MEDOPTIMISE LIMITED

MedOptimise

MedOptimise is a Decision Support System for recommending clinical decisions for patient care. It is a Complete Medicines Optimisation Tool for ICBs, PCNs and Practices. It helps to improve quality, reduce risk, identify savings, and enhance cost-efficiencies. MedOptimise is evidence-based using NICE, and other resources for optimising patient clinical outcomes.

Features

• MedOptimise provides an SMR template within EMIS Clinical System.
• Reduce risk of adverse drug reactions via risk stratification.
• Instant clinical decision support in face-to-face consultation.
• Automated flagging of deviation from self-care.
• Supports medicine optimisation decisions- alone or within EMIS clinical system.
• Real time price tracker of medicines cost-effectiveness.
• Improve patient safety by actively reducing over-prescription.
• Reduce hospitalisation rates.
• Flags overspend on specials, high-cost drugs, helps direct switching.
• Capture prescribing safety QOF points and showcase quality impact.

Benefits

• Instantly see overprescribing in patient medicine records.
• Structured medication reviews on pre-formatted template.
• Determine drug spend by practice, PCN, CCG, or STP.
• Directly see opportunities and savings from medicine optimisation teams.
• Achieve QOF prescribing indicators targets.
• Design bespoke switch programmes for your team or practice.
• Use evidence-based guidelines to recommend clinical decisions for patients.
• Enhance clinical pharmacy team workstream delivery.
• Early in-year achievement of ICS, CCG, and QIPP programmes.
• Optimises satisfactory clinical outcomes in patients.

£0.03 to £0.10 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sean@medoptimise.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

818358232307700

Contact

SEAN MACKEY
07985749181
sean@medoptimise.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: N/A – our service has no constraints stemming from either planned maintenance arrangements or support being limited to specific hardware configurations.
• System requirements:
  • N3/HSCN connectivity
  • Licence with EMIS clinical system
  • Internet connection compatible with IE10 and above Data Sharing Agreement

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: First-line Support for the Licensee’s System will continue to be provided in accordance with Licensee’s service levels with its Vendor System provider. For specific MedOptimise Ltd queries, MedOptimise’s customer service department will be available during the Contracted Support Hours, being 9.00am to 5.30pm (GMT) Monday to Friday, excluding public holidays in England. Any queries to MedOptimise will receive a response from MedOptimise’s customer service department during the Contracted Support Hours. On receipt of the query from the Licensee, MedOptimise will acknowledge via email (within 24 hours) the Licensee the receipt of the query.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We have undergone testing in line with WCAG 2.1 A.
• Onsite support: No
• Support levels: MedOptimise will provide a Dedicated Account Manager for the duration of the contract. Account Managers will provide the following support levels for all clients/Licensee’s:; ; 1. First-line Support for the Licensee’s System provided in accordance with Licensee’s service levels with our Vendor System provider.; ; 2. For specific queries, our customer service department will be available during the Contracted Support Hours (9:00am to 5:30pm (GMT) Monday to Friday), excluding public holidays in England.; ; 3. Any queries forwarded by the Licensee’s nominated individual to MedOptimise will receive a response from our customer service department during the Contracted Support Hours outlined above.; ; 4. On receipt of the query from the Licensee, MedOptimise will acknowledge via email the receipt of the query.; ; 5. All queries received by our customer service department will be logged and assigned with a unique reference number.; ; 6. MedOptimise shall ensure that a log is maintained in respect to each query raised by the Licensee.; ; 7. When requested by a Licensee during Contracted Support Hours, MedOptimise shall provide an update report from the log with respect to any Licensee related queries.; ; 8. Queries will not be accepted from Authorised Users directly. Only queries from Licensee’s nominated individuals will receive a response.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Virtual training on the use of the MedOptimise is provided to the Clinical Commissioning Group medicine management teams and Primary Care Network teams in the set-up period. Video link demonstrations of how MedOptimise is implemented within the clinical software, and any necessary training, can be provided for GPs and practice staff. User guides, FAQs and associated training materials will be made available.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Download all relevant data as a CSV file.
• End-of-contract process: MedOptimise is an integral modular component of prescribing systems and can be instantly de-activated by removal of the API within the clinical system and deactivating the Data Extract Agreement. ; ; We host our services and associated data in a cloud environment allocated to each Licensee. We adhere to all relevant guidelines and legislation including GDPR and ICO during the extraction of data. At the end of contract, we allow users to extract data through reports provided in CSV format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our mobile tool is a standalone tool only.; ; There are no differences between Desktop and Mobile. Our tool is accessible via the internet and is designed to be responsive on mobiles.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Clinical Commissioning Groups, PCNs, and ICSs can:; 1. Create locality-based cost-effective medicines switch programmes; 2. Create Bespoke Prescribing Safety Audits; 3. Create Structured Medication Reviews using pre-installed templates; 4. Can pre-set specific factors inpatient medicines profile; 5. Can select individual Spend of GP practices or PCNs to determine areas of highest spending for targeted interventions; ; Users can design programmes and customise the application by selecting specific fields based on:; Locality,; BNF chapters,; Disease states,; Care Homes, GP Practice, NHS England Priority e.g. DLCV, High-Cost Drug etc, Network-DES specification.; ; Any member of the Buying organisation or 3rd party authorised by the buyer can customise the tool. Cost-Effective switches can be planned to cover 60% to 100% switch success rates and can be calibrated over 12months 9months 6months or 3months

Scaling

• Independence of resources: We are using Amazon Web Services RDS and EC2 to enable us to be as scalable as required. The Amazon RDS includes the following features to allow us to mitigate scaling issues:; • Push-button compute scaling – this allows us to scale the compute and memory resources powering deployment up or down, up to a maximum of 32 vCPUs and 244 GiB of RAM.; • Easy storage scaling – the Amazon Aurora engine automatically grows the size of our database volume as database needs increase, up to a maximum of 64 TB. This is conducted without any requirement for downtime.

Analytics

• Service usage metrics: Yes
• Metrics types: User activity, prescribing budget cost savings, workflow reporting, medicines optimisation opportunity progress. Further detail can be found in the Service Definition Document attached below.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Protection of data at rest is in accordance with Amazon AWS EC2 encrypts data using industry XTS-AES-256 and one-time keys.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can export their data within the app via report filters and download buttons to create custom reports.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • PDF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: Data Protection within supplier network - Amazon AWS - Data is pseudonymised to a patient identifier (unique between vendor and supplier). We use managed identities to ensure our resources are communicating with one another securely. Production access is restricted via roles to a limited number of users.

Availability and resilience

• Guaranteed availability: MedOptimise shall ensure that the service will always have a minimum uptime percentage of 99.99% during the service provision time (excluding scheduled downtime and the duration of any force majeure event) in any month. Uptime is calculated monthly over each discreet calendar month by MedOptimise Ltd. ; ; If the Annual Uptime Percentage for a customer drops below 99.95% for the Service Year, that customer is eligible to receive a Service Credit equal to 10% of their bill (excluding one-time payments made for Reserved Instances) for the Eligible Credit Period. To file a claim, a customer does not have to have wait 365 days from the day they started using the service or 365 days from their last successful claim. A customer can file a claim any time their Annual Uptime Percentage over the trailing 365 days drops below 99.95%
• Approach to resilience: Available upon request.
• Outage reporting: MedOptimise reports on any outages via email and in App notifications. These notifications will advise of the occurrence of the outage, what the cause of the outage is likely to be, how the outage is being actively managed, and when the service will be restored to full functionality.; ; Further reassurance is provided to customers with details of whom to contact within MedOptimise to facilitate the restoration of the service or for any further enquiries.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: AWS Identify and Access Management (IAM).; ; IAM provides authentication and authorisation – access is denied by default and is allowed only when a policy explicitly grants access. Our policies are attached to specific roles and resources to control access across the service. We grant least privilege across permissions for all tasks to minimise security risk – this defines the actions that can be taken on specific resources under specific conditions. These rely on temporary security credentials in line with security best practice.; ; To restrict access, we implement Deny statements for specific aspects of management interfaces and support channels wherever necessary.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY Certify Point
• ISO/IEC 27001 accreditation date: Sept 29th, 2021
• What the ISO/IEC 27001 doesn’t cover: What is not covered by the certification: All Aspects of ISO 27001 covered by certification.; ; Certification level: ISO/IEC 27001:2013
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: March 22nd, 2022
• CSA STAR certification level: Level 4: CSA C-STAR Assessment
• What the CSA STAR doesn’t cover: All aspects of CSA STAR covered by certification.; ; Certification accredited by EY Certify Point.
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • DSPTK
  • Information Commissioners Office (ICO) Certificate Number ZA418891
  • DCB 0129 Clinical Safety Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: We follow the SOC2 Type 1/Type 2 and ISO 27001 standards for information security process/policies. Our reporting structure is as follows: ; 1. Projects Implementation Lead reports to CEO; 2. Cyber Security Officer reports to Projects Implementation Lead; 3. Security team report to Cyber Security Officer; ; The above process has been certified as satisfactory by our Data Protection Officer (DPO).; ; The company Directors oversee the above process. All contractors, current and new, are made aware of our Information Security Policy upon commencement of services. ; ; Policies are regularly audited and monitored for compliance through a number of manual and automated processes to monitor compliance and deviations are actioned when needed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: MedOptimise’s configuration and change management processes are managed by AWS on our behalf. AWS has robust and comprehensive security policies.; ; We utilise AWS as our sub-processor. ; ; The status, location, and configuration of service components (both hardware and software) are tracked throughout their lifetime.; ; Changes to the service are assessed for potential security impact, then managed and tracked through to completion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MedOptimise’s vulnerability management process is managed by AWS on our behalf. AWS has robust and comprehensive security policies.; ; We utilise AWS as our sub-processor. ; ; Potential new threats, vulnerabilities or exploitation techniques which could affect the service are assessed and corrective action is taken.; ; Relevant sources of information relating to threat, vulnerability, and exploitation techniques are monitored by MedOptimise.; ; The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.; ; Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: As an Amazon AWS EC2 Cloud-hosted service, we also benefit from AWS security alerts relating to unauthorised access. AWS EC2 allows us to receive a history of all EC2 API calls made on our account for security analysis and operational troubleshooting. They also provide Trusted Advisor Security Checks to inspect our hosting environment for potential compromises and make recommendations to improve performance and close security gaps.; ; Any events are analysed to identify potential compromises or inappropriate use of the service. We take prompt and appropriate action to address incidents.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management processes are in place for the service and are actively deployed in response to security incidents. This involves Containment and Recovery, reporting (To ICO and Individuals/Organisation concerned), and Evaluation and Response.; ; These pre-defined processes are in place for responding to common types of incident and attack. A defined process and contact route exists for reporting of security incidents by buyers and external entities.; ; Security incidents of relevance will be reported in acceptable timescales and formats.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  MedOptimise is committed to promoting sustainability. Concern for the environment and promoting a broader sustainability agenda are integral to our professional activities and the management of the organisation. We aim to follow and to promote good sustainability practice, to reduce the environmental impacts of all our activities and to help our clients and partners to do the same.; • Our Sustainability Policy is based upon the following principles: To comply with, and exceed where practicable, all applicable legislation, regulations, and codes of practice.; • To integrate sustainability considerations into all our business decisions.; • To ensure that all staff are fully aware of our Sustainability Policy and are committed to implementing and improving it.; • To minimise the impact on sustainability of all office and transportation activities.; • To make clients and suppliers aware of our Sustainability Policy and encourage them to adopt sound sustainable management practices.; • To review, annually report, and to continually strive to improve our sustainability performance.; ; Specifically, we are committed, amongst other initiatives, to:; • Supporting contract staff to work from home contributing to reduced overall carbon emissions.; • Efficient printing, for example by double-siding all paper used and only printing where necessary.; • Reducing the amount of waste produced by the business by encouraging employees to utilise reusable bottles, lunch boxes etc.; • Ensuring that water/electricity is used responsibly by our staff by making sure lights, computers, taps etc. are turned off when not in use.; • Recycling materials as extensively as possible by making sure we have paper, glass, plastic, and carboard recycle bins throughout the office.
• Covid-19 recovery:

  Covid-19 recovery

  The Covid-19 pandemic left a significant number of people unemployed and struggling to find work. For that reason, MedOptimise collaborated with our network of Clinical Commissioning Groups (CCG) clients to support local people in finding work opportunities. ; ; We ensured that our employees were aware of the support available to them if their mental health was declining because of Covid-19 such as counselling opportunities for staff who have noticed their mental health declining due to the pandemic. We also signposted staff to the likes of MIND UK who offered a number of resources to support mental health during the pandemic. Some offerings included wellness action plans for home workers, dealing with burnout when working from home, tips on working from home, and returning to work as lockdown measures began to lift. These resources were extremely beneficial in helping us to support any of our staff who were experiencing a decline in mental health. ; ; To maintain our performance and safety, we carry out regular reviews to ensure our businesses is running effectively. These reviews are carried out against changing Covid-19 restrictions and shifting client demand and behaviours. These reviews cover: lessons learnt during the Covid-19 pandemic; shifting market conditions; and shifting operational behaviours.; ; We do the above to ensure we are always making decisions based on the most recent and relevant Covid-19 guidance.
• Equal opportunity:

  Equal opportunity

  MedOptimise stress that discrimination and victimisation is unacceptable in our workplace. We are committed in treating all members of staff equally, supporting them to flourish and build their skillset. We follow guidance as set in the Equality Act 2010, ensuring that no member of staff is treat differently or discriminated against due to the protected characteristics (age, disability, gender reassignment, marriage or civil partnership, pregnancy and maternity, race (including colour, nationality, and ethnic or national origin), religion or belief, sex, and sexual orientation). ; ; We aim for our workforce to be truly representative of all sections of society and want every member of staff to feel respected in the workplace. We create opportunities for individuals from the BAME Ethnic Minority backgrounds and actively support ethnic diversity in workforce recruitment, including contract staff. The selection process for employment of our staff is carried out by individuals who receive specialist training, guaranteeing that candidates are scored based on their aptitude and ability of the role they are applying for. ; ; Harassment, whether it be directly, indirectly, or victimisation, is not tolerated at our workplace and is an instant disciplinary offence. Our staff are informed of grievance processes and are encouraged to report misconduct, being assured that they will not be reprimanded for doing so. We handle reports and complaints of misconduct such as bullying and harassment from staff seriously, aiming to provide instant appropriate action. With this, we create a working environment that is free from bullying, harassment, victimisation, and unlawful discrimination, promoting respect for all. We are also committed against unlawful discrimination of our customers, providing training to staff that raises awareness of discrimination against workmates and customers.
• Wellbeing:

  Wellbeing

  We understand how vital it is to foster employee wellbeing, therefore we have a holistic framework in place to support employee’s physical health, mental health, and safety. Our workplace culture is positive, motivating, and safe, ensuring that the morale of staff is always high. ; ; We are committed in establishing, promoting and maintaining the mental health and wellbeing of staff. For staff’s mental health needs, we have a mental health friendly environment, removing the stigma and encouraging staff to get help when needed. We also have a counselling system in place, where staff can seek help for mental health issues anonymously and are directed to a mental health platform. During the COVID-19 pandemic, we understood the massive mental impact that lockdown and working from home had on our workforce. As a result of this, we provided mental health wellbeing sessions such as 1 to 1’s and coaching sessions on accessing social support. We also allowed staff to work from home when requested, allowing staff to be flexible with their own needs; ; We encourage our employees to have a healthy work-life balance, with flexible working, including working from home, available to staff on request. For staff’s physical health, we aim for staff to be as active and healthy as possible, encouraging active breaks. ; ; Our management team undergo relevant wellbeing training, including mental health awareness, which allows staff to be fully prepared to deal appropriately and compassionately with staff who seek help. Senior staff actively encourage and motivate staff to work towards their long-term goals, with regular check ins to discuss their performance and any issues they may be facing in the workplace.

Pricing

• Price: £0.03 to £0.10 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sean@medoptimise.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.