McKinsey & Company, Inc. United Kingdom

McKinsey My Clinical Feedback

My Clinical Feedback empowers paramedics to improve outcomes. It provides ambulance clinicians with the outcomes of the patients they have attended, transforming the way that staff learn and develop, empowering them to improve their decision making, leading to safer and more efficient care, with better outcomes for their patients.

Features

• View your recent patients and their outcomes
• Explore the details of your patients' care
• Review conveyance decisions and destinations
• Understand why patients recontacted
• Keep reflections to build professional development portfolios
• Save patients for clinical case discussion and reflection
• Reflect on recent trends in your referral and conveyance decisions
• Support morbidity and mortality reviews
• Improve UEC pathways with integrated data views
• Identify patient safety concerns

Benefits

• Support staff wellbeing by providing closure on patients they see
• Provide ambulance clinicians with feedback on their patient's outcomes
• Improve future decision-making by supporting reflection on past decisions
• Empower paramedics to reflect on pathway choices and referrals
• Support anonymouse case discussion and review
• Establish morbidity and mortality review processes among ambulance clinicians
• Empower paramedics to take better, safer decisions in future
• Benefit from an integrated UEC dataset to explore pathway improvements
• Identify patient safety concerns using integrated mortality data

£0 to £0 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenderadmin@mckinsey.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

811762452381504

Contact

Michael McCarthy
+44 (20) 7839 8040
tenderadmin@mckinsey.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: If the buyer wants to use this service on FDP (ie as a opposed to SaaS version which is hosted on McKinsey), the buyer will need to have it's own Palantir Foundry instance.
• System requirements:
  • Products are proposed as SaaS (ie hosted by McKinsey)
  • Or as FDP hosted products
  • Application accessed via web-browser on recent Macbook or PC
  • Processor 1.9GHz x86- or x64-bit dual core processor
  • With SSE2 4-GB RAM
  • DisplaySuper VGA with a resolution of 1280x720 min

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: On best effort basis
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Service offers the following to all clients as part of its service :; Level 1: Technical Support (ie connection, login, password) is transferred over to client technical support teams, who are able to manage users, passwords and authentication using platform or standard FDP tools (if hosted on FDP). ; Level 2: Each client is assigned a Service Delivery Manager who is responsible for the successful delivery and ongoing performance of the software. They are reachable by email or phone from 9 to 5 (UK time), Monday to Friday. ; Level 3: Support: Product developement team can only be access by Service Delivery Manage
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite or virtual training is available for clinical team managers, who can be coached to train their own teams. ; A comprehensive suite of help materials, documentation and FAQs support users.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The documentation will be accessible via the application. Client specific documentation will be made accessible via secured Sharepoint folder.; All data remain within, and within the control of, the ambulance trust. Users would be able to extract any reflections they have made within the application by using export functionality.
• End-of-contract process: A full decommissioning process is in place. Data destruction certificated is issued of relevant

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Optimised for iPad or tablet, but can also be used comfortably from a desktop.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The front-end deployment of My Clinical Feedback can be tailored to the needs and working practices of your ambulance crews. ; The scope of the data presented, and the deployment route, can be adjusted depending on your information governance constraints and requirements.

Scaling

• Independence of resources: Single-tenant serverless technology architecture that scales in line with user demand.; ; Each layer of the service can be scaled independently as required.

Analytics

• Service usage metrics: Yes
• Metrics types: # of users logging on per month; ; # of users logging on four times per month; ; # of users storing reflections on patients; ; # of users saving patients for discussion.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: All data hosted on McKinsey systems are natively encrypted at rest with KMS solution.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Export of data by users directly from the application is not yet supported, but in coming versions we expect to allow users to export any reflections they make within the application. ; The underlying data can be exported to client systems, however patient data cannot be extracted from the application without specific approval of the data controllers' data protection officers and Caldicott Guardians.
• Data export formats: Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Only super-users or data-owners can request to load additional data
  • Data are loaded in CSV_format or Parquet_format via data pipeline

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: IP whitelisting using Web Application Firewall
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: IP whitelisting using Web Application Firewall; Proper network segmentation using Network Access Control Lists, Security Groups, Identity and Access Management

Availability and resilience

• Guaranteed availability: 99% up time, best effort
• Approach to resilience: Serverless technology, high availability built into application architecture.
• Outage reporting: Outage reporting via email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Other
• Other user authentication: User authentication is managed by federation with an existing provider, for example NHSMail SSO. ; Multi-factor authentication, either with app-based passcodes or a hardware token, is required. This is enforced as a default by the service if it is not provided by the deferated authentication provider.
• Access restrictions in management interfaces and support channels: Buyer has full control over access-management of the application itself. Purpose-based access controls are used to define groups of users who have access to applications and services. Management-interfaces and support channels are strictly reserved to buyer-defined groups of 'management'-users. ; Access to management-interfaces and support channels on McKinsey Systems are strictly reserved to McKinsey support-staff (Tech Lead and Site Reliability Engineering). Support staff to identify to management interfaces and support channels via Okta JWT token identity management and auth approach using multi-factor authentication (MFA). Principle is least access is followed. RBAC is used. Periodic evaluation of all accesses is in place.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 16/11/2023
• What the ISO/IEC 27001 doesn’t cover: Data processing activity is covered by ISO27001. Web app hosting is not covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Hitrust for data processing
  • DSPT (https://www.dsptoolkit.nhs.uk/OrganisationSearch/8HQ81)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC 2; McKinsey has a Firm wide policy of not sharing any internal confidential documentation such as our security policies, procedures, audit reports or similar with any client. To address this issue we have developed an Information; Security Program Overview available on https://solutions.mckinsey.com/msd/information_security_overview.pdf
• Information security policies and processes: ISO27001, Hipaa, Hitrust for data processing

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and change management processes are governed by the Product Security review standards. Product configuration releases are submitted for approval via a Product security review request and require pentest if deemed significant.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability Management process is fully established and operational on all computing resources across Platform McKinsey. This covers the scanning, patching and penetration-testing routines. There are also various security hardening techniques used, e.g. containerized separation of system kernel space from user space to protect the host systems.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Platform McKinsey is fully logged and monitored on a continuous basis. All logs are collected real-time and sent to the Firm’s globally established SOC team with 24/7 response capabilities via a centralized log analysis and aggregation platform.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: In case of a security incident, the Firm's Security Operations Centers create a security incident ticket in SNOW, which is auto-assigned to the product teams and traced for immediate remediation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: FDP

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In 2018, McKinsey became 100% carbon neutral globally and join RE100, a group committed to using 100% renewable electricity. We have committed to purchasing 100% renewable electricity by 2025 (at the end of 2019, London office achieved 100%). We are members of the Science Based Targets initiative (SBTi), a public commitment to join the Business Ambition for 1.5°C campaign. Commitments include reducing absolute scope 1 and 2 GHG emissions 25% by 2025 from a 2019 base. We are also members of the World Business Council for Sustainable Development.; Our Code of Professional Conduct serves as a guide to our values and policies in action and our internal policies reinforce our commitment to delivering environmental benefits. We have a global environmental policy which outlines our targets and expectations and applies to all locations and our 30,000+ colleagues globally. ; Our Supplier Code of Conduct outlines our expectations of our suppliers, including in environmental sustainability. We work with suppliers to reduce their footprint, making this a core topic in commercial conversations and we support clients on sustainability through Vivid Economics, Planetrics, and our Sustainability Practice, helping them transition to a low-carbon and sustainable-growth economy, supporting 2,000+ projects with 800 clients in the last 3-years. We are Platinum rated by EcoVadis, placing us in the top 1% of >60,000 evaluated organisations globally, which measures impact on: environment, ethics, labour and human rights, and sustainable procurement. ; Our internal Go Green awards recognise colleagues and Green Teams in 100+ offices globally who have implemented 300+ initiatives to support environmental protection and improvement, leading to outcomes such as 30,000kg of office waste converted into recycled stationary. ; McKinsey’s approach to environmental management is accredited under ISO 14001, and we make every effort to minimise energy consumption, use of natural resources and waste generation.

  Covid-19 recovery

  McKinsey is committed to reinvesting in social impact work in the UK and supports the social sector through pro-bono projects. Particularly during the COVID response, this included supporting Oak National Academy’s launch which has delivered 20m online lessons to 4.7m users over the past 12 months. We established the McKinsey COVID Response Centre, a public online portal providing resources, tools and data that help decision makers across governments, organisations and businesses make real time decisions and guide their institutions through the new normal. With 34 million views by the end of 2020, our 600+ COVID-related publications helped support leaders and others adapt to new ways of working and help business recover from the impacts of COVID-19. It also connects SMBs and SMEs with the support and resources they need and showcases conversations with leaders responding to the crisis.; We supported COVID-19 recovery efforts by rolling out a comprehensive health and safety plan in our offices, which includes measures such as daily registration to use the office, mandatory training on COVID-19 protocols, effective social distancing, mask wearing and meeting room guidance (such as limiting meeting room capacity and implementing a colour-coding system). ; We expanded our flexible working arrangements to reflect the impact of the COVID-19 pandemic. For example, we provided leaves of absence, flexible working and backup child- or eldercare solutions to help colleagues tackle challenges caused by the COVID-19 pandemic on their spheres of home and work.

  Tackling economic inequality

  As part of the United Nations Global Compact, McKinsey´s committed addressing economic inequality. We launched Generation UK to provide skills training and employer matching to unemployed youth, which has a 97% graduation rate and 80% job placement within 3 months of graduation. We also supported the Felix Project’s mission to eliminate food poverty in London by developing a plan to deliver >70m meals annually as they scale-up. We also support Rare Recruitment initiatives.; Every year we work with >600 NPOs through pro-bono services and volunteering and run initiatives that help grow SMEs and VCSEs, like FUEL, which has hosted 100 innovation bootcamps, with >600 McKinsey colleagues getting involved. We also supported ‘Be-The-Business’ in developing their technology enablement strategy for UK SMEs, Oxfam, Save the Children and Teach First in their business and organisational planning with pro-bono services.; We collaborate with educational organisations, such as IntoUniversity and Sutton Trust, to support and provide mentorship to young people from disadvantaged backgrounds to attain a (better) place in higher education establishments. We also provided mentoring to college students (16-17 year old) from schools in disadvantaged regions in the UK and university graduates in collaboration with Lambeth College, the Office for AI.; We hold our suppliers to our high standards of social responsibility. We aim to create a diverse supply chain to deliver our contracts. Our target is to double our spending with diverse suppliers within three years, to include more new organisations, SMEs and VCSE organisations, helping to diversify the supply chain to deliver our contracts. At McKinsey, diversity, equity, and inclusion are not just moral imperatives, they are integral to our dual mission—to help our clients make substantial, lasting performance improvements and to build a firm that attracts, develops, excites, and retains exceptional people.

  Equal opportunity

  McKinsey have long sought to advance diversity and inclusion in our own firm, in our clients, and in society more broadly, as well as to foster an inclusive culture, where every colleague - regardless of background - feels a deep sense of respect and belonging. Through PRISM (Progressing Representation and Inclusion in Social Mobility community), we´re prioritising social mobility in recruiting and broadening access to McKinsey Careers. ; McKinsey is an equal opportunities employer actively supporting the recruitment, development and retention of skilled women (47% of employees in McKinsey are women), LGBTQ, persons with disabilities and persons representing different generations, political or religious beliefs, socio-economic backgrounds, nationalities, ethnicities and ethnic minorities. Examples include:; - “Access McKinsey” supports all colleagues with disabilities. The network shares best practices and raises awareness of disability issues;; - “McKinsey Black Network” is 30 years old and has created a series of initiatives to make McKinsey more accessible for black talent, e.g., we launched the Sophomore Diversity Leaders Internship programme for minority students at US universities;; - “GLAM network” (LGBTQ+ at McKinsey), has been the focus of our commitment to LGBTQ+ inclusivity since 1995. GLAM works to make McKinsey a place that attracts, supports, respects, and retains talented LGBTQ+ professionals.; ; We’ve been globally recognised and are ranked #1 for Diversity & Inclusion by Vault.com and consistently rated in the top 10 best companies by Working Mother magazines since 2015. For 14 consecutive years, we’ve achieved a 100% score in the Human Rights Campaign Foundation’s Corporate Equality Index. In the UK, we´re proud to have been featured in the Times Top 50 Employers for Women for over 10 years, recognising the support we provide to women in building skills and progressing their careers.

  Wellbeing

  We are deeply committed to supporting the Health and Wellbeing, including physical and mental health, in our contract workforce. We have a market-leading reputation for looking after our people, and a lasting commitment to improving mental health and wellbeing – both within our firm and across the communities we serve. For our colleagues at McKinsey, we bring this commitment to life through our Values, our Code of Professional Conduct, and our policies and practices related to Health and Wellbeing–much is set out in our Social Responsibility Report, particularly ‘Living our Values’. We will use our previous experience to ensure that our research methods are inclusive and representative of all relevant groups, regardless of background or ability.; Central to our employee's wellbeing is the freedom to work on projects they are passionate about and to contribute to their community through work and voluntary work. Our employees use their skills and knowledge to help charities (we have dedicated 222,000+ hours to social initiatives). Each employee has 3 fully paid volunteering days per year. Also, every McKinsey office donates to charities selected by employees. ; Finally, we have a range of policies and initiatives to support our colleagues’ mental and physical wellbeing. For example, our Mind Matters initiative provides early intervention support and clinical resources such as counselling, training and communications resources. We offer a range of family support packages including emergency childcare and dedicated education support workshops. And to support work-life balance, our Take Time programme gives colleagues the option to take an extra five to ten weeks off between projects, while My Experience supports employees holistically "mind, body, and purpose" in their day-to-day projects and teamwork.

Pricing

• Price: £0 to £0 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenderadmin@mckinsey.com. Tell them what format you need. It will help if you say what assistive technology you use.