KNOK HEALTHCARE LIMITED

Integrated telehealth solution - from Digital Front Door to Patient Journeys and Smart Analytics

knok’s Digital Front Door strategy connects patients, providers and healthcare professionals in one place. It’s Patient Journey engine enables continuity of care efficiently and automatedly. With such solutions we transform regular clinical practice in structured and ready-to-use data that feeds our smart analytics capabilities.

Features

• AI-powered triage
• Integrated payment gateway
• Appointment schedulling performed by patients or by administrative personnel
• Secure telemedicine environment
• Secure file-sharing
• Patient journeys engine for standardised patient journey building
• Collection of PROMs and PREMs
• Structured and ready-to-use data collection
• Real-time monitoring of patient cohorts and individual patients
• Anonymised data sets for research and decision-making support

Benefits

• Allow patients to self-refer for the right care/service
• Quickly start using a complete and integrated telehealth solution
• 100% white-label customised solution
• Create unlimited patient journeys to support long-term and complex pathways
• Enrol an unlimited number of patients to a patient journey
• Collect millions of data entries in structured and ready-to-use way
• Use smart analytics insights to support clinical decision
• Produce Real-World Evidence studies in under 1 month
• Support risk-sharing agreements
• Benefit from an ongoing support from an experienced team

£1,500 a unit a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@knokcare.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

830446508534785

Contact

Jose Bastos
+351936075702
sales@knokcare.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Users require a supported web browser and minimum specification devices:; - Laptop/smartphone with microphone and camera; - Web browser that supports WebRTC technology
• System requirements:
  • Access to internet
  • Device equiped with camera and microphone (for telemedicine)
  • Updated internet browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support:; Response time within 1 hour; ; Online real time support for doctors and admin staff:; Real-time chat support directly accessible via web; ; Dedicated Customer Success:; Continuously point of contact to ensure the successful implementation of the system and compliance with best practices for video consultations.; ; For technical troubleshooting, involving product and engineering teams, the response time is prioritised by severity and urgency:; - Low level: time to solution <7 days; - Normal level: time to solution <3 days; - High/urgent level: time to solution <2 hours; Response times do not vary on weekends.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web chat support is an optional feature in our platform. When switched on, this chat is integrated and embedded in the platform.; It is connected to a support team and is available for doctors and administrative personnel.
• Web chat accessibility testing: Clinical user testing
• Onsite support: No
• Support levels: By standard, knok provides all clients with the same support level.; All clients have a dedicated technical account manager (success manager), that is responsible for the clients' implementation and ongoing relationship. A project manager might also be assigned to the client, if the solution requires it.; All clients have access to the customer support team that can escalate more complex issues to the product and/or engineering team.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Yes. A Customer Success manager is assigned to every client and it will be responsible for the client's solution implementation and on going relation. A project manager might also be assigned, if the solution requires it.; ; Every implementation includes online training to every person (healthcare professionals and/or administrative personnel). ; A comprehensive library of training materials in different supports is also available.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Video tutorials
• End-of-contract data extraction: Data owned by the client can be extracted into a file format as agreed with knok, according to GDPR compliant processes.
• End-of-contract process: At the end of the contract, there is at least one offboarding meeting to ensure all parties' interests are being taken into consideration during this process. ; All data owned by the client is extracted and transfered to the clients' preferred systems in a GDPR compliant manner.; Afterwards, the client's platform is destroyed, along with all data within it.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Same functionalities. Changes in layout due to the screen constraints.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Administration online platform - Panacea Managers. ; Custom access levels to view and/or edit doctor, patient and consultation information.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Clinical patients in GP video consultations
• API: Yes
• What users can and can't do using the API: Client can access via API all functionalities available in our platform . The only exclusion is the video technology which must be implemented by the client via an SDK.; ; Main resources:; - Doctors; - Patients; - Appointments (includes scheduling); - Electronic health record
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: White-label: Brand the user interface with custom logo and colours.; Communications: Personalise Email and SMS sender information.; Tone of voice: Email notifications templates

Scaling

• Independence of resources: Auto-scaling mechanisms based on resource utilization.; Video consultation streaming is Peer to Peer and does not add load to central resources.; Continuous monitoring and alerting system.; ; For illustration purposes, our platform currently supports operations that manage more than 1500 appointments per day and clinical teams of over 450 healthcare professionals.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide service metrics ranging from clinical to operational data points.; knok's platform collects information regarding all relevant activity timestamps and regarding all users (patients, doctors, administrative personnel, and nurses). From a clinical perspective, knok uses patients journeys to structure data collection, using clinical surveys, PROMs, PREMs, and other media. ; Considering the dispersion of data scattered by non-communicating platforms, knok's solution also allows data integration from other sources. This allows knok to aggregate in a single platform already existing CROMs and financial data, in context with the implemented clinical patient journeys.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported via CSV files. Alternatively we provide it in JSON format when accessed via API.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON (via API)
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our service level agreement for the availability of service is of 99,5%+.; ; If availability is under the defined SLA, knok will charge accordingly to the real available time.
• Approach to resilience: Knok's cloud provider has extensive resilience and disaster recovery procedures.; ; Auto-scaling and high-availability features enabled to ensure horizontal scaling and redundancy.; ; More information is available on request.
• Outage reporting: Error messages available in real-time for the users.; Email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All access points have enforced 2 factor authentication.; ; User roles that guarantee different access levels to the system.; ; Direct access to support the databases and infrastructure is limited to a very small team who have been issued a named account and connect in directly to the datacentres using two-factor authentication. All the actions performed are audited.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AENOR International S.A.U.
• ISO/IEC 27001 accreditation date: 19-06-2023
• What the ISO/IEC 27001 doesn’t cover: Anything not related to the information systems that support the processes of design, development, maintenance and software support and the management of engineering, data, information technology, product, customer success, finance and legal, sales, marketing and human resources operations (in accordance with the statement of applicability in force on the date of issuance of the ISO27001 certificate)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: European Union General Data Protection Regulation

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: A comprehensive set of policies covering implementation and management controls across the following aspects.; - Access and Authorisation Control; - Network and Data Encryption; - Network Ingress/Egress; - Centralised Event Logging and Alerting; - Systems Hardening; - Data Protection and Retention; - Intrusion Protection/Detection; - Malware and Virus Protection; - Patch Management; - Vulnerability Assessment; - Incident Management; - Solution and Systems Development

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Development lifecycle takes into account:; - code review processes that require unit and integration tests to be included; - Continuous integration (with regression testing taken into account); - Continuous deployment; - QA process; - Continuous monitoring of application and system logs with alert system; - System to manage issues that includes technical manager evaluation regarding security, functionality relevance and backup and restore plan.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats detection:; - Integrated in the development lifecycle; - Automated tool that detects vulnerabilities both on the code to be deployed and on dependent libraries; - Regular penetration tests performed by specialised security team; ; Patch deployment:; - Security vulnerabilities detected are prioritised according to degrees of severity (low, medium, high, very high). Both high and very high are given maximum priority in the development lifecyle which means they will be deployed on the next release.; ; Information regarding potential threats gathered from automated script (checks public CVE archives) and client reported vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises detection system:; - Continuous monitoring software that detects patterns of user suspected activity via access and error logs; - Alerts sent via email and SMS to security manager that initiates investigation; - Security incidents are rated according to severity; - If an incident is confirmed as a breach, a set procedure must be followed to contain, investigate, resolve, and communicate information to employees, customers, partners and other stakeholders; - Development team deploys patches in the next release if incident is confirmed as a breach
• Incident management type: Supplier-defined controls
• Incident management approach: - User reports incidents via designated channels; - Continuous monitoring system with alerts for user suspected activity; - Identification of potential threat with the incident response team being contacted to investigate; - Audit, access and error logs available to help with the investigation; - While being investigated, the client will be informed of an incident under investigation; - Development fixes the cause of incident; - Incident response team reviews incident report and shares it with the client; - Incident report added to knowledge base and incident response team implements new security controls if required (staff or infrastructure)

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our solution contributes to wellbeing by increasing access to healthcare services and by promoting a more personalised care approach.; By leveraging digital front door tools, knok allows hospitals to become closer to its patients, reducing travel time to healthcare facilities and allowing faster access to care.; By implementing standardised patient journeys that use patient reporting tools, such as PROMs and PREMs, clinical teams become enabled to performed personalised care and treat patients accordingly to the evolution of their clinical condition.

Pricing

• Price: £1,500 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@knokcare.com. Tell them what format you need. It will help if you say what assistive technology you use.