VITALHUB UK LIMITED

MCAP Criteria to Reside Platform

MCAP is a clinical utilisation review platform, supporting frontline teams to identify the right level of care, to identify those that patients that are fit for discharge. Effective within any inpatient facility or caseload, its utilised to identify the right place, for the right patients at the right time.

Features

• Identify if patients have a criteria to reside
• All patients are assessed on individual needs at board rounds
• Pre-built clinical criteria to assess appropriateness of care
• Automatically accommodates co-morbid and co-occuring conditions
• Includes medical, surgical and mental health primary/secondary needs
• Records reasons for delay even if deemed appropriate to reside
• Records the most appropriate next stage of care for patients
• Also includes rehabilitation care, crisis services and substance disorder criteria

Benefits

• Proven to double the number of medically fit for discharge
• Removes the variation in discharge readiness decisions
• Based on clinically evidenced criteria to provide assurance to users
• Reduces Length of Stay
• Reduces patient delays
• Identifies areas for improvement to support patient flow
• Identifies common backlogs
• Can be linked to capacity planning
• Supports Red 2 Green and SAFER

£10,000 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.garrod@vitalhub.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

827617214078525

Contact

Mr. Colin Gqrrod
+442045833142
colin.garrod@vitalhub.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: The service is constrained by the client's available up/downstream bandwidth. Also reliant on ADT HL7 Messaging for patient admissions, transfers, discharges, and updates.
• System requirements:
  • The solution requires use of modern web browsers
  • Appropriate connectivity to the PAS system for patient HL7 messaging
  • Internet connectivity with available up/downstream bandwidth

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard terms of business for support queries are 4 Hours during normal working hours (Mon-Fri 09.00 - 17.30). Out of hours or weekend support is available (at additional cost).; User can manage status and priority of support tickets
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide support services via our online Ticketing system (integrated email included). ; ; Support is included as part of the yearly License/Hosting & Maintenance payment.; ; Standard SLA response times are:; ; Item Priority Fatal Non-Fatal; 1 2 hours 4 Hours; 2 8 Hours 24 Hours; 3 N/A 1 Month; ; The severity levels shown in the tables above are defined as follows: ; ; • Fatal: Complete degradation — all users and critical functions affected. Item or service completely unavailable. ; ; • Non-Fatal: Limited degradation — limited number of users or functions affected. Business processes can continue.; ; Our technical team are based throughout the UK. We offer both account managers and cloud support services locally. Support is usually provided during normal office hours Mon-Fri 5 days per week. Higher levels of support are available - price on application.; ; Note we have an HSCN connection if we need access to our client system(s).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: VHUK has a consultative approach to implementation and ongoing system support. This involves working with key client clinical and administrative staff and having a single point of contact for each and providing welcome packs to make everyone aware of the recommended project plan from the start, including key stakeholders. We do buy-in sessions to ensure that all staff is aware of the benefits of the use of the system, and, during these sessions, show examples of previous use and potential opportunities for improvement. ; We work with the team to give project updates for senior management teams and we discuss the ongoing use and problems and help coordinate the development of an action plan (usually both clinical and administrative). We also work with our clients to ensure that they understand all the data that can be available from our reports and how such data can pinpoint current problems and lead to an understanding of potential solutions.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Under the control of the user via the web interface data can be extracted to alternate storage. Alternatively, an encrypted export can be transferred to a location of the customers choosing via SFTP
• End-of-contract process: Export of encrypted data is included in the service. Once the data has been exported the infrastructure/ database in use is decommissioned and the data is destroyed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: The service interface allows for the transfer of the following ADT messages using the standard formatting:; ADT-A01; ADT-A02; ADT-A03; ADT-A08; ADT-A11; ADT-A12; ADT-A13; ADTA40
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: The user interface is tested to ensure compliance is maintained and conforms with WACG 2.1 A and above standards
• API: No
• Customisation available: Yes
• Description of customisation: Users can customise the view of the task list, reports, and dashboards. Users can also set individual preferences to configure the landing page for the application and the filters within the task list and dashboard. Custom fields can be included to store additional information in the Encounter, Review or for the Patient. Customisation of the service interface can be used so that custom fields are populated from the message. Customer specific Reason and Delays can be configured for use within the Reviews.

Scaling

• Independence of resources: Proactive monitoring of all resources; system storage and networking and via capacity management ensuring that all clients have sufficient available resources.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage metrics are logged and viewed in the backend logs.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Database TDE Encryption
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There are a number of options for data export. Review data can be exported directly from the reporting module into Excel/CSV format. Reports and Dashboard can be exported to PDFs.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: HL7

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95% uptime guarantee SLA on MCAP for Cloud offerings.
• Approach to resilience: We operate from highly available data centres (Tier 3), within each data centre, the actual cloud platform is deployed using enterprise grade infrastructure. Single points of failure have been eliminated using techniques such as load balancing, clustering, RAID, and dynamic routing.
• Outage reporting: We run a major incident process, and any outages are reported via SMS/email or our dedicated support desk

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Control measures are in place within the web interface and underlying software, these are tested through regular vulnerability assessments by an accredited provider.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 06/04/2023
• What the ISO/IEC 27001 doesn’t cover: No exceptions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: DSPT organisation code 8JF22

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Security policy, access control policy, asset management policy, classification of information policy, compliance policy, cryptographic policy, HR process, information security incident management, medical policy, mobile device and networking policy, network security management policy, operations workflow, operations security policy, organisation of information security, physical and environmental security, supplier relationships policy, systems acquisition and development policy, business management operational objectives, individual user agreement, non-conformance, customer feedback, internal audit procedure, change control procedure, design control, major incident process, business continuity plan, problem management procedure, document management procedure, contact review process, supplier review process. Etc

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Processes are in place to ensure that all changes to the system are authorised and tested prior to being deployed. These are compliant with the relevant aspects of NHS Data Security Protection Toolkit. To track components of services over time, version control is enforced, and access control records are kept and monitored. All change requests are documented and assessed. All staff are trained on operational procedures maintained on the company intranet, including Access Control and Password Management Procedures, Change Control Process, Privacy Impact Assessment & IG Checklist, Project and Change Management Control Plan, Network Security Policy, and Information Security Policy.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All servers are covered by a comprehensive monthly patching and maintenance schedule. Any important or urgent patches are applied out of schedule, with important patches within 2 weeks of a patch becoming available, and critical patches within 24hrs. Patches are always applied to Dev, Test and Demo environments first to prevent issues with production environments.; Servers are actively monitored by a variety of tools including Spiceworks which highlight out of date software version numbers to the internal support team for action.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use tools to monitor logs and highlight potential compromises; anything discovered will be raised to a priority one ticket in our system and responded to within 1 hour. if there has been a compromise this will be remediated and logged as a security incident in our ISO 27001 based business management system in order that it is treated to prevent recurrence.
• Incident management type: Supplier-defined controls
• Incident management approach: We have an incident management process in place to ensure incidents are dealt with to recover a secure and available service. The guidelines apply to all staff and include: All incidents must be reported to a manager and/or Information Security Team. An incident report is then completed detailing; name of the individual reporting the incident, the date, where the incident occurred, details of the incident and any actions taken, including who the incident has been reported to and the date the report is created. The Information Security Team investigate the incident and employ the necessary ; measures and actions to resolve

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We acknowledge the undeniable challenges faced by the NHS and all providers supporting Health and Social Care nationally, and we recognise the staff and the resolute response they have demonstrated in the face of mounting workforce pressures and the increasing demands on NHS services. Our products and services have a positive impact on Net Zero that align with the NHS carbon challenge.; VitalHub UK regards itself as a Human Systems company that does IT, that’s because we couldn’t do what we do without our people, or the users of the system. We have a strong commitment to corporate social responsibility (CSR) and a vision to create positive social, economic, and environmental impacts. Our corporate statement elaborates on how we ensure the delivery of social value through our products and services, describing the benefits we offer in terms of improving economic, social, and environmental well-being.; We are dedicated to minimising our environmental impact. The company's practices, such as reducing emissions, promoting recycling, and encouraging eco-friendly transportation options, align with the goal of protecting the environment. By reducing our carbon footprint and advocating for sustainable practices, VitalHub contributes to the environmental well-being of the local community. We positively encourage (on an individual basis) our staff to work remote and use public transport where practicable.; Our services are designed to help healthcare organisations reduce costs and enhance efficiency. By streamlining business processes and improving information management, the company supports public organisations in achieving better value for money whilst fighting climate change at the same time maintaining the quality of healthcare services.; We also ensure that our suppliers adhere to quality management systems and relevant legislation. This ensures that the services provided to public authorities meet high standards, leading to economic savings and a reduction in inefficiencies.

  Covid-19 recovery

  We acknowledge the undeniable challenges faced by the NHS and all providers supporting Health and Social Care nationally, and we recognise the staff and the resolute response they have demonstrated in the face of mounting workforce pressures and the increasing demands on NHS services. The NHS as a whole has been grappling with escalating demands and the pressures placed on healthcare systems across the country have been profound, necessitating creative solutions and a collaborative spirit to ensure the well-being of our communities. As a provider of solutions to the NHS we have stood on the frontlines, facing these challenges with determination and resolve.; Over the last two years, healthcare organisations and staff across the globe have unanimously felt the effects of the COVID-19 pandemic and united together to ensure continuation of service and the health of the population while operating in exceptionally uncertain conditions. As a provider of critical IT and software solutions to healthcare organisations, and in light of the dual pressure of both performance and pandemic, protecting not just the health but also the happiness of employees, who sit at the heart of servicing these organisations, has become a business imperative. ; We have collaborated and worked with our customers through and pots COVID to ensure our technologies help improve patient services and optimise limited NHS resources.

  Tackling economic inequality

  VitalHub have been involved in several initiatives, not only in the UK but globally, that we would like to highlight as examples of our commitment to Social Value and helping where we can to tackle economic inequality, examples include:; • We work closely with UK universities to provide Knowledge Transfer Partnership opportunities to graduates, which has resulted in employment with us for all participants to date.; • We have provided apprenticeship and secondment opportunities to the community and to customers to support workforce development and growth, as well as industry knowledge. ; • We are about to provide a workplace scheme to encourage the use of electric cars. ; • We have encouraged more home working to reduce carbon footprint.; • We have gifted laptops and other hardware to students, schools, and NHS organisations.; • We have sponsored a number of workshops and gatherings for patients and NHS providers, with no involvement from ourselves.; • We have provided free education on ICT and infrastructure to schools, particularly in areas of deprivation.; ; Our comprehensive CSR initiatives and dedication to ethical business practices strongly align with the Public Services (Social Value) Act 2012. By focusing on economic, social, and environmental well-being, the company not only meets the requirements of the act but goes above and beyond to ensure that its services and products are a force for positive change in the communities it serves. Our commitment to delivering social value is a testament to our dedication to public services and the betterment of the communities we support.

  Equal opportunity

  We are an equal opportunities employer, conversant with the Human Rights Act 2010, Working Time Directive, and the Modern Slavery Act 2015. We are committed to equality of opportunity and to providing a service and following practices which are free from unfair and unlawful discrimination. The terms equality, inclusion, diversity, and equity are at the heart of our values. We value people as individuals with diverse opinions, cultures, lifestyles, and circumstances. ; We will actively support diversity, equity and inclusion and ensure that our workforce is valued and treated with dignity and respect. We to encourage everyone in our business to reach their full potential and enjoy their work. ; Modern Slavery Prevention: Our stringent modern slavery prevention measures align with the Act's objective of promoting ethical business practices. By ensuring that modern slavery is not present within its operations or supply chain, VitalHub contributes to social well-being by promoting fair and just labour practices.; Our comprehensive CSR initiatives and dedication to ethical business practices strongly align with the Public Services (Social Value) Act 2012. By focusing on economic, social, and environmental well-being, the company not only meets the requirements of the act but goes above and beyond to ensure that its services and products are a force for positive change in the communities it serves. Our commitment to delivering social value is a testament to our dedication to public services and the betterment of the communities we support.

  Wellbeing

  At VitalHub we look at wellbeing in several ways,; Social Well-Being, our people, our partners: We take pride in how we support all our people, whether office or remote workers through multiple ways that have include virtual coffee times and workouts for remote workers in addition safe wellbeing meetings, open door access, team meetings and supporting social occasions.; VitalHub actively engages in charitable and community support initiatives. By allowing staff to request sponsorship or monetary donations for local charities, sports clubs, and community centres, VitalHub directly supports social well-being in the communities where it operates. We select two UK charities each year to support both internally with team activities and fundraising but also externally by promotion and exposure. This year’s charities are Julia’s House and Hospice in the Weald. Julia’s House was nominated to us by one of our customers and provides hospice care to some of the most seriously ill children across the counties of Dorset and Wiltshire. The Hospice in the Weald was nominated by one of our team who wanted to show gratitude to the hospice that provided care to his wife shortly after they married and had a child. Our team have raised nearly £3k to date for these charities.; Environmental Well-Being: Protecting the Environment: We are dedicated to minimising our environmental impact. The company's practices, such as reducing emissions, promoting recycling, and encouraging eco-friendly transportation options, align with the goal of protecting the environment. By reducing our carbon footprint and advocating for sustainable practices, VitalHub contributes to the environmental well-being of the local community.; Empowering Healthcare Organizations: we empower healthcare organisations to enhance the quality of care they provide to their patients and communities. By doing so, the company contributes to improved healthcare outcomes, thus positively impacting the social well-being of patients and local communities.

Pricing

• Price: £10,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.garrod@vitalhub.com. Tell them what format you need. It will help if you say what assistive technology you use.