PRESCRIBING SERVICES LTD

NHS Eclipse Enterprise Service

The enterprise version empowers NHS ICBs to transform healthcare efficiency through: Centralised integrated database, Enhanced population health analytics, risk stratification, patient prioritisation, automated patient engagement, remote monitoring hubs, total out-patient management, admissions avoidance, primary care digital first solutions, digital patient portals (NHS-app linked), medicines optimisation, secure data environment for research.

Features

• Live Secure Centralised integrated NHS Platform optimising Insights and Impact.
• Monthly Live Reports on Key NHS England Clinical Outcome Data.
• Benchmarking your key ICB outcomes against other ICBs
• Allows ICB Commissioners to track live outcomes for implementations.
• Tracks Your Health Inequalities outcomes including NHS Core20PLUS priorities.
• Eclipse PHM ensures maximal privacy impact standards.
• Built in risk stratification and prioritisation capability
• Web based content and reporting configurability.
• Build in outcomes validation and continual improvement
• Built in patient engagement capability.

Benefits

• Integration within a fully secure and compliant infrastructure
• Flexible and Intuitive web-based access
• Risk stratification of vulnerable patient groups
• Population level analysis, prioritisation, implementation, validation
• Built in Intelligent patient engagement tools.
• Longitudinal tracking of PHM adherence and implementation.
• Enabling focus on holistic outcomes of patients.
• Translating PHM insights to patient level implementations

£1 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jake.finney@prescribingservices.org. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

768402023342860

Contact

Jake Finney
01553 615555
jake.finney@prescribingservices.org

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: The service is available only over the web. Access is restricted to authorised users. Routine maintenance and upgrades are minimised and aligned to central NHS assurance accreditation. Sensitive codes set by NHS England are excluded. The local requirements maybe constrained by local IG and security policies.
• System requirements:
  • Current Web Browser
  • Active Data Processing Contract in place
  • HSCN connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Training is given on commencement of live service. Email/ticket queries will be replied during usual business hours, we aim to respond within the hour of receiving a query. We have out of office support for any emergencies, as detailed in our user guide.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The Eclipse Service Management Function and support structures have completed central NHSE Assurance. ; ; Upon service commencement full user training is offered in the form of in person or remote and user guides are provided.; ; Each region has a dedicated account manager who can be contacted for any general queries during usual business hours, they have access to our technical team and IT support.; ; In addition our phone line operates during usual business hours alongside our email inboxes.; ; Onsite training can be offered depending on customer need.; ; All costs are included within our service price.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All training, implementation and on-going support activity within Eclipse has completed central NHSE Assurance. Training is implemented in line with client and end user preferences and learning need analysis. Training is delivered in person, or remotely, one to one or in groups. User manuals and support materials are available within the service platform and utilised within training events. Service demo's are provided and training impact is validated with end users.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The Eclipse Platform utilises dynamic data flow derived from the Clinical Systems and as such data extraction when the contract ends is not required.
• End-of-contract process: Upon contract closure and at the customer’s request, all data associated with the customer organisation is deleted. This is included in the price of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/A
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Web based Clinical Support Platform
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Testing ensures digital accessibility for people with disabilities. We are continually improving the user experience for everyone, and applying the relevant accessibility standards.
• API: No
• Customisation available: Yes
• Description of customisation: Our service platform is designed to be modular and is continuously updated to meet user requirements. Approved end users can configure data presentation and preferences.

Scaling

• Independence of resources: Service Platform capacity, availability and performance monitoring is maintained 24/7. All Eclipse services have completed rigorous NHS England service functionality assurance.

Analytics

• Service usage metrics: Yes
• Metrics types: - Our service tracks service usage metrics including key performance indicators as defined locally and priority project indicators for equality, safety and admissions avoidance.; ; - In addition to qualitative insights, all activity is tracked for audit and quality purposes.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Reports can be exported into Excel / CSV / PDF Formats.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: The environment is protected behind firewall security, and data is accessible by authorised personnel only.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: The environment is protected behind firewall security, and data is accessible by authorised personnel only.

Availability and resilience

• Guaranteed availability: In compliance with our NHS central assurance and terms we use reasonable endeavours to maintain a service minimum availability percentage of 99.99% through service provision (excluding scheduled downtime) in any calendar month.
• Approach to resilience: Systems are hosted on virtualised infrastructure to ensure scalability, high availability and reduce single point of failures. All infrastructure implements an N+1 policy to ensure rapid resolution of infrastructure downtime. Frequent backups, database mirroring and multiple servers in separate geo-locations ensure robust resiliency. Data processed by our accredited data centre is hosted within industry standard data platform that conforms to industry best practices (ISO27001 & G-Cloud IL3) and standards for security as defined in the relevant contract terms and conditions.
• Outage reporting: As per our accreditation as a NHS centrally assured clinical support provider our service platform is continually monitored for any interruptions or outages. This is implemented within our Data and Service Management team function. In the event of any issues all end users and stake holders are updated via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Services apply Role Based Access Control (RBAC), to manage which functions a user has access to and which views they are able to see. This leverages local administration rights and approvers.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 19/02/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS Digital Assured
  • DTAC
  • NHSE Section 251 Status
  • Data Security and Protection Toolkit
  • ICO. Data Protection Register

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Aligned to our British Assessment Bureau certification ISO 27001:2022 we have established Information Security Management systems (ISMS) that ensure our overall approach to information security and the processes we follow, encompassing the information security policy. Regular ISMS review meetings review and refine the functioning of the ISMS, and progress against actions arising from internal audit and external ISO assurance visits. There is a formal annual review of the ISMS to further ensure its continuing suitability and correct implementation.; Annual internal audit is used to ensure policies are being followed and identify any remedial actions required.; To support the effective delivery of information security, we train all staff on induction, and as part of annual Information Governance refresher training. This approach delivers against our Information Security policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: In line with our central NHS assurance we implement a standard ITIL deployment methodology for all Design, Development and Change Management practices for software and platform releases. We use a standard methodology to log, track and manage change requests. All Releases and changes are version controlled through our Change Management process. All system changes complete UAT and Release requirements.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management approach consists of a combination of internal vulnerability scanners, system monitoring and industry sources. We apply patches within 14 days of their release, unless regarded as urgent which are implemented upon release . We also utilise the NHS CARE-cert and nationally recognised industry vulnerability publications.; We also undertake regular penetration testing against OWASP top 10.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Utilising real time firewall based Intrusion Detection / Prevention Systems (IDS / IPS) to actively monitor and prevent intrusions. Alerts are issued on any suspicious activity and investigated immediately by the technical security team.
• Incident management type: Supplier-defined controls
• Incident management approach: In line with both our central NHS assurance obligations and established industry standards all reported incidents are received and managed by our Data Security and Governance Team. The team implements a standard approach raising an event report, completing a clinical risk assessment, root cause analysis, and resolution report. All events are managed through our established escalation process and defined with NHS England.; All documentation is shared with key stake holders and subject to senior team review.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Eclipse has implemented steps to effectively measure climate change with respect to greenhouse gases, waste and water as part of our carbon reduction plan in line with NHS Net Zero aspirations. ; 1. Measurement: ; Greenhouse Gases: We employ a greenhouse gas (GHG) measurement protocol following internationally recognised ; Waste: To measure waste generation, we track waste streams at all stages of our operations.. ; Water: For water management, we implement a water footprint analysis to measure our consumption, with monthly site measurements and analytics. ; 2. Reduction Strategies: ; Greenhouse Gases: Our GHG reduction strategies include investing in energy-efficient technologies, transitioning to renewable energy, optimising transportation (all company cars are electric, and logistics to reduce emissions, promoting sustainable practices within our supply chain. We set ambitious emission reduction targets aligned with science-based targets to limit global warming. In addition, we have our own charity, MyTree4Life, that is currently providing an international centre for reforestation in Tanzania (https://www.mytree4life.org/). ; Waste: To reduce waste generation, we emphasise waste minimisation through recycling programmes, and waste-to-energy initiatives. As an IT service with predominantly web-based workflows, product and packaging waste is minimal – we aim to further minimise waste through environmentally conscious office practices such as minimal printing and paper utilisation. ; Water: Our conservation strategies involve implementing water-efficient technologies, conducting water risk assessments, and engaging in community-based water stewardship initiatives. We set targets to reduce water usage and improve water quality. ; 3. Ongoing Effectiveness Review: ; We conduct regular audits of our GHG emissions, comparing them to baseline data and target reductions. ; Waste: We track waste generation data on a monthly basis and conduct waste audits to identify areas for improvement. ; Water: usage data is reviewed quarterly; summary, we are committed to continuous improvement and transparency in our sustainability efforts to mitigate climate change and protect the environment.

  Covid-19 recovery

  Our service implementation is specifically designed to empower localities to both optimise outcomes and enable local work force priorities and allow local work forces to recover from covid-19 due to the creation of local high quality jobs. This can incorporate local workflow preferences and engagement targets. We work with Practices, their Patient Participation Groups and other key local stakeholders to ensure both recipients of the service and those involved in its implementation can be matched to local employment priorities. All service delivery will conform with best practice NHS project implementation. ; ; We implement our services very much in conjunction with our service users and their communities. This is a priority given our experience over the last 10 years+ of implementing clinical support services across more than 80 CCGs. We invite local input throughout the service to optimise design, objective, implementation, and validation to reflect local priorities. ; ; Recognising the impact of COVID-19 on young people aged 16-24, we have prioritised our education engagement activities. Our training arms offers traineeships and work placement opportunities.

  Tackling economic inequality

  Our service implementation is specifically designed to empower localities to both optimise outcomes and enable local work force priorities and allow local work forces to recover from covid-19 due to the creation of local high quality jobs. This can incorporate local workflow preferences and engagement targets. We work with Practices, their Patient Participation Groups and other key local stakeholders to ensure both recipients of the service and those involved in its implementation can be matched to local employment priorities. All service delivery will conform with best practice NHS project implementation. ; ; We implement our services very much in conjunction with our service users and their communities. This is a priority given our experience over the last 10 years+ of implementing clinical support services across more than 80 CCGs. We invite local input throughout the service to optimise design, objective, implementation, and validation to reflect local priorities.

  Equal opportunity

  We have a robust and equality lead safer recruitment policy, ensuring that our recruitment processes are inclusive and that there are equal opportunities for all. With this in mind we are a disability confident committed employer and we are committed to paying ‘the real living wage’ for all of our employees.

  Wellbeing

  Embedding Effective Measures for Health and Wellbeing in the Workforce:; we prioritise the health and wellbeing of our workforce as a fundamental aspect of our corporate responsibility. We understand that a healthy and happy workforce is more productive and engaged. To achieve this, we have implemented comprehensive measures that encompass both physical and mental health, which are constantly evaluated and improved upon. ; ; 1. Measuring Physical and Mental Health/Wellbeing: ; ; Physical Health: ; • Health Assessments: We conduct regular health assessments for our workforce; • Ergonomic Assessments: We assess the ergonomic conditions of workstations and job tasks to ensure they are conducive to good physical health. Adjustments are made as needed to prevent workplace injuries. ; • Health Promotion Campaigns: We run regular campaigns on topics like smoking cessation, healthy eating, and stress management to educate and encourage healthier lifestyles. ; Mental Health: ; • Mental Health Awareness: We provide mental health awareness training to all workers, equipping them with the knowledge and tools to identify signs of mental health issues in themselves and their colleagues. ; • Stress Management Programmes: We offer stress management programmes and resources, such as mindfulness workshops and stress-reduction techniques, to help workers manage workplace and personal stressors. ; • Regular Check-Ins: Supervisors conduct regular one-on-one check-ins with workers to assess their mental wellbeing, ensuring they feel supported and heard. ; 2. Reviewing Measures for Ongoing Effectiveness: ; Physical Health: ; • Data Analysis; • Worker Feedback ; • Continuous Improvement ; Mental Health: ; • Anonymous Surveys: ; • Training Effectiveness: ; ; In summary, Eclipse is committed to creating a workforce environment that promotes and protects the physical and mental health and wellbeing of our employees. We recognise that a healthy workforce is essential for success, and we continuously strive to enhance the support we provide. This contributes towards the high retention and extremely low employee turnover rates.

Pricing

• Price: £1 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: NHS Integrated Care Systems are able to trial the Eclipse Enterprise Platform modules to validate their impact. The free trial will be available for 6 months. Only a maximum of three services may be selected and clear achievement targets agreed to allow formal evaluation to be implemented and impact demonstrated.
• Link to free trial: Www.eclipselive.org/icbfreetrial_eclipseenterprise

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jake.finney@prescribingservices.org. Tell them what format you need. It will help if you say what assistive technology you use.