IED LIMITED

CEMBooks

CEMBooks is a clinical productivity tool. Assign and tag roles, customise KPIs, monitor tasks, single point access for phonebook and guideline repository. Combining data, narrative and escalations with access to all essential knowledge resources in one multi-platform app that drives operational efficiencies and improves patient care within acute care systems.

Features

• Scheduled Situation Reports with timer
• Customisable, automated, time specific KPI's matched to OPEL scoring matrix.
• Escalation actions generated by individual KPIs, tagged to specific Roles.
• Organisational Roles, clear availability, routes of communication, tasking and ownership.
• Fully customisable forms. Build what you need, agile to requirements.
• The “Org Structure” displays whole system performance in an organisation
• The Phone Book search for Roles or People
• Resource book rota’s, training video’s, clinical guidelines in one place.
• Tasking

Benefits

• Prompts timely Sitrep completion ahead of scheduled operational meetings
• Sitreps, generating OPEL status linked to escalations promoting rapid resolutions.
• Escalation efficiency monitoring allows evolution of an effective escalation plan
• Accountability and responsibility for a Roles & tasks
• Reduced fragmentation of recording. Capture handover, safety huddles.. in real-time
• Org structure increases whole site visibility promoting collaboration.
• Contact specific “Roles” and see availability in real-time
• Single resource hub with clear governance
• Replace paper based Task lists
• Clear context for incident investigation and quality improvement

£20,000.00 to £100,000.00 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart@cembooks.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

850379630260972

Contact

Stuart Nuttall
07837201193
stuart@cembooks.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: There are no constraints on the number of users a customer may register within their organisation or the number of documents or phone numbers that can be stored on the system.; ; Any scheduled maintenance that would take place between the hours of 0800-1800 on any day of the week would only occur in exceptional circumstances and would be notified to the customer at least 2 weeks in advance.
• System requirements:
  • Can be accessed via any modern browser (exc Internet Explorer).
  • The app is available through Googleplay & iOS App Store.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: In line with our terms and conditions ; ; Access to CEMBooks 2.0 will be 24/7 365. ; Support services are included in the overall fee.; An enquiries form is available for generating support tickets and these will be responded to within 24 hours.; Support and training resources/videos will be available 24/7.; The local DA/OA is responsible for first line support but they may escalate issues which it cannot resolve to the CEMBooks 2.0 team either via enquiry form, email or phone and these will be dealt with within 24 hours.; ; In the event of a service failure we will notify customers and keep them updated every 12 hours until such time as normal service is resumed.; On reporting a service failure customers will be asked to provide a full description of the fault; System upgrades/maintenance will always be notified to customers ahead of time (>2 weeks if planned, asap if urgent) ; Faults with 3rd party data feeds to the API will be the responsibility of the customer if the fault lies prior to the data being received by the API.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: System implementation and set up can be done remotely within 1 day in it’s most basic form, however in all cases we strongly suggest the use of a local organisation implementation team to ensure smooth set up which usually takes 7 -14 days. On agreement to procure, the purchasing organisation will be provided with the CEMBooks 2.0 Implementation pack. This includes a full user manual and suite of instructional videos to assist with local set up. As part of this the local implementation team will be asked to provide details of the key clinical areas and roles that will be using the system so that these can be configured by the IED ltd team to create the Org Structure, key roles, initial KPIs and escalation actions. ; ; Details of the API will be provided should the procuring organisation choose to use this. Use of the API will require the customer to provide surfaced json files to the CEMBooks 2.0 API. The IED ltd team will then assist with set up of the KPI’s utilising the API data; ; User will register with email. Only specified domain names e.g. nhs.net will be permitted.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: MS Word
• End-of-contract data extraction: At close of contract situation reports and logs will be archived and an export of the content to date can be provided if required at time of closure. Subsequent to this the Sit reps and logs will be held for a period of 5 years and can be accessed if required but this will be at a cost of £250/instance. They will then be deleted from all CEMBooks servers.
• End-of-contract process: Should the customer choose not to renew then access will stop at the end of the current licence. The organisational administrator from the customer should inform all that organisations users that access will cease on the agreed date. Situation reports and logs will be archived and an export of the content to date can be provided if required at time of closure. Subsequent to this the Sit reps and logs will be held for a period of 5 years and can be accessed if required but this will be at a cost of £250/instance. Following this period we shall delete all Customer Data held on CEMBooks; ; There will be no other costs incurred as part of off boarding.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The display format is optimised for mobile display but otherwise functionality is the same for web and mobile services.; ; The administrative functions for the site can only be accessed via the web viewer service, not on mobile.; ; Specific CEMBooks apps are available for Android and iOS devices and are free to users to download from the App Store and Google Play store.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Details of the API will be provided should the procuring organisation choose to use this. Use of the API will require the customer to provide surfaced json files to the CEMBooks 2.0 API. The IED ltd team will then assist with set up of the KPI’s utilising the API data. Users will not have direct access to the API.; ; If the API is to be used the procuring organisation is responsible for surfacing that data in an appropriate format to the CEMBooks API and is liable for any costs from the 3rd party software where the data originates.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers have full control over customisation of all KPI's and narrative for sit reps. fully customisable escalations and organisational specific org charts and roles. All log formats are customisable and can be tables, text numbers or times.; ; Resource book and phone books are again fully customisable to the customers need; ; These can be set by the local Departmental or Organisational administrator. The IED Ltd team will support these admins at initial site set up and will be available for support throughout the contract.; ; Specific user stories or requests for change will be considered as part of formal feedback meetings with the customer throughout the contract.

Scaling

• Independence of resources: Available server space and database disk indexing has been tested and modelled and purchased appropriately to be of sufficient capacity for our users and will be increased as needed as further customers come on board to ensure there will be no impact to the service from extra user demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of users,; Number of sit rep formats and log formats; Number of posts/day; Escalation usage and efficiency; Number of Resource and Phone numbers used and views; ; Outcomes of Sitreps through status book
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Download to CSV, PDF, or Excel formats
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats: Other
• Other data import formats: Json files via API

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: Access to the service is only by authenticated users who have registered and been approved access by their departmental administrators.
• Data protection within supplier network: Other
• Other protection within supplier network: As per our cyber essentials documentation IED Ltd has no internal office network. All data is backed up regularly in line with our security operating procedures.

Availability and resilience

• Guaranteed availability: 99.9% Assured by contractual agreement.; ; To receive a Service Credit for an Outage, the Customer must submit a request to us in writing not later than five (5) calendar days after the last day of the month in which the Outage occurred. If the unavailability Outage is confirmed by us, then a Service Credit will be applied to the next Licence Fee payable by the Customer after receipt of the Customer’s request. Service Credits do not entitle the Customer to a refund, are not refundable and can be used only towards future billing charges. Service Credits are exclusive of any applicable taxes charged to the Customer or collected by us and are the Customer’s sole and exclusive remedy with respect to any failure or deficiency in the availability of CEMBooks. All requests for credit are calculated monthly and must be submitted to us within ten (10) days of the beginning of each month in respect of the prior period.
• Approach to resilience: Services are run on multiple AWS UK based servers which includes cover for multiple levels of redundancy.; ; Our business continuity plan is available on request and included with the implementation pack for customers.
• Outage reporting: Email contact with Organisational administrators for the affected customers. Updates and notifications will be via email but customers will have phone access if further updates are required.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: All users of the system will have to be authorised to use the system by local departmental or organisational administrators.; Administrative and set up permissions are restricted (by design) to those given Departmental or Organisational Administrative functions.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: DSP Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have a Security operating procedure that has been developed and externally assessed in line with the requirements of:; - NHS Data Protection and security Toolkit; - Cyber Essentials certification attained and we will aim to achieve Cyber Essentials Plus certification.; - In line with this we are seeking IASME Governance certification to assess our GDPR position and ensure we aligned to similar controls as ISO 27001 as the industry standard and a recognised UK government standard for small and medium sized companies such as ours.
• Information security policies and processes: We have a Security Operating Procedure with a named Director level Information Security Lead who is responsible for the development and compliance with this Policy. Reporting is in line with this policy. This policy was developed through consultation with Hytech Cyber Security Specialists and is reviewed annually.; ; All staff must have completed NHS Information Governance Training and have reviewed the Security Operating Procedure annually.; ; We have:; •NHS Information Governance Toolkit; •Cyber Essentials (plus being applied for); •DCB 0129; ; We are registered with the Information Commissioner's Office ICO (Reference number available on request)

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Process are in place to ensure that all system changes require director level authorisation and testing prior to being deployed. These are complaint with the relevant sections of the NHS DSP Toolkit and in line with our Security Operating Procedure. Version control is in place to track all documents and policies along with all Product features.; ; We are working towards full CSA CCM v3.0 Compliance
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Risk assessments are performed through build and testing with rapid response to provide patch resolution for known weaknesses. This is in line with out Security operating procedure and NHS DSP Toolkit.; ; We subscribe to NHS Digital CareCERT weekly bulletin.; ; We are working towards full CSA CCM v3.0 compliance
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Measures are in place to detect attacks to the system in line with our Security Operating Procedure and utilising security features within AWS.; We perform annual penetration testing for vulnerabilities in security or coding.; ; We are working towards full CSA CCM v3.0 compliance
• Incident management type: Supplier-defined controls
• Incident management approach: Security Incidents or breaches, and perceived weaknesses in security policy, procedure or practice will be reported and managed in accordance with the Information Security Reporting and Management Procedure.; ; Incidents which have or may have an impact on the confidentiality of Personal Data will be reported immediately to the appropriate NHS customer.; Incidents will be managed by the Information Security Lead who will allocate priority and manage the resolution. Records will be kept for every incident. Incidents will not be closed until all necessary action has been taken either to avoid re-occurrence or to minimise the impact of re-occurrence.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery

  Fighting climate change

  Aligns with NHS waste reduction incentives to move to a paper-lite environment by replacing paper based lists with electronic solution.

  Covid-19 recovery

  Supports NHS organisations to manage and recover services following the impact of COVID -19 through improved operational information and supporting organisations to apply NHSE Best Practice models such as the FOCUSED site management model.

Pricing

• Price: £20,000.00 to £100,000.00 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart@cembooks.com. Tell them what format you need. It will help if you say what assistive technology you use.