Skip to main content

Help us improve the Digital Marketplace - send your feedback

Strata Health LTD

03. e-RS A&G, Triage & Patient Portal

Strata Health integrates seamlessly with NHS e-Referral Service (eRS), boosting capabilities for both senders and receivers. Users can execute workflows directly within PathWays™, tailored to each client's needs and care types, enhancing efficiency and coordination across healthcare services.

Features

  • Centralized hub for healthcare professionals to manage and track referrals
  • Customizable Referral Workflows
  • Seamless Integration
  • Unique Booking Reference Number (UBRNs) generation
  • Comprehensive analytics and reporting tools to track referral volume

Benefits

  • Improved Efficiency
  • Enhanced Communication
  • Workflow Optimization
  • Increased Visibility
  • Customization
  • Compliance and Quality Assurance

Pricing

£12,000 an instance a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@stratahealth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 9 6 1 0 0 3 8 0 7 1 5 3 7 4

Contact

Strata Health LTD Strata Sales Team
Telephone: +44 (0) 3330 020233
Email: Sales@stratahealth.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Strata Pathways can be used standalone or integrated with other strata or third party systems.
Strata Pathways offers a service user/ patient facing portal enabling wider access where appropriate, empowering the patient to self-manage.
e.g. PAS, EMR, EPR, SCR, video consultation etc.
Cloud deployment model
Private cloud
Service constraints
No. Strata PathWays is provided as a managed service. Maintenance & down time is planned with clients in advance.
System requirements
  • Access to internet connected device
  • Access to up to date internet browser
  • Valid user account

User support

Email or online ticketing support
Email or online ticketing
Support response times
Strata Pathways is a cloud-based solution accessible and supported around the clock, 24/7/365. Every component of the system remains consistently available. As a global provider, we adopt a 'follow the sun' approach to support and maintenance, ensuring assistance is available at any hour. Depending on priority, tickets receive a response within 20 minutes to 4 hours.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Here's a breakdown of the support levels provided by Strata Health:

Standard Support Level: Included in the base cost, this level ensures that all NHS clients receive equal treatment and access to support services. It includes 24x7x365 availability for support, with all parts of the system accessible at all times, provided clients have internet access. Scheduled upgrades and maintenance are communicated in advance and conducted outside of normal business hours.

Premium Support Level: This level offers enhanced support features beyond the standard package, such as dedicated technical account managers or cloud support engineers. The cost for premium support varies depending on the scope of services required and the size of the client's implementation.

Customized Support Level: For clients with specific support needs or requirements beyond the standard or premium levels, Strata Health offers customized support solutions. The cost for customized support is determined on a case-by-case basis, tailored to the unique needs of the client.

By offering these support levels, Strata Health ensures that clients receive the appropriate level of assistance and expertise to maximize the value of their investment in Strata Pathways.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We assist users in getting started with Strata Pathways by providing comprehensive implementation support and training programs. Our service is delivered as a Software as a Service (SaaS) managed solution, ensuring ease of access and implementation. The process begins with project initiation, followed by scoping and business process design to tailor the platform to the specific needs of the organization. We assist in digitization, configuration, and deployment, complemented by a structured training program.

Training sessions are provided to administrators and users at the outset of the project and can be ongoing as needed. These sessions can be conducted onsite or virtually, depending on the client's preferences and logistical considerations. Our dedicated account managers work closely with client leads to determine the frequency, location, and scheduling of training sessions.

The training program aims to enable users to derive maximum value from the solution while also equipping them with the skills to address specific requirements. Additionally, we provide full documentation customized to the implemented service, ensuring users have access to comprehensive resources for ongoing support and reference. Overall, our goal is to facilitate a smooth and effective onboarding process, empowering users to leverage the full capabilities of Strata Pathways.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Video Training Guides
  • Docx
End-of-contract data extraction
When concluding the contract, Strata Health collaborates with clients to establish a secure and appropriate exit strategy. We typically request advance termination notices to formalize the exit plan and ensure adequate support for the client.

At the termination of the contract, Strata Health provides clients with a full copy of the production database housed within Strata PathWays. Designated client users have the capability to extract data themselves via the management console. Alternatively, clients may opt for Strata Health to perform the data extraction on their behalf. This extraction is conducted securely as a SQL database extract, and the data is transferred to an external hard drive, DVD, or a secure FTP location designated by the client.

Upon request, Strata Health can also supply destruction certificates or any other necessary documentation to ensure the secure handling of data.
End-of-contract process
Upon reaching the end of the contract, Strata's Account Management & Implementation teams collaborate with clients to establish a seamless exit strategy. To ensure a smooth transition, termination notices are requested in advance of the contract end date, facilitating the formalization of the exit plan and providing essential client support.

Included in the contract, Strata provides a complete copy of the live database housed within PathWays upon termination of service. Designated client users can independently extract data via the management console. Alternatively, clients may opt for Strata to perform the extraction, providing the data securely as a SQL database on an external hard drive, DVD, or a designated SFTP location.

Additional services, such as a full destruction & data removal process, including necessary destruction certificates, are available upon request and are subject to an agreed-upon charge. Strata will deactivate all API links to client systems upon termination.

Should a client require service extension in compliance with approved regulations, Strata will provide assistance, with charges incurred at the contracted monthly rate for any portion of each monthly period beyond the contract termination date.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None. The platform, features & functions remain the same.
Service interface
No
User support accessibility
WCAG 2.1 AAA
API
Yes
What users can and can't do using the API
With Strata Pathways' JSON RESTful APIs and web-based API explorer, users can efficiently integrate and interact with the system. Through the API, users can set up the service by creating and configuring various components such as patient profiles, referral forms, workflows, and user permissions. This enables seamless integration with existing systems and customization to meet specific organizational needs. Additionally, users can make changes to existing configurations, update patient information, modify referral processes, and adjust workflow parameters, empowering them to adapt the system to evolving requirements and optimize operational efficiency. Our web-based API explorer provides a user-friendly interface for interactive testing of API endpoints, documentation viewing, and understanding of required data structures. However, users must have appropriate permissions and authorization for accessing and modifying sensitive data or system configurations. While the API allows extensive customization, complex configurations may require additional expertise or support from our technical team. Overall, Strata Pathways' API facilitates efficient management and customization of the system, ensuring data security and regulatory compliance while meeting the diverse needs of healthcare organizations.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users can extensively customize Strata Pathways to suit their specific requirements and preferences. This includes tailoring clinical pathways, forms, data schemas, smart templates, and processing logic for Robotic Process Automation (RPA). Through collaboration with our team, users can articulate their customization needs, whether it involves adapting existing functionalities or developing new features. Our experts work closely with clients to understand their unique workflow processes, organizational goals, and regulatory requirements. Once identified, customization is implemented to align the platform with the organization's local practices and best practices in healthcare. This level of customization ensures that the platform seamlessly integrates into existing workflows and maximizes operational efficiency. Users with appropriate permissions and access rights can initiate and oversee customization efforts, ensuring that changes align with organizational objectives and comply with relevant regulations. Overall, Strata Pathways offers a flexible and adaptable solution that empowers users to tailor the platform according to their specific needs, promoting efficiency, compliance, and optimal patient care.

Scaling

Independence of resources
Care Network (HSCN), ensuring independence of resources for each client. Our scalable infrastructure allows us to adjust service capacity based on demand, mitigating the impact of increased usage on individual clients. With fully resilient architecture across multiple sites and adherence to ISO processes, our stand-alone service operates on virtual servers, providing quick expansion capabilities as needed. This ensures uninterrupted performance and reliability for all users, independent of the demand placed by others on the platform.

Analytics

Service usage metrics
Yes
Metrics types
We leverage New Relic APM to manage Strata Pathways, cloud infrastructure, and system activity and ensure peak performance. Additionally, our Strata IQ Business Intelligence solution enables access to a wide range of reports and dashboards, providing insights into user and patient flow data. Clients can monitor various metrics such as access, referral volume, activity, outcomes, and more, empowering them to comprehend the flow within and around care networks. This facilitates the commissioning of appropriately sized services based on supply and demand dynamics and facilitates the identification of bottlenecks in processes for efficient resolution.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users have the flexibility to export their data through the management or reporting console in various formats, including CSV, spreadsheet, JSON, XML, SQL, ETL, or Database table. Alternatively, users can opt for Strata to facilitate the extraction process and securely return the data. This can be provided as a secure SQL database, delivered on an external hard drive, DVD, or transferred to a designated SFTP location specified by the client.
Data export formats
  • CSV
  • Other
Other data export formats
  • SQL
  • JSON
  • ETL
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • ETL
  • SQL

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We provide 99.5 availability of the service under our standard SLA. Our Service Level Agreement is include with the Terms and Conditions and in the event of an outage Strata will work with the clients to agree any monetary compensation based on lost whole service days.
Approach to resilience
Strata PathWays™ ensures robust resilience through its deployment in the AWS cloud, utilizing geolocated VPCs for enhanced datacentre setup. Each VPC offers a logical isolated network within a specific geographical region, with customizable network configurations and segregated layers across multiple zones within the same region. With hot standby's in multiple zones, data and applications are fully replicated, enabling seamless traffic rerouting in the event of a disaster. Our yearly DR testing ensures policy alignment with testing outcomes, while data recovery mechanisms and regular backups, including hourly or nightly database backups and VM snapshots, ensure data integrity and availability. For detailed datacentre setup resilience information, please request.
Outage reporting
Our service relies on New Relic to meticulously track every aspect of our solution in real-time, ensuring we stay informed about any potential outages. With New Relic's capabilities, we maintain client dashboards, offering a comprehensive real-time view of our solution's status. Moreover, our system features an API for seamless integration with client systems, enabling automated alerting processes. If a service disruption occurs, our support desk is promptly notified for swift resolution, while clients receive notifications via email, in-system alerts, and other agreed communication channels, ensuring they are kept informed throughout the process.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Strata Health Solutions employs Role-Based Access Control (RBAC) to manage access in management interfaces and support channels. Client leadership retains control over access permissions, dictating which individuals or groups can access specific system features based on their roles and levels. RBAC ensures that users only have access to the features and parts of the system aligned with their designated roles. This granular control extends to management consoles and support channels, ensuring that access is restricted appropriately across all aspects of the Strata platform.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
25/07/2023
What the ISO/IEC 27001 doesn’t cover
Not Applicable,
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
NHS Data Protection and Security Toolkit

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
At Strata Health Solutions, we prioritize the security and integrity of patient health information (PHI) and personally identifiable information (PII) through comprehensive policies and procedures. Our approach involves categorizing confidential data into client confidential and business confidential categories, adhering to the guidelines outlined in our ISF03 Information Security Document Classification. This includes safeguarding PHI, service-related information, clinician details, and other PII in compliance with regional privacy acts.

All staff members are entrusted with the responsibility of protecting confidential information and are bound by stringent security criteria. Our CEO oversees policy adherence, while our Security Office ensures the effectiveness and suitability of our security measures.

Strata Health Solutions is proud to be ISO/IEC 27001, GDPR, and NHS DSPT compliant, underscoring our commitment to meeting the highest standards of data security and privacy. Through regular monitoring and enforcement mechanisms, we maintain a robust security framework that safeguards sensitive information and upholds the trust placed in our services.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
At Strata Health Solutions, our configuration and change management strictly adhere to ISO 27001 guidelines. We track and manage all programs using various systems, ensuring industry best practices. Components undergo meticulous tracking throughout their lifecycle, facilitating efficient management. When assessing changes, we prioritize security impact evaluations, aligning with ISO 27001 standards. Our rigorous analysis identifies potential security implications, guaranteeing cautious implementation. By following industry best practices, we uphold service integrity and reliability, providing clients with robust configuration and change management.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
At Strata Health Solutions, vulnerability management aligns with ISO 27001 guidelines. We employ diverse systems to monitor and manage threats, swiftly mobilizing to address any identified risks and apply necessary patches. Our process entails continuous assessment of potential threats, ensuring proactive mitigation. We prioritize rapid patch deployment, adhering to industry best practices and guidelines. Moreover, we collaborate with leading industry partners to stay abreast of relevant threat information, enhancing our ability to anticipate and respond effectively to emerging risks. Through these measures, we maintain the security and resilience of our services.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Strata Health Solutions employs protective monitoring processes aligned with ISO 27001 guidelines. We utilize diverse systems to identify potential compromises swiftly. Upon detecting a potential compromise, our response is immediate and decisive, aiming to mitigate risks promptly. We prioritize rapid incident response, leveraging industry best practices to ensure timely resolution. Our proactive approach enables us to swiftly address incidents, minimizing potential impacts and safeguarding the integrity of our services. Through these measures, we maintain a robust protective monitoring framework, enhancing the security posture of our solutions.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Strata Health Solutions ensures robust incident management aligned with ISO 27001 standards. Leveraging JIRA, we adhere to industry best practices, including ITIL for service desk management. We offer pre-defined processes for common events, enhancing efficiency and consistency. Users can report incidents via email or our 24/7 support numbers. Through our support processes, we meticulously track and monitor progress, providing timely updates to users as necessary. Incident reports are delivered promptly, ensuring transparency and facilitating informed decision-making for stakeholders. Our structured approach mitigates risks and minimizes disruptions, safeguarding the continuity of our services.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Strata Health's G-Cloud service provision contributes to fighting climate change through robust decarbonization efforts. Our Remote Work Policy significantly reduces commuting emissions, quantified using the ACEL Estimator, saving over 65,013 CO2e emissions (kg/year). We continuously benchmark against industry standards, engage employees, and ensure transparent reporting on our environmental impact. Additionally, we explore technological and operational adjustments to further decrease carbon intensity. Our commitment to measurable reductions in CO2e emissions aligns with social value themes, demonstrating our dedication to environmental stewardship and contributing to a sustainable future.
For further details please contact us.

Covid-19 recovery

As we navigate the ongoing challenges posed by the pandemic, we pledge to actively contribute to the recovery efforts. This includes supporting initiatives that address healthcare needs, designing digital pathways that aid the access into the right care setting in safely & efficiently, supporting economic recovery and removing waste & lost time, and enhancing community resilience.
For further details please contact us.

Tackling economic inequality

Strata Health's G-Cloud service provision contributes to tackling economic inequality by providing meaningful opportunities for unemployed individuals. Through partnerships with universities and job seeker support programs, we offer work experience in cybersecurity, equipping participants with practical skills for the job market. Our commitment extends to 'support into work' assistance, including career mentoring and CV advice, empowering individuals to secure employment. By measuring the impact of our initiatives and fostering new business ventures and skills development, we aim to create a more inclusive and dynamic economy, addressing the challenges of economic inequality.
For further details please contact us.

Equal opportunity

Equality is a fundamental principle that guides our actions. We are dedicated to providing equal opportunities for all, fostering diversity and inclusion within our workforce, and supporting initiatives that promote social justice.
For further details please contact us.

Wellbeing

The well-being of our employees, clients, and the communities we serve is paramount. We will invest in programs that prioritize mental and physical health, creating a positive and supportive environment for all.
For further details please contact us.

Pricing

Price
£12,000 an instance a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@stratahealth.com. Tell them what format you need. It will help if you say what assistive technology you use.