MEDILOGIK LIMITED

MEDILOGIK EMS

EMS is an Endoscopy Reporting and departmental management software package. It covers all procedures within GI Endoscopy, Bronchoscopy and Cystoscopy as well as containing full scheduling functionality.
EMS is compatible with NED 2.1 & JETS.
Also inter-operable with Trust and wider eHealth systems for exchanging patient, referral and results data.

Features

• Full NEDi2.1 accreditation
• Integrated Image capture, processor agnostic
• Flexible scheduling and Vetting functionality
• One-Click generation of JAG audits
• Productivity dashboards & Capacity and Demand Reporting
• Data Extract API available to populate organisational BI tools
• Trust-wide licence - access from any PC
• Integrates with all EPR/EHR systems and other specialist systems
• Accepts electronic referrals
• EMS is for large regional deployments or small Private sites

Benefits

• Users always access the latest EMS version, no upgrade delays
• NED data copied to JETS avoiding Trainees re-keying data
• JAG requirement of NED-JETS is met with minimum effort
• High Definition image capture; one box system for reliable capture
• Historic reports loaded and available in patient history
• Dashboard Panel provided for easy management of rescopes/surveillance &MDT episodes
• Access to e-learning & online help from within the application
• Supports move to “paperlite/paperless” endoscopy services with full pathway
• Deaths and Readmissions Audit
• Send electronic reports to GP's or regional repositories

£18,000 a licence a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@medilogik.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

834911035466062

Contact

Tracy Finlayson
01473351650
sales@medilogik.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Standard support provided during office hours. Extended options available.
• System requirements:
  • Procedure room PC's should be physical Windows PC's
  • Procedure room cabling to our specification

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During office hours response within one hour; Mon-Thurs 9am -5.30pm; Fri 9am - 5pm; Excluding UK public holidays
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: End user support is provided Mon-Thurs 9-5-30. Friday 9-5; Excluding UK public holidays ; MEDILOGIK Cloud platform is monitored and supported 24/7
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Upon receiving the order and agreeing the scope of the project, we will guide you throughout the full deployment with: ; - project planning, management and other project services; - remote training & e-learning; - Configuration services, process mapping and advice; - Go-live support; - Integration services; - System and User documentation; - Connecting to NED & JETS
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Full audits and reports are built into the software and can be run at any time but we would provide a full data extract on request at the end of the contract.
• End-of-contract process: At the end of the contract access to EMS will be revoked unless a renewal is procured in time. During the month leading up to it, a notice will be displayed to all users warning them of the impending removal of access.; Included in the contract would be a full copy of your database at the agreed completion date, any other services would incur further charges.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Users have control over the configuration of the system, they will be a single production instance for your organisation, with appropriate branding. ; System administrators can control who has access, enabling certain features and the customisation of the scheduling templates to fit their service. ; Full advice and training is given as part of the project.

Scaling

• Independence of resources: All shared systems are monitored for resource utilisation with alerting configured. All shared systems are designed for scale up (database systems) or scale out (all other systems) with load balancers already in place.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There are comprehensive reports and audits built into the system which users can run at any time and export to Excel or PDF. Ad-hoc queries can also be generated following logging a ticket on the helpdesk. ; We also offer a data extract API which users can run queries against to extract regular datasets for your BI or other tools.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Support hours Availability Per Annum (%) - Service Credit (%); 99% availability and over - Nil credit.; 97% to 99% availability - 5% credit.; 95% to 97% availability - 10% credit.; Less than 95% availability - 20% credit.
• Approach to resilience: Primary data centre location - split site high availability with data replicated across three physical data centres with independent power, cooling, etc.; ; Replicated data to standby data centre > 200km from primary data centre. Asynchronous but low latency.
• Outage reporting: Customers are contacted individually to advise of outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to control panel is limited to named users who require multi-factor authentication (including push notification to a mobile device) and SSL client certificate to gain access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR Limited
• ISO/IEC 27001 accreditation date: 02/03/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS DSPT Toolkit - 2023-24 (version 6) Standards Exceeded

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We currently work to ISO27001 standards and have implemented security governance policies in line with that.
• Information security policies and processes: ISO27001 standard policies

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We follow a defined change management process where all components of the solution are upgraded to be no more than one version behind the current release.; ; All new systems are tested by a dedicated in-house testing team in a non-production environment before being deployed to live.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Weekly audit based scanning using the Tenable.IO vulnerability scanner.; ; Patches on a monthly basis in line with Microsoft's patch release schedule with provision for out-of-sequence patching if required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use Microsoft Azure's SQL Security Centre to monitor database access and identify unusual data access patterns and to monitor reverse proxy access logs to similarly identify unusual access patterns.; Any breach or suspected breach will result in an immediate notification and we will respond as per our documented Personal Data Breach process.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a pre-defined process for reporting data breach incidents.; MEDILOGIK act as a data processor, therefore we notify the data controller as soon as possible in line with our documented process (notification by e-mail and telephone, request confirmation of notification by e-mail).

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Net Zero Commitment:; MEDILOGIK LTD is committed to achieving Net Zero emissions by 2050. For Emissions Scopes 1,2 and 3. The commitment was made on 03/01/2024 by the management board.; ; Further to this MEDILOGIK LTD is committed to achieving a 50% reduction for emissions in Scopes 1,2 and 3.; ; Our carbon reduction plan can be downloaded from our website: https://www.medilogik.co.uk/certifications-and-policies; ; MEDILOGIK have also completed the NHS Evergreen Assessment and have achieved level 1.

  Covid-19 recovery

  Since the start of the pandemic, MEDILOGIK moved quickly to assist endoscopy departments across the UK to better manage their growing waiting lists and ensure they can use their resources in the most efficient manner. Changes to our software allowed users to easily stratify the patient priority and allow the most urgent cases to be dealt with first. Improvements to our reporting suite allow managers to identify spare capacity, review unit efficiency and in the detail, identify where improvements can be made. Covid-19 hit Endoscopy departments hard, and helping them recover is still a key priority for us.

  Tackling economic inequality

  As a remote supplier, we recruit staff from all over the country. This flexible approach has removed barriers for employment by it not mattering where you are located and what the local deprivation rate is. Commuting costs and challenges are no longer an issue. ; MEDILOGIK also provide our staff with everything they need to work at home removing any barriers of staff members purchasing their own equipment. ; MEDILOGIK have an open recruitment policy with no barriers to local employment and will be happy to work in partnership with customers to ensure local social challenges to employment are not an issue.

  Equal opportunity

  MEDILOGIK are committed to embedding equal opportunities throughout our business. We are committed to equal opportunities for all staff and applicants. It is our policy that all employment decisions are based on merit and the legitimate business needs of; the organisation. MEDILOGIK does not discriminate on the basis of race, colour or nationality, ethnic; or national origins, sex, gender reassignment, sexual orientation, marital or civil partner status,; pregnancy or maternity, disability, religion or belief, age or any other ground on which it is or becomes unlawful to discriminate under the laws of England, Wales and Scotland (referred to as Protected Characteristics).; MEDILOGIK have an extensive policy on equal opportunities and its embedded in the staff handbook.

  Wellbeing

  MEDILOGIK is committed to the support of physical and mental health. The shift to full remote working brought many work-life balance benefits including increased time and opportunity for physical health improvement. Increased use has been made of remote working tools to increase interaction therefore reducing isolation.; ; All employees have access to equipment and a remote assessment to support them with their physical health. ; ; MEDILOGIK has developed a culture that actively encourages employees to switch off their work communications outside of working hours.

Pricing

• Price: £18,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@medilogik.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.