RESPONSIVE HEALTHCARE SOLUTIONS LIMITED

CliniBooks Endoscopy Management System

CliniBooks EMS is an end to end management solution, developed with clinicians, that manages the endoscopy pathway. The system schedules procedures, provides worklists for key users, tracks histology and surveillance cases, provides an electronic record in real time, saving valuable clinical time. Supports national reporting requirements e.g. diagnostic return.

Features

• Patient demographics - can integrate with other patient admininistraton systems
• Electronic triage of referrals
• Worklists for staff groups
• Scheduling of appointments in line with Joint Advisory Group
• Nurse noting - completion of patient pathway
• Histology tracking
• Surveillance - automatically bringing patients back for review
• Automated letter and label production
• Automated reporting configured to meet national requirements
• Dashboards - to track KPI's at a glance

Benefits

• Tracking of histology - ensuring results are chased and actioned
• Electronic triage - allowing clinicians to assess on the move
• Surveillance patients - automated triage 6/52 before review date
• Automated letter and label production - saving admin time
• Cloud based system - supporting remote working where possible
• Intuitive system, based on workflow, reducing the need for training
• System fully auditable to individual, date and time improving safety
• Scheduling to point system - improves productivity and utilisation
• System can be configurable to individual client need
• Reports configured to meet commissioner and national requirements

£3.00 to £5.00 a transaction

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rose@responsivehealth.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

874734470173822

Contact

Rose Bolton
07979771262
rose@responsivehealth.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance would normally be undertaken outside of normal working hours within the contract
• System requirements:
  • Supported web browsers include IE11, Chrome, Edge, Safari
  • Supported on Android (5.0+) mobile and tablet devices
  • Supported on iOS (8.0+) mobile and tablet devices
  • A PDF reader is required to open generated documents

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Technical and End user support for users - Monday to Friday, 08:00 to 18:00 excluding public holiday. Weekend support can be offered at an enhanced cost.; ; Responsive Healthcare will use all reasonable endeavours to provide technical support services in accordance with the following services levels:; (a) Critical issue resolution time – 4 business hours; (b) Serious issue resolution time – 6 business hours; (c) Moderate issue resolution time – 1 business day; (d) Minor issue resolution time – 3 business days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support can be accessed through CliniBooks EMS which uses 3rd party software (Freshdesk). ; ; The Service Provider will use all reasonable endeavours to provide technical support services in accordance with the following services levels:; (a) Critical issue resolution time – 4 business hours; (b) Serious issue resolution time – 6 business hours; (c) Moderate issue resolution time – 1 business day; (d) Minor issue resolution time – 3 business days
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite training, online training and user documentation for all our systems. At deployment we offer floor walking on site for the first 1 or 2 days of deployment where appropriate. All our systems have a training module so staff have the opportunity to put any training into practice. With any major version update, we will populate the training module so that staff again have an opportunity to familiarise themselves with the new changes.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Word
• End-of-contract data extraction: As part of our contract we commit to working with our clients to ensure appropriate data transfer can take place.
• End-of-contract process: On termination or expiration of a contract RHS promptly purge and destroy all Customer Confidential Information, and Customer Data contained in the ASP Infrastructure and Applications within 3 weeks and give a written undertaking through an officer of the Service Provider stating that this has occurred.; Should there be a requirement for data transfer the methodology would be discussed with the client. Depending on requirements there could be additional costs at £1000.00 per day

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile application offers the same level of functionality as the desktop service
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: Workflows and forms are fully configurable to meet any specific requirements. If any changes to the standard configuration are needed, Responsive Healthcare consultants will work closely with you during the implementation of the system to define and input these changes.; ; Letters templates, dropdown lists and KPIs can be configured by the Systems Administrator.

Scaling

• Independence of resources: With our cloud partner, Microsoft Azure, we are able to scale up to large volumes with ease so that user are unaffected when demand is high.; ; Responsive Healthcare Solutions technicians regularly monitor performance to identify any bottlenecks or issues that may affect performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Responsive Healthcare Solutions work closely with the client to obtain key performance metrics and ensure that the system can produce the routine reports that they require. ; ; Where there are national returns we produce reports in the format that the client requires so that client effort is more about checking accuracy rather than report configuration to meet national/local needs. The system produces DM01 and DID returns.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be exported into CSV/excel spreadsheet.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • HL7 Messaging
  • JSON
  • XML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • HL7 Messaging
  • JSON
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Responsive Healthcare Solutions will use reasonable endeavours to make the Services available 24 hours a day, seven days a week except for: planned maintenance and unscheduled maintenance performed outside Normal Business Hours, advance notice of which will only be given where reasonably practicable. ; ; Through our cloud partner, Microsoft Azure, we are able to offer 99.95% up-time on our application services and 99.99% on our databases. All of our servers are geo-replicated across 2 data centres in the UK ensuring high availability.; ; If an incident occurs which cannot be handled using normal procedures, a major incident will be declared and the Business Continuity Policy will be used to provide a framework for a response to the incident. An incident report will also be filed once the immediate situation is brought under control. There are currently no refund arrangements in place. Loss of service availability will be assessed on a case by case basis depending on the cause, extent and impact of the loss of availability. A root cause analysis will be performed, and practical steps to prevent further future service disruption will be put in place as part of policy.
• Approach to resilience: Databases will be hosted as an Azure SQL Server database.; Patient documents (such as referral letters, histology reports) will be stored on Azure Storage Blob.; Database backup files will be installed on a separate Azure Storage Blob.; The authentication database for managing users will be on a separate restricted virtual network. Only the applications services listed above, and the Service Provider will have direct access to the database.; Endoscopy databases and patient documents will be stored on a separate restricted virtual network.; Only the endoscopy application service, the Service Provider and the Customer will have direct access to the network.; The customer can connect and retrieve data from the network via a Site to Site VPN connection.; All data will be geo-replicated across the 2 UK datacentres.; All data will be AES256 encrypted at rest.; ; Each database will have maximum of 250GB of storage.; Each storage blob will have maximum of 250GB of storage.; ; Microsoft Azure SQL Server SLA Monthly Availability 99.9%; Microsoft Azure Blob Storage SLA Monthly Availability 99.9%
• Outage reporting: Responsive Healthcare Solutions utilises industry standard monitoring solutions which immediately alert our teams to a service outage. Contact with customers is made via telephone or email to agree contacts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All users are approved by the organisation/clients. Users must use organisation specific email. Role based system, agreed with client. Client responsible for removing/informing RHS re individuals as users.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: NHS Data Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Annually complete Data Security Protection Toolkit for NHS Digital; Cyber Essentials
• Information security policies and processes: Responsive Healthcare Solutions is a small organisation and any variance from our information security policies is very evident. The Technical Director approves access to systems within the company and individual access rights to the systems themselves. ; Our overarching Information Policy includes policies on password management, individual system policies, introducing new systems, information governance and data protection, information risk management, monitoring access, information breaches, transmitting patient data, clear desk policy, mobile computing, disposal of equipment. This list is not exhaustive.; New staff which would include contractors would be taken through the overarching policy and its contents and asked to sign their understanding. Policies are updated every year as part of the DSP Toolkit and staff are made aware of any changes. Where there is a change outside of the annual review, policy changes are made. RHS has Cyber Essentials.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All requests are logged via our support desk and issued with a unique reference number. This tracks the issue through to completion within the assigned team. Should the issue require software development effort, it is managed through our DevOps software. Servers and infrastructure are hardened in line with industry standard best practice. The environment and applications are tested for vulnerabilities, with any issues treated as faults and resolved appropriately.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Through our cloud partner, Microsoft Azure, our database are scanned and technicians are alerted to any issues on a weekly basis. RHS is immediately notified if data is accessed from an unknown location.; ; We annually perform penetration and security testing though an independent third-party. Results of the tests are resolved by making a development change or making configuration changes to the hosted platform. In either case, the fixes are made based on priority according to the nature of the software and hosting methods.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are identified immediately by our cloud partner, Microsoft Azure. ; ; In the event of a breach or security incident which relates to the customer or the infrastructure, the customer would be informed typically via phone call or via email. Remediation/action takes place immediately and all security incidents are logged.
• Incident management type: Supplier-defined controls
• Incident management approach: RHS does have systems and processes in place. Processes follow those set out by the Information Commissioner's Office. Depending on the severity of the incident, an individual would report to one of the directors. Incident would investigated. If the incident included data relating to a client (organisation using system) then the client would be informed. If the incident was serious then it could be reported to the ICO or through NHS reporting.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our software supports clinicians deliver a vital diagnostic service which helps to detect stomach and bowel disease to assist in the early treatment and diagnosis for patients. It captures key information, in real time, to ensure that clinicians have the information they need in their important work. Its intuitive scheduling system helps to ensure that patients are treated with the right diagnostic at the right time including following up on surveillance patients in a safe and secure manner. The system is designed on key patient pathways, automating all actions e.g. letter production, text reminding which free up the care delivery staff to spend time with patients. ; Our system not only helps the wellbeing of the patients managed but the wellbeing of staff, knowing that the system will manage the patient pathway and alert them to particular issues which require attention in a timely manner.

Pricing

• Price: £3.00 to £5.00 a transaction
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We can provide access to a trial area on request. The trial area will have full functionality. Access to the trial area will be limited to 30 days and entering actual patient data into the trial area is strictly prohibited.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rose@responsivehealth.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.