BadgerNet Maternity Fully Integrated System
Maternity System is based upon principles of Pregnancy Episodes which describes all information and data recorded as part of standard maternity care. It encompasses the period of a woman’s health record from conception through to four weeks postpartum when care is then transferred to the primary health provider
Features
- Static data input forms for recording episodic information
- Note input forms for recording time-based events in registration
- Patient registration reports, labour and delivery reports
- Patient lists
- Reminders and alerts relating to the mother
- Data quality checks on statutory data sets
- Mandatory fields
- Apps for Maternity and Maternity notes
- Integration to standard systems and devices (CTG) included
Benefits
- Users can record the details relating to the booking process
- Users can record the details relating to notes
- Users can record the details relating to events
- Reporting includes all patient level letters and documents
- The system also included Birth Episodes
- It covers the period from birth to 4-weeks post-partum
- Records can be populated with all statutory and clinical information
- Statutory collection and reporting included in the offering
- Updates provided on a regular basis at no extra cost
Pricing
£18.00 a unit
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
7 4 8 3 7 1 1 4 1 1 1 2 4 3 6
Contact
Clevermed Ltd
Jane Stephenson
Telephone: 01312217700
Email: jane.stephenson@clevermed.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
BadgerNet platform will have a published release schedule, which will document details of upgrades, feature enhancements and bug fixes. Releases are deployed by Clevermed to the Test environment two weeks prior to their deployment to the Live system. This period should be used by local speciality and IT departments to test and assess new versions of the Platform /BadgerNet Service(s) and immediately highlight any possible issues to Clevermed.
Reasonable notice will always be given to Trusts for maintenance and planned downtime. - System requirements
- HSCN Network access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
1- Critical - Problem resolution will be started immediately. Response within 30 mins.
2 - High - Problem resolution will start within 4 hours.
3 - Medium - Response one working day
4 - Suggestion - Response two working days. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Severity Levels are assigned at the time of logging the call. They are set out in more detail in the table immediately below, but in summary are as follows:
1. All Users are unable to access all patient records
2. A problem with one or more patient records where there is no viable workaround (including paper) that is directly stopping clinical care
3. System not performing as expected, but not preventing day to day use
4. Suggestions for change for improvement or enhancement of the System
Software is provided as 'Software as a Service' there are no different tiers of support. Support is available 24/7, 365 days a year with escalation to engineering support at all times for priority 1 support. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Fully project managed implementation with clinical specialist support including onsite training, online training, user documentation plus an advanced BadgerNet Academy for advanced skills.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- In the event of contract termination and/or a permanent data deletion request, the owner of the data will need to provide a written request signed by an approved representative, at which point Clevermed will export all data held on behalf of that Trust in a secure encrypted format. This export will include all the raw XML care record data, raw binary trend monitoring data (where applicable), plus any standardised reporting database extract databases. This will be provided in a standard SQL Server extract file which can be imported into any SQL server instance at the customer’s discretion. There are no charges for the return of the data via the method specified above. If any bespoke data transformation is required a quote will be provided following functional specification of the requirement.
- End-of-contract process
- Prior to the end of the contract customers will be offered renewal of terms.
Using the service
- Web browser interface
- No
- Application to install
- Yes
- Compatible operating systems
-
- IOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The BadgerNet Maternity system can be accessed by our Maternity app and Maternity notes.
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- There is an interface for clinical users and well as service users.
- Accessibility standards
- None or don’t know
- Description of accessibility
- Badger Notes is compatible with android and iOS accessibility features including Voice Over technology.
- Accessibility testing
- Badger Notes is tested for compatibility with android and iOS accessibility features including Voice Over technology.
- API
- No
- Customisation available
- Yes
- Description of customisation
- BadgerNet contains a range of system configuration so that the system is suitable for local clinical practice. This is limited in the clinical summary system but includes localisation of process picklists
Scaling
- Independence of resources
- The platform includes all necessary servers required to run the software (i.e. application and database servers) in a manner that is secure, highly performant, robust, resilient and scalable. Database load is monitored continuously in real time and autoscaling of resource is in place.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Specific types of data can be exported as excel, access or CSV files. Data may also be available in a local database copy for reporting purposes. In the event of contract termination or a permanent data deletion request, the owner of the data will provide a written request signed by an approved representative, at which point Clevermed will export data a secure encrypted format. This export will include all the raw XML care record data, raw binary trend monitoring data, plus any standardised reporting database extract databases. This will be provided in a standard SQL Server extract file.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- Access
- Excel
- HL7
- FHIR
- Data import formats
- Other
- Other data import formats
-
- Xml
- HL7
- FHIR
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
- The VMs, web applications, SQL server managed instance are connected privately to Azure virtual networks to allow controlled traffic to flow between them. This is backed with Azure Network Security Groups to tightly restrict network traffic between services. Access from the HSCN network is controlled by an Azure Application Gateway configured in Zone redundant HA mode with the a WAP firewall. Access to services from the internet is controlled via a separate Highly Available Azure Application Gateway. Each of these are established in separate virtual networks peered with necessary virtual networks running required services and controlled with Network security groups.
Availability and resilience
- Guaranteed availability
-
99.5% Availability.
Credit breach mechanism is in place if there are 2 breaches in consecutive months within a given quarter. % refund is offered on the next invoice. - Approach to resilience
-
The BadgerNet Platform is hosted in the Azure UK South region, comprising 3 data centres in the London region, utilising state of the art Azure technologies. To maximise high availability and resilience the platform is architected to take advantage of inherent resiliency/redundancy features of Azure, wherever possible PaaS services have been utilised with agreed SLA’s of 99.99% or greater (e.g. Azure SQL Managed instances, Azure Application Gateways). The general approach to resilience and redundancy of other components is to spread each key service with at least 2 instances across the 3 Azure zones in an always on fashion providing a level of redundancy and resiliency. In the event of data centre failure, automatic diversion of traffic provided by the Application Gateways and load balancers ensures the maintenance of a continuous service. Coupled with an infrastructure as Code approach to deployment, in the unlikely event of a data centre failure, the service will still function and rapid deployment of additional resource into the existing data centres facilitates a rapid return to full-service capacity.
Detailed log analytics /App insights are implemented, allowing continuous monitoring of service status, allowing triggering of Alerts in event of abnormal, degraded or malicious service activity. - Outage reporting
- Public dashboard and email notification to key contacts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- All management interfaces are accessed via 2FA. Online support channels are protected using the same method that is used for accessing patient data locally - this may be via federated authentication or username /password
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Intertek
- ISO/IEC 27001 accreditation date
- 21/03/2022
- What the ISO/IEC 27001 doesn’t cover
- Nothing
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- ISO9001: 2015
- NHS Digital - Data Security and Protection Toolkit
- SCCI0129/Version 4/2016 Clinical Risk Management Compliance
- Data Controller/Data Protection Register
- Data Protection Impact Assessment
- Business Continuity Plan
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- ISO72001 certification plus full suite of information governance policies:Access Control (incorporating identification and authentication; Encryption policy; Patching Policy; AV/Malware policy; Backup policy; Internet and email acceptable use policy; Clear desk and screen policy; Mobile device Policy; Remote working policy; Sanitization, reuse, disposal and destruction policy(incorporated in the Data Security and Use Policy); Business continuity plus Business Continuity Plan. Info security is also a key part of employee vetting and onboarding and annual training is mandatory. The policies provide detailed responsibilities for CEO, ISO, RAM(DPO), IAO and all staff. A procedure is in place for reporting information security incidents.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- This is a tightly controlled process that involves risk assessment of each new feature and change requests to the system or infrastructure. Infrastructure uses the current infrastructure as code approach with changes managed through a code repository alongside the system code. There is a tightly managed development and testing lifecycle with regression testing of all changes, a change freeze / lockdown period following release to test, internal production version testing of all release candidates and automated released procedures using a combination of Octopus Deploy release and Microsoft Devops release pipelines with extensive post release testing with rollback facility.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Windows Endpoint Security/Cloud Defender are used to identify and download available patches. Vulnerability notifications are also received from CareCert. Windows Endpoint Security updates are pushed out automatically to endpoints as they become available.Compliance with these updates is monitored by via Windows Endpoint Security Manager. Updates to the Clevermed Azure estate made available via Microsoft Cloud Defender are deployed to the Test environment in the second week of each month to allow the assessment whether deployment of the server patch poses a risk to existing systems. Patches safe to deploy are deployed to Production in the third week of each month.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Anti-virus and anti-malware controls and automatic quarantine facilities in place.
Real time intrusion detection monitoring and alerting via Graphana - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Users report incidents via online service console, phone or email. Incident reports are provided via online service console and updates via email to key contacts. Clevermed has a pre-defined incident management process in line with ISO9001 and ISO27001.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- NHS Network (N3)
Social Value
- Equal opportunity
-
Equal opportunity
Clevermed Ltd is committed to encouraging equality, diversity and inclusion among its workforce, and eliminating unlawful discrimination. The aim is for the workforce to be representative of all sections of society and customers, and for each employee to feel respected and able to give their best. Clevermed is fully committed to a policy of treating all its employees, job applicants, clients, learners, customers and the public equally in adherence with the Equality Act 2010. Clevermed will take reasonable steps to identify and respond to the needs of individuals with whom we work to ensure our services are accessible for all.
Clevermed Limited will take all reasonable steps to employ, train and promote employees on the basis of their experience, abilities and qualifications without regard to race, colour, ethnic origin, nationality, national origin, religion or belief, sex, sexual orientation, gender reassignment, age, marital or civil partnership status or disability. Clevermed Limited will also take all reasonable steps to provide working and learning environments in which all employees, learners and clients are treated with respect and dignity and that is free of harassment or discrimination based upon a person’s race, colour, ethnic origin, nationality, national origin, religion or belief, sex, sexual orientation, gender reassignment, age, marital or civil partnership status or disability. Clevermed Limited will not condone any form of harassment, whether engaged in by employees or by outside third parties who do business with Clevermed Limited.
Employees have a duty to co-operate with Clevermed Limited to ensure that this policy is effective in ensuring equality and in preventing discrimination, harassment or bullying. Action will be taken under Clevermed Limited’s disciplinary procedure against any employee who is found to have committed an act of improper or unlawful discrimination, harassment, bullying or intimidation.
Pricing
- Price
- £18.00 a unit
- Discount for educational organisations
- No
- Free trial available
- No