance and expertise to maximize the value of their investment in Strata Pathways.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We assist users in getting started with Strata Pathways by providing comprehensive implementation support and training programs. Our service is delivered as a Software as a Service (SaaS) managed solution, ensuring ease of access and implementation. The process begins with project initiation, followed by scoping and business process design to tailor the platform to the specific needs of the organization. We assist in digitization, configuration, and deployment, complemented by a structured training program.; ; Training sessions are provided to administrators and users at the outset of the project and can be ongoing as needed. These sessions can be conducted onsite or virtually, depending on the client's preferences and logistical considerations. Our dedicated account managers work closely with client leads to determine the frequency, location, and scheduling of training sessions.; ; The training program aims to enable users to derive maximum value from the solution while also equipping them with the skills to address specific requirements. Additionally, we provide full documentation customized to the implemented service, ensuring users have access to comprehensive resources for ongoing support and reference. Overall, our goal is to facilitate a smooth and effective onboarding process, empowering users to leverage the full capabilities of Strata Pathways.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Video Training Guides
  • Docx
• End-of-contract data extraction: When concluding the contract, Strata Health collaborates with clients to establish a secure and appropriate exit strategy. We typically request advance termination notices to formalize the exit plan and ensure adequate support for the client.; ; At the termination of the contract, Strata Health provides clients with a full copy of the production database housed within Strata PathWays. Designated client users have the capability to extract data themselves via the management console. Alternatively, clients may opt for Strata Health to perform the data extraction on their behalf. This extraction is conducted securely as a SQL database extract, and the data is transferred to an external hard drive, DVD, or a secure FTP location designated by the client.; ; Upon request, Strata Health can also supply destruction certificates or any other necessary documentation to ensure the secure handling of data.
• End-of-contract process: Upon reaching the end of the contract, Strata's Account Management & Implementation teams collaborate with clients to establish a seamless exit strategy. To ensure a smooth transition, termination notices are requested in advance of the contract end date, facilitating the formalization of the exit plan and providing essential client support.; ; Included in the contract, Strata provides a complete copy of the live database housed within PathWays upon termination of service. Designated client users can independently extract data via the management console. Alternatively, clients may opt for Strata to perform the extraction, providing the data securely as a SQL database on an external hard drive, DVD, or a designated SFTP location.; ; Additional services, such as a full destruction & data removal process, including necessary destruction certificates, are available upon request and are subject to an agreed-upon charge. Strata will deactivate all API links to client systems upon termination.; ; Should a client require service extension in compliance with approved regulations, Strata will provide assistance, with charges incurred at the contracted monthly rate for any portion of each monthly period beyond the contract termination date.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None. The platform, features & functions remain the same.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: With Strata Pathways' JSON RESTful APIs and web-based API explorer, users can efficiently integrate and interact with the system. Through the API, users can set up the service by creating and configuring various components such as patient profiles, referral forms, workflows, and user permissions. This enables seamless integration with existing systems and customization to meet specific organizational needs. Additionally, users can make changes to existing configurations, update patient information, modify referral processes, and adjust workflow parameters, empowering them to adapt the system to evolving requirements and optimize operational efficiency. Our web-based API explorer provides a user-friendly interface for interactive testing of API endpoints, documentation viewing, and understanding of required data structures. However, users must have appropriate permissions and authorization for accessing and modifying sensitive data or system configurations. While the API allows extensive customization, complex configurations may require additional expertise or support from our technical team. Overall, Strata Pathways' API facilitates efficient management and customization of the system, ensuring data security and regulatory compliance while meeting the diverse needs of healthcare organizations.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can extensively customize Strata Pathways to suit their specific requirements and preferences. This includes tailoring clinical pathways, forms, data schemas, smart templates, and processing logic for Robotic Process Automation (RPA). Through collaboration with our team, users can articulate their customization needs, whether it involves adapting existing functionalities or developing new features. Our experts work closely with clients to understand their unique workflow processes, organizational goals, and regulatory requirements. Once identified, customization is implemented to align the platform with the organization's local practices and best practices in healthcare. This level of customization ensures that the platform seamlessly integrates into existing workflows and maximizes operational efficiency. Users with appropriate permissions and access rights can initiate and oversee customization efforts, ensuring that changes align with organizational objectives and comply with relevant regulations. Overall, Strata Pathways offers a flexible and adaptable solution that empowers users to tailor the platform according to their specific needs, promoting efficiency, compliance, and optimal patient care.

Scaling

• Independence of resources: Care Network (HSCN), ensuring independence of resources for each client. Our scalable infrastructure allows us to adjust service capacity based on demand, mitigating the impact of increased usage on individual clients. With fully resilient architecture across multiple sites and adherence to ISO processes, our stand-alone service operates on virtual servers, providing quick expansion capabilities as needed. This ensures uninterrupted performance and reliability for all users, independent of the demand placed by others on the platform.

Analytics

• Service usage metrics: Yes
• Metrics types: We leverage New Relic APM to manage Strata Pathways, cloud infrastructure, and system activity and ensure peak performance. Additionally, our Strata IQ Business Intelligence solution enables access to a wide range of reports and dashboards, providing insights into user and patient flow data. Clients can monitor various metrics such as access, referral volume, activity, outcomes, and more, empowering them to comprehend the flow within and around care networks. This facilitates the commissioning of appropriately sized services based on supply and demand dynamics and facilitates the identification of bottlenecks in processes for efficient resolution.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users have the flexibility to export their data through the management or reporting console in various formats, including CSV, spreadsheet, JSON, XML, SQL, ETL, or Database table. Alternatively, users can opt for Strata to facilitate the extraction process and securely return the data. This can be provided as a secure SQL database, delivered on an external hard drive, DVD, or transferred to a designated SFTP location specified by the client.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • SQL
  • JSON
  • ETL
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • ETL
  • SQL

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We provide 99.5 availability of the service under our standard SLA. Our Service Level Agreement is include with the Terms and Conditions and in the event of an outage Strata will work with the clients to agree any monetary compensation based on lost whole service days.
• Approach to resilience: Strata PathWays™ ensures robust resilience through its deployment in the AWS cloud, utilizing geolocated VPCs for enhanced datacentre setup. Each VPC offers a logical isolated network within a specific geographical region, with customizable network configurations and segregated layers across multiple zones within the same region. With hot standby's in multiple zones, data and applications are fully replicated, enabling seamless traffic rerouting in the event of a disaster. Our yearly DR testing ensures policy alignment with testing outcomes, while data recovery mechanisms and regular backups, including hourly or nightly database backups and VM snapshots, ensure data integrity and availability. For detailed datacentre setup resilience information, please request.
• Outage reporting: Our service relies on New Relic to meticulously track every aspect of our solution in real-time, ensuring we stay informed about any potential outages. With New Relic's capabilities, we maintain client dashboards, offering a comprehensive real-time view of our solution's status. Moreover, our system features an API for seamless integration with client systems, enabling automated alerting processes. If a service disruption occurs, our support desk is promptly notified for swift resolution, while clients receive notifications via email, in-system alerts, and other agreed communication channels, ensuring they are kept informed throughout the process.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Strata Health Solutions employs Role-Based Access Control (RBAC) to manage access in management interfaces and support channels. Client leadership retains control over access permissions, dictating which individuals or groups can access specific system features based on their roles and levels. RBAC ensures that users only have access to the features and parts of the system aligned with their designated roles. This granular control extends to management consoles and support channels, ensuring that access is restricted appropriately across all aspects of the Strata platform.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 25/07/2023
• What the ISO/IEC 27001 doesn’t cover: Not Applicable,
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Protection and Security Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: At Strata Health Solutions, we prioritize the security and integrity of patient health information (PHI) and personally identifiable information (PII) through comprehensive policies and procedures. Our approach involves categorizing confidential data into client confidential and business confidential categories, adhering to the guidelines outlined in our ISF03 Information Security Document Classification. This includes safeguarding PHI, service-related information, clinician details, and other PII in compliance with regional privacy acts.; ; All staff members are entrusted with the responsibility of protecting confidential information and are bound by stringent security criteria. Our CEO oversees policy adherence, while our Security Office ensures the effectiveness and suitability of our security measures.; ; Strata Health Solutions is proud to be ISO/IEC 27001, GDPR, and NHS DSPT compliant, underscoring our commitment to meeting the highest standards of data security and privacy. Through regular monitoring and enforcement mechanisms, we maintain a robust security framework that safeguards sensitive information and upholds the trust placed in our services.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: At Strata Health Solutions, our configuration and change management strictly adhere to ISO 27001 guidelines. We track and manage all programs using various systems, ensuring industry best practices. Components undergo meticulous tracking throughout their lifecycle, facilitating efficient management. When assessing changes, we prioritize security impact evaluations, aligning with ISO 27001 standards. Our rigorous analysis identifies potential security implications, guaranteeing cautious implementation. By following industry best practices, we uphold service integrity and reliability, providing clients with robust configuration and change management.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: At Strata Health Solutions, vulnerability management aligns with ISO 27001 guidelines. We employ diverse systems to monitor and manage threats, swiftly mobilizing to address any identified risks and apply necessary patches. Our process entails continuous assessment of potential threats, ensuring proactive mitigation. We prioritize rapid patch deployment, adhering to industry best practices and guidelines. Moreover, we collaborate with leading industry partners to stay abreast of relevant threat information, enhancing our ability to anticipate and respond effectively to emerging risks. Through these measures, we maintain the security and resilience of our services.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Strata Health Solutions employs protective monitoring processes aligned with ISO 27001 guidelines. We utilize diverse systems to identify potential compromises swiftly. Upon detecting a potential compromise, our response is immediate and decisive, aiming to mitigate risks promptly. We prioritize rapid incident response, leveraging industry best practices to ensure timely resolution. Our proactive approach enables us to swiftly address incidents, minimizing potential impacts and safeguarding the integrity of our services. Through these measures, we maintain a robust protective monitoring framework, enhancing the security posture of our solutions.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Strata Health Solutions ensures robust incident management aligned with ISO 27001 standards. Leveraging JIRA, we adhere to industry best practices, including ITIL for service desk management. We offer pre-defined processes for common events, enhancing efficiency and consistency. Users can report incidents via email or our 24/7 support numbers. Through our support processes, we meticulously track and monitor progress, providing timely updates to users as necessary. Incident reports are delivered promptly, ensuring transparency and facilitating informed decision-making for stakeholders. Our structured approach mitigates risks and minimizes disruptions, safeguarding the continuity of our services.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Strata Health's G-Cloud service provision contributes to fighting climate change through robust decarbonization efforts. Our Remote Work Policy significantly reduces commuting emissions, quantified using the ACEL Estimator, saving over 65,013 CO2e emissions (kg/year). We continuously benchmark against industry standards, engage employees, and ensure transparent reporting on our environmental impact. Additionally, we explore technological and operational adjustments to further decrease carbon intensity. Our commitment to measurable reductions in CO2e emissions aligns with social value themes, demonstrating our dedication to environmental stewardship and contributing to a sustainable future.; For further details please contact us.

  Covid-19 recovery

  As we navigate the ongoing challenges posed by the pandemic, we pledge to actively contribute to the recovery efforts. This includes supporting initiatives that address healthcare needs, designing digital pathways that aid the access into the right care setting in safely & efficiently, supporting economic recovery and removing waste & lost time, and enhancing community resilience.; For further details please contact us.

  Tackling economic inequality

  Strata Health's G-Cloud service provision contributes to tackling economic inequality by providing meaningful opportunities for unemployed individuals. Through partnerships with universities and job seeker support programs, we offer work experience in cybersecurity, equipping participants with practical skills for the job market. Our commitment extends to 'support into work' assistance, including career mentoring and CV advice, empowering individuals to secure employment. By measuring the impact of our initiatives and fostering new business ventures and skills development, we aim to create a more inclusive and dynamic economy, addressing the challenges of economic inequality.; For further details please contact us.

  Equal opportunity

  Equality is a fundamental principle that guides our actions. We are dedicated to providing equal opportunities for all, fostering diversity and inclusion within our workforce, and supporting initiatives that promote social justice.; For further details please contact us.

  Wellbeing

  The well-being of our employees, clients, and the communities we serve is paramount. We will invest in programs that prioritize mental and physical health, creating a positive and supportive environment for all.; For further details please contact us.

Pricing

• Price: £12,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@stratahealth.com. Tell them what format you need. It will help if you say what assistive technology you use.