Radiology Information System
VRIS is GDPR & HIPPA compliant, with encrypted databases and encryption applied to documents in transit, maximising the security of your data.
Streamlined patient data capture reduces duplication of effort, staff requirements and errors. From Scheduler through to results workflow is enhanced at every step of the patient’s journey.
Features
- Customisable worklists and views per user and role
- Rapid patient registration for after hours and emergency capture
- HL7 compliant for enable seamless data exchange
- Integration with insurer applications to verify patient details
- Digital communications between departments
- Secure auto emailing and SMS capabilities (booking reminders, urgent findings)
- Configurable reminders and warnings for patient workflow
- Voice recognition with user managed dictionaries and commands
- Unique ID per patient record with duplicate patient capture warnings
- Configurable report templates per user, modality and exam
Benefits
- Streamlined workflow giving increased productivity
- Intuitive to use, rapid user onboarding and adoption
- System stability ensured by Linux and N-able monitoring
- Securely accessible from anywhere
- Enterprise centralised solution facilitating communication among staff
- Embedded document imaging to ensure paperless solution
- Timestamps on each action to provide productivity stats
- Access control limiting access to sensitive information based on user
- Patient messaging/intereaction capabilities to minimise missed appointments
- Single database with debtors application, streamlined, efficient and secure
Pricing
£70.00 to £350.00 a user a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 4 5 3 8 4 4 4 2 7 1 8 9 0 1
Contact
VERTEX IN HEALTHCARE LIMITED
Richard Turner
Telephone: 07568517980
Email: richard@vertexih.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- Our RIS exports to the following formats: PDF,XML,XLSX,Sheets, CSV & ODF & customisable to other formats depending on the customers requirements. We require 2fa, device dependency.
- System requirements
-
- Connectivity should be a minimum of 20Mbps synchronous connection
- Database Server (virtual):Ubuntu 20.04LTS; 16GHz CPU; 8GB RAM
- Application Server (Virtual):Ubuntu 20.04LTS; 16GHz CPU; 8GB RAM
- Clients Up to Date Browser Chrome, Safari, Edge
- HL7 Integration Technical Integration Environment
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
This is dependent on the contract agreement, but our response times vary from 15 - 60 minutes. Critical downtime services calls are responded to immediately based on our service contracts.
four Radiology Information System (RIS) support level examples:
Bronze: Weekday business hours (8:00 AM - 5:00 PM) with an 8-hour maximum response time.
Silver: Weekday business hours (8:00 AM - 5:00 PM) with a 4-hour maximum response time.
Gold: Weekday extended hours (8:00 AM - 12:00 AM) with a 2-hour maximum response time.
Platinum: 24/7 support with a 2-hour maximum response time. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- Not currently but is on our roadmap for future development.
- Onsite support
- Onsite support
- Support levels
-
We offer four support levels:
Bronze: Weekday (Mon - Fri) business hours (8:00 AM - 5:00 PM).
Silver: Weekday (Mon - Fri) business hours (8:00 AM - 5:00 PM).
Gold: Weekday extended hours (8:00 AM - 12:00 AM).
Platinum: 24/7 support.
All tiers include remote support and potential on-site assistance (at our discretion). We never deny support, but charges apply outside chosen hours. Each client receives a dedicated Customer Relations Manager (CRM) for ongoing communication. Our Tier 3 technicians, technical manager and development team provide advanced technical support escalations where necessary. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Vertex in health provides a range of services from migration, technical build and training orchestrated by our Project managers to ensure the adoption of you new radiology Information Systems (RIS) is smooth. Initially, we conduct thorough assessments to understand the users' needs and the existing infrastructure. Then, customise the RIS to align with specific workflows and requirements, ensuring seamless integration with existing systems in consultation.
Training is a cornerstone of our support, offering comprehensive programs tailored to different user groups, including radiologists, Radiographers, and administrative staff. These sessions cover everything from basic navigation to advanced functionalities, empowering users to maximise the system's capabilities efficiently and workflows.
We provide ongoing technical support post-implementation to agreed OLA and SLA’s, addressing any issues promptly and ensuring smooth operation. We actively use feedback mechanisms to continuously improve the system's usability and functionality based on user experiences.
We act as partner in the transition, guiding users through the implementation process and beyond, ultimately enabling you to leverage the new RIS effectively. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
At the end of a contract transparent communication and meticulous planning are paramount and collaborate closely with NHS stakeholders to outline data extraction procedures well in advance of the contract expiration seeking to make the process and smooth a possible.
We provide a comprehensive data extraction toolkit, including guidelines, scripts, and software tools tailored to the NHS's data format and security requirements. This toolkit facilitates the extraction of patient records, imaging data, reports, and any associated metadata while ensuring compliance with data protection regulations like GDPR.
Users can extract their data using these tools under the guidance of our IT professionals, ensuring a smooth transition to alternative systems or archiving solutions. Additionally, we offer training sessions and dedicated support channels assists users in navigating the extraction process effectively.
Upon completion, we verify the integrity and completeness of the extracted data through rigorous quality assurance measures. Clear documentation of the extraction process and data formats ensures accountability and facilitates future access if needed, even after the contract ends. - End-of-contract process
-
At the end-of-contract process, meticulous planning and clear communication are essential. At the end of the contract, we conducts a comprehensive review with NHS stakeholders to finalise the transition plan. This involves facilitating data extraction, system decommissioning, and handover procedures to ensure minimal disruption to healthcare services. Also where required the safe and secure disposal of hard drives.
Included in the price of the contract are core services including maintenance, technical support, and supporting of migration of data in generally accepted formats to ensure system functionality and compliance and exit planning. Additional costs may arise for customisation beyond the agreed scope, specialised training programs, or on-demand technical support outside the contract's service level agreement.
During the transition, we provides documentation and guidance to NHS staff and chosen supplier on data migration, ensuring the integrity and security of patient records and imaging data. We also facilitate knowledge transfer sessions to empower NHS personnel in managing the system independently post-contract. Throughout the process, transparent communication and collaboration foster a smooth transition and maintain positive relationships all parties.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The major differences between desktop and mobile devices would be screen resolution, user interaction ie. touch enabled however the mobile version has less functionality compared to the desktop version. In essence the mobile device will be a lite version of the desktop version.
- Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
- Authorised users can create patient, order records, update records, retrieve records, tracking of orders, scheduling, result access and images. Users cannot delete logs, records and or any other auditing information.
- API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Reports can be customised by the user, standard reports can be copied to their own. They can then customise it in a design view interface. Searches can be customised to the users liking, by moving field, creating filters and grouping data. This can then be exported. The UI can be customised in certain areas to select what they see, users can customise grids and save them to their liking. They can also move certain screen sections around and change the popup. This is available for feeing and radiologists.
Scaling
- Independence of resources
- As part of the deployment we conduct a capacity planning assessments and this is also repeated regularly during the lifetime of the contact, to anticipate future demand and ensure that the IT infrastructure supporting PACS/RIS can handle the expected workload without degradation in performance. Our solutions are designed to be scalable, allowing for easy expansion of resources such as storage capacity, processing power and network bandwidth to accommodate increased user demand as needed. We also implement resource allocation mechanisms to prioritise critical tasks and allocate system resources based on priority and urgency or user requests.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Performance reports tracking key performance indicators (KPIs) related imaging services, such as image quality metrics, workflow efficiency measuring the time taken for image acquisition to reporting, ensuring timely diagnosis and treatment. Patient satisfaction scores, operations turnaround times, monitoring the average time take to produce and deliver radiology reports, minimising delays in patient care. Billing statistics, referring documents, operations/exams and debtors by financial period
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Our platform offers users a seamless process to export their data efficiently. With the ability to search and filter their data, users can ensure they have the correct results before proceeding. The system provides the option to export data in various formats such as CSV, XML and XLS, enabling users to utilise the information outside of our system. Additionally, the system is equipped with user rights and privileges, ensuring security and control over data access. A full audit trail is maintained to track user activities, access and search results. User rights are configured based on client requirements.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- XML
- XLSX
- Sheets
- Customisablee, depending on customer requirements
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XML
- XLSX
- Sheets
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Other
- Other protection within supplier network
- We use TCP connection which is secured through a dual-layered RSA and AES encryption with username and password authentication.
Availability and resilience
- Guaranteed availability
- We provide SLA 99.99% availability guarantee on our software services excluding planned down time. and a 99.999% uptime guarantee on server hardware components provided by public cloud resource providers. Scheduled downtime for product improvements are limited to 12 hours a year.
- Approach to resilience
- Our system is engineered for resilience through a multifaceted approach. We employ robust disaster recovery plans, incorporating regular snapshots to capture systems states. In addition, our system integrates retry logic to handle potential failure seamlessly. Access control is enforced through meticulous user role management, ensuring only authorised personnel have appropriate system permissions. Comprehensive logging of all events provides valuable insights for troubleshooting and auditing purposes.
- Outage reporting
- We use an agent-based monitoring solution on our servers. This solution allows for the monitoring of all logs and services on our devices, which typically occurs every 5 minutes. The solution employs self-healing capabilities which attempt to correct any failure, should they occur. Our support teams have access to monitoring dashboards which show the current, and report on historical statuses of what is being monitored. In addition, email alerts are automatically sent to our help desk should any monitored item fall into a failed state that could not be self-healed.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Other
- Other user authentication
- We have roll based security which we use to restrict access to various functions for the users.
- Access restrictions in management interfaces and support channels
- We have roll based security which we use to restrict access to various functions for the users.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- CSA CCM version 3.0
- Information security policies and processes
- All staff receive information governance training yearly. We have a Caldicott Guardian and a Senior Information Risk Owner (SIRO). We have information risk registers, information asset registers etc. All staff are aware that any breaches are reported directly to the SIRO, and the SIRO then reports on to the Information Owners (our capacity is as information processor and never owner). We apply all of the principles laid out in both of these information security policies in the design of our systems. We have role based access control, pseudonymisation where necessary, no clearly identifiable personal data etc. We also comply with the NHS Code of Practice – Confidentiality and the Data Protection Act.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
1. Change Management: Following a Request for Change (RFC) it is submitted as an RFC. The RFC includes details like reasons for change, risks, benefits, proposed implementation plan, and impact analysis either from us or our clients.
2. Configuration Management: All components are identified as Configuration Items (CI), and a Configuration Management Database (CMDB) is maintained.
3. Integration between Change and Configuration Management: Any changes implemented through the Change Management process are reflected in the CMDB for your site.
4. Continuous Improvement: Regular reviews of the Change and Configuration Management processes are conducted. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
We use risk assessments using tools HRVA and FMEA1. Patches are deployed swiftly, within 48 hours for critical issues, using automated systems. Information on threats is sourced from a number of advisories and threat intelligence feeds. Continuous monitoring and staff training ensure system integrity and security awareness.
We use N-Able N-Central remotely manages and secure systems allowing for the automation of various tasks, deployment of software patches (Microsoft and 3rd Party), sends out help desk alerts, allows for remote access to devices for troubleshooting. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We user N-Central and SentinelOne EDR combine forces to provide a layered approach to protective monitoring. SentinelOne's agent continuously monitors endpoints for suspicious activities. It utilises advanced techniques like machine learning and behavioural analysis to detect threats that traditional antivirus signatures might miss. This vigilance helps identify potential compromises in their early stages.
This integration between N-Central and SentinelOne EDR enables a proactive approach to security. By continuously monitoring, identifying, and responding to threats, you can significantly improve your overall security posture. The rapid response provided minimises potential damage and downtime caused by the incident. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- We have pre-defined processes for common events, like system errors or downtime categorising from denial-of-service severity 1 to a Severity 4 minor and fix timing are managed accordingly as agreed in OLA sections of a Contract. Users report incidents through a dedicated helpdesk. Incident reports are provided through monthly via email, detailing incident status, resolution progress, and any follow-up actions. Reviews take place quarterly on our performance. Continuous refinement of processes based on incident data analysis ensures efficient incident resolution to minimise disruptions to services, adhering to ITIL standards while meeting the specific needs of healthcare operations in the NHS.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Following the Covid pandemic, Vertex In Healthcare has realigned many of its' services to be delivered remotely which has assisted with additional environmental benefits in the performance of the service including working towards net zero greenhouse gas emissions. Vertex In Health is committed to achieving Net Zero emissions by 2025. Although we utilise digital technology for meetings, our hybrid model is flexible to meet the needs of our clients and our policies reflect the most carbon neutral method of attending site. We have a ‘no printing’ policy for all of our documents and our staff are trained and supported through this adoption. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagementsCovid-19 recovery
Providing services and can play a crucial role in supporting the organisations and its businesses to manage and recover from the impacts of COVID-19 including:
1. Tele Solutions: Implementing or enhancing tele training and support platforms to enable remote consultations, remote support, training and monitoring of results.
2. Remote Work Enablement: Facilitating remote work capabilities has been a core part of Vertex In Health organisation strategy and delivery for staff through secure virtual private networks (VPNs), cloud-based collaboration tools, and robust cybersecurity measures. This ensures essential Vertex In Health services and operations can continue while minimizing the risk of virus spread among employees. This is also applied to our clients using a range of tele solutions cloud based platforms allow us to deliver services remotely.
3. Virtual Training and Education: Developing virtual training programs and educational materials for healthcare professionals to stay updated on COVID-19 protocols, treatment guidelines, and best practices. This ensures staff members are well-equipped to deliver quality care amidst evolving circumstances.
4. Remote Monitoring and IoT Solutions: Deploying remote monitoring devices and Internet of Things (IoT) solutions to track patient vital signs, medication adherence, and disease progression from a distance. This allows healthcare providers to intervene early and prevent complications, particularly for patients recovering from COVID-19 at home.
5. Continuous Improvement and Adaptation: Regularly assessing the effectiveness of implemented measures through feedback mechanisms, performance metrics, and stakeholder consultations. This ensures that solutions remain aligned with evolving needs and challenges, with adjustments made as necessary to optimise outcomes.
6. Scalability and Flexibility: Designing solutions with scalability and flexibility in mind to accommodate changing requirements and fluctuating demand levels. This includes modular architectures, cloud-native platforms, and agile development methodologies to rapidly deploy, iterate, and scale innovative ways of working as neededTackling economic inequality
Vertex In Health is experienced in creating employment opportunities particularly for those who face barriers to employment and/or who are in deprived areas. We have also been involved in creating employment and training opportunities, particularly for people in healthcare sectors with known skills shortages. Additionally supporting educational attainment relevant to the service, including training schemes that address skills gaps and result in recognised qualifications.Equal opportunity
Vertex In Health policies and practices foster a diverse and inclusive workplace culture, including recruitment practices, training programs, and employee resource groups are well developed and all staff are assessed for their fit to both the role and the cultural expectations needed in our workplace and customers. We regularly review and update the strategy in consultation with relevant stakeholders and staff to ensure alignment with best practices and evolving needs.Wellbeing
We have an internal, named champion, who leads on our initiatives to promote health and wellbeing among our teams. We extend this initiative to the wider community engaged in our delivery projects. We acknowledge that when the teams are working away from homes that this can add to the pressure of project deadlines and we have regular ‘touch points’ with our teams with early intervention and support to protect mental health and foster an open and inclusive team working environment. If necessary we signpost additional support available. We are committed to integrating the five social value themes within the UK Government’s Social Value Model into engagements
Pricing
- Price
- £70.00 to £350.00 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- No