First Databank Europe Limited

AnalyseRx

AnalyseRx supports Primary Care Networks and Clinical Commissioning Groups in delivering proactive, well-governed, ongoing medicines optimisation across a patient population by providing actionable evidence-based best practice, safety and cost guidance integrated within existing clinical system workflows.

Features

• Automatic identification of medicines optimisation opportunities across a practice population
• Co-ordinate, manage and record opportunities on a patient-specific basis
• Proactive ongoing management of patients on repeat medications
• Measure the clinical and financial impact of medicines interventions
• Embedded within the clinical system - no separate log-in required
• Patient-specific algorithms ensure opportunities present in the right context
• Full and direct access to the patient medical record

Benefits

• Improve medicines safety, reduce ADEs and unplanned hospital admissions
• Optimise patient outcomes and experience, reduce unwarranted prescribing variation
• Improve operational efficiency and multi-disciplinary team working
• Maximise the clinical pharmacist resource
• Support the delivery of the Primary Care Network DES

£0.35 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at simon.radcliffe@fdbhealth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

795572787962867

Contact

Simon Radcliffe
07969292549
simon.radcliffe@fdbhealth.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements:
  • N3/HSCN connectivity required by Buyers (if appropriate for vendor)
  • Valid licence with vendor clinical system
  • Internet connection compatible with IE11 and above
  • Licence in place with FDB
  • Data Sharing Agreement activated in vendor clinical system

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: First-line Support for the Licensee’s System will continue to be provided in accordance with Licensee’s service levels with its Vendor System provider. For specific FDB Licensed Solution queries, FDB’s customer service department will be available during the Contracted Support Hours, being 9.00am to 5.30pm (GMT) Monday to Friday, excluding public holidays in England. Any queries to FDB will receive a response from FDB’s customer service department during the Contracted Support Hours. On receipt of the query from the Licensee, FDB will acknowledge via email to the Licensee the receipt of the query.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: A Dedicated Account Manager for the duration of the contract.; ; 1.1. First-line Support for the Licensee’s System will continue to be provided in accordance with Licensee’s service levels with its Vendor System provider.; ; 1.2. For specific FDB Licensed Solution queries, FDB’s customer service department will be available during the Contracted Support Hours, being 9.00am to 5.30pm (GMT) Monday to Friday, excluding public holidays in England.; ; 1.3. Any queries forwarded by Licensee’s nominated individual to FDB will receive a response from FDB’s customer service department during the Contracted Support Hours.; 1.4. On receipt of the query from the Licensee, FDB will acknowledge via email to the Licensee the receipt of the query.; ; 1.5. All queries received by FDB’s customer service department will be logged and assigned with a unique reference number.; ; 1.6. FDB shall ensure that a log is maintained in respect to each query raised by the Licensee.; ; 1.7. Whenever so requested by Licensee, acting reasonably at all times, and during Contracted Support Hours, FDB shall provide an update report from the log with respect to any Licensee related queries.; ; 1.8. Queries will not be accepted from Authorised Users directly. Only queries from Licensee’s nominated individual will receive a response
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onsite or virtual training on the use of the FDB AnalyseRx is provided to the Clinical Commissioning Group medicines management teams and Primary Care Network teams in the set-up period. On site demonstrations of how FDB AnalyseRx is implemented within the clinical software, and any necessary training, can be provided for GPs and practice staff. User guides, FAQs and associated training materials will be made available.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data extraction not required
• End-of-contract process: FDB AnalyseRx is an integral modular component of prescribing systems and can be instantly de-activated by removal of the Unity Portal, and deactivating the Data Extract Agreement.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Able to localise searches and filtered views within AnalyseRx

Scaling

• Independence of resources: We are using Azure Cloud services to enable us to be as scalable as required.

Analytics

• Service usage metrics: Yes
• Metrics types: User activity, prescribing budget cost savings, workflow reporting, medicines optimisation opportunity progress. Further detail can be found in the Service Definition Document attached below.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: The Encryption at Rest designs in Azure use symmetric encryption to encrypt and decrypt large amounts of data quickly.; A symmetric encryption key is used to encrypt data as it is written to storage. The same encryption key is used to decrypt that data as it is readied for use in memory.; Data may be partitioned, and different keys used for each partition.; Keys must be stored in a secure location with identity-based access control and audit policies. Data encryption keys are often encrypted with a key encryption key in Azure Key Vault to further limit access.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Usage reports can be exported for the licensee on request.
• Data export formats:
  • CSV
  • Other
• Data import formats: Other
• Other data import formats: Data provided by Vendor

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: In addition, we validate a buyer using JWT authentication
• Data protection within supplier network: Other
• Other protection within supplier network: Azure Cloud - Data is pseudonymised to a patient identifier (unique between vendor and supplier). We use managed identities to ensure our resources are communicating with one another securely. Production access is restricted via roles to a limited number of users.

Availability and resilience

• Guaranteed availability: FDB shall use reasonable efforts to ensure that the service will have a minimum uptime percentage of 99.99% at all times during the service provision time (excluding scheduled downtime and the duration of any force majeure event) in any month. Uptime is calculated on a monthly basis over each discrete calendar month by FDB.
• Approach to resilience: Available upon request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Unique JWT authentication generated by the user.
• Access restrictions in management interfaces and support channels: Azure Cloud - Data is pseudonymised to a patient identifier (unique between vendor and supplier). We use managed identities to ensure our resources are communicating with one another securely. Production access is restricted via roles to a limited number of users.
• Access restriction testing frequency: At least once a year
• Management access authentication: Other
• Description of management access authentication: Azure Cloud - Data is pseudonymised to a patient identifier (unique between vendor and supplier). We use managed identities to ensure our resources are communicating with one another securely. Production access is restricted via roles to a limited number of users.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Devices authorised to access the corporate network and associated systems are built, maintained and actively managed by a single business unit using AD policies and SCCM . Requests and incidents are managed within a single responsibility hierarchy using audit-enabled tooling.; ; Passwords are subject to best practice policy and enforcement and where possible all corporate-connected accounts are federated.; ; Staff are required to understand and adhere to a comprehensive IT policy and undergo annual assessment.; ; Software is developed under change-managed and independently governed processes and procedures.
• Information security policies and processes: Devices authorised to access the corporate network and associated systems are built, maintained and actively managed by a single business unit using AD policies and SCCM . Requests and incidents are managed within a single responsibility hierarchy using audit-enabled tooling.; ; Passwords are subject to best practice policy and enforcement and where possible all corporate-connected accounts are federated.; ; Staff are required to understand and adhere to a comprehensive IT policy and undergo annual assessment.; ; Software is developed under change-managed and independently governed processes and procedures.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The status, location and configuration of service components (both hardware and software) are tracked throughout their lifetime.; ; Changes to the service are assessed for potential security impact. Then managed and tracked through to completion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential new threats, vulnerabilities or exploitation techniques which could affect the service are assessed and corrective action is taken; Relevant sources of information relating to threat, vulnerability and exploitation techniques are monitored by FDB.; The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.; Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: FDB utilises internet security (Cloudflare) to identify potential compromises. As an Azure Cloud hosted service, we also benefit from Azure security alerts relating to unauthorised access.; Any events are analysed to identify potential compromises or inappropriate use of the service. We take prompt and appropriate action to address incidents.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management processes are in place for the service and are actively deployed in response to security incidents.; Pre-defined processes are in place for responding to common types of incident and attack.; A defined process and contact route exists for reporting of security incidents by Buyers and external entities.; Security incidents of relevance will be reported in acceptable timescales and formats.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The health of our planet is central to FDB's vision of a healthier world. Safeguarding the planet's future requires widespread, immediate action. ; ; Our carbon commitments already aim to align with the Greener NHS Net Zero targets and while we're continuing to surround our statement with a water-tight governance layer, we expect to enhance our commitments through 2023 and 2024 as these streams deliver more actionable outputs.; ; Our net zero targets:; ; - Reach operational net zero in scope 1 and scope 2 emissions by 2040.; - Reach operational net zero including scope 3 emissions by 2045.; Our primary short-term focus which will help deliver to our targets:; ; + Achieve ISO14001 certification.; + Complete full alignment with the Greener NHS net zero supplier roadmap.

  Tackling economic inequality

  We ensure that tackling inequality in the workforce is overseen by our Leadership Team (LT) and executed by our management team (MT), involving the wider workforce. Ultimate responsibility and accountability reside with our Managing Director. ; ; We believe the first step is to shine a light on current positions and raise awareness of any issues, so they can be addressed. ; ; We are aware of wider issues regarding inequality in employment, skills and pay in our market, so we ensure that our LT and MT have visibility of related metrics and participate in improvement programmes. ; ; We actively engage all employees using a web-based tool, Peakon, to ensure we understand concerns via anonymous bi-monthly surveys where everyone has the opportunity to provide feedback, suggest improvements and contribute to the improvements and changes FDB prioritise. ; ; We annually recruit two apprentices to encourage non-graduate workforce development and aim to provide them permanent employment upon programme completion. ; ; We have clearly defined career paths with regular reviews, feedback compiled using ‘Perform’ (online tool), appraisals and programmes to help workforce development. ; ; We use external agencies to provide company-wide menopause awareness training and offer dedicated support to relevant individuals.

  Equal opportunity

  We provide regular training and awareness-raising sessions on equality, diversity and inclusion topics e.g. unconscious bias, cultural competence, disability awareness, mental health and wellbeing.; ; FDB’s core values are expressed in simple and practical terms and aim to reduce gender bias in our adverts and job descriptions to help create a more inclusive workforce. ; ; We use inclusive and accessible recruitment practices e.g. diverse and unbiased recruitment panels, advertising vacancies through multiple channels. Application forms are available in large print, online or on paper, in different languages and all buildings where interviews and work take place are fully accessible. ; ; We offer a range of opportunities with progression routes, e.g. secondments and mentoring programmes, to attract and retain talent from under-represented or disadvantaged groups.

  Wellbeing

  FDB provide a range of employee benefits, including: ; -annual HWB allowances; ; -health cash-back scheme, with discounted shopping; ; -enhanced employer pension contributions; ; -options to purchase additional leave; ; -permanent health insurance scheme; ; -life assurance ; -2-days pa paid charity volunteering days, to serve the communities in which we operate ; Company-wide volunteering events ; -Salary Sacrifice schemes: ; -Cycle to work; ; -Pension contributions ; -Electric car lease

Pricing

• Price: £0.35 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: FDB can offer a trial version of our solution. This is subject to agreement between FDB and the contracting authority

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at simon.radcliffe@fdbhealth.com. Tell them what format you need. It will help if you say what assistive technology you use.