EIDO HEALTHCARE LIMITED

EIDO Educate Consent eLearning

EIDO Educate is a consent training course. It is developed and maintained by leading law experts, and further enhances EIDO’s role as the partner of choice for consent risk management. The course utilises problem-based learning and self-assessment questions to steer learners towards a full appreciation of informed consent.

Features

• Multi-device access via any modern browser
• Fully managed and cloud-hosted, or onsite installation options
• SCORM compliant
• Reports into hospital Learning Management Systems
• Authored by a UK medico-legal expert
• CPD point accredited by ASGBI and CPD Certification Service
• Fast-track revalidation for returning users

Benefits

• Ensure compliance against hospital training targets
• Flexible eLearning structure for all staff grades
• Fit learning around work schedule using modular access
• Core module for all staff, specialist modules for focussed learning
• Updated annually with latest guidance and decisions from the courts
• Contains reading materials, pictures and quizzes to ensure user engagement

£2,500 a licence

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@eidohealthcare.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

917378121119553

Contact

Sam Hawkes
0115 878 1000
info@eidohealthcare.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: A knowledge base and help articles are provided, but direct staff support is provided by the Trust. Planned maintenance schedule notified in advance.
• System requirements:
  • Modern web browser
  • SCORM compliant Learning Management System for ESR integration

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Support - Available Monday through Friday, from 9 AM to 5 PM. Submit tickets via email or our website.; Enhanced Support - Accessible 24/7. Submit tickets through email, our website, or by phone.; All support levels include access to a knowledgebase for training and solutions to common issues.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A project manager will be assigned to develop an implementation plan alongside the Trust, ensuring identification and support for all essential staff. The Trust's helpdesk personnel will receive assistance through instructional videos and resources, along with onsite training sessions. End user staff will utilise a video-enhanced knowledge base, access online demonstrations, and participate in group training sessions. Additionally, a dedicated account manager will conduct tailored training sessions to facilitate the service launch.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The data from this service can be directly fed into the hospital's LMS system. As a result, by the conclusion of the contract, there should be no need for further data extraction, as all necessary documents will already be in the hospital's possession.; For those using the cloud-hosted option, training data is exportable in standard industry database formats.
• End-of-contract process: A date will be agreed with the Trust as Data Controller to end the data processing agreement. On this date, all identifiable data held by EIDO is purged and the account deactivated. No staff member will be able to login. If using the Trust-hosted version, confirmation of the removal of the training course from internal systems will be required.; Prior to this date EIDO will work with the Trust to ensure all data has been extracted in CSV and PDF format. Direct database extraction can be supported subject to potential cost which will be agreed in advance.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Target buttons and text are larger on mobile devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Staff end-users access the service through individual learning modules where they can reach learning objectives, course content, self-test materials, and the final assessment.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: An internal testing programme ensures each aspect of WCAG 2.1 is met.
• API: No
• Customisation available: No

Scaling

• Independence of resources: If using the Trust-hosted version, there is no impact on the service delivery caused by demand. If using the EIDO-hosted version, the service is hosted on an advanced UK-based AWS cloud with active monitoring and load balanced configuration. The infrastructure will auto-scale when load thresholds are exceeded.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: Encryption of all physical media.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: By CSV and PDF file.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF/A
• Data import formats:
  • CSV
  • Other
• Other data import formats: PDF/A

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee a 99.9% uptime, excluding predetermined and mutually agreed upon maintenance periods. Performance penalties are established on an individual basis with each customer at the time of finalising the contract and service level agreement.
• Approach to resilience: The solution is configured in a High Availability configuration, using load balanced pods to manage users at scale. The solution is hosted on AWS and spread across three availability zones, meaning two zones can fail and the system is still available.
• Outage reporting: We provide a system status web page, which provides updates on changes in system status. Relevant users can subscribe to notification from this service in order to be proactively informed of outages and resolutions.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: In this scenario, the user is the member of hospital staff who need to access the service. The user must either authenticate using a username and password, then a 2FA challenge. Or access via Single Sign On from a federated client directory.
• Access restrictions in management interfaces and support channels: The service uses role based permissions within the customer dashboard. Certain functionality is restricted to Admin roles only. Staff authorised by the Trust are provided with direct support access to our ticketing system.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: There is no specific management interface for the customer to use - role based access through the one dashboard will show admin options for those users with an admin role.; Superuser access for EIDO to administrate the platform is through a separate dashboard, with enforced 2FA managed access controls.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AWS certification for ISO/IEC 27001:2013 is verified by EY CertifyPoint
• ISO/IEC 27001 accreditation date: 22/03/2022
• What the ISO/IEC 27001 doesn’t cover: EIDO internal processes and policies are currently being brought into compliance with ISO27001 and certification should be achieved by the end of 2024.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: The AWS cloud infrastructure is ISO 27001 certfied. EIDO/the service has DSP Toolkit, DTAC, ISO 31000 and Cyber Essentials Plus certification.
• Information security policies and processes: Information Security is controlled by internal policies and procedures owned by board level staff. EIDO's information security group meet monthly to review performance against policy and any non-conformance is reported and remedied.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All assets are written out using CloudFormation and this is kept in a code repository. These files contain all configuration directives and full change control is applied.; All new code is peer reviewed before merged into the code base. The cloud infrastructure is also written in code using CloudFormation which is also peer reviewed before deployment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: When Server/OS/Database updates and patches are released, these are automated by the infrastructure for minor point updates and are automatically installed overnight.; Major updates and patches are merged into the product deployment pipeline.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Automated monitoring is performed by intrusion detection software. Alerts are sent if there is a potential compromise and it is investigated immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Users report incidents through our support desk. Incidents are investigated by the appropriate person. Incidents related to data are reported to our DPO in case actions are required in that regard. Customers are notified of incidents that might affect them through our system status page and alert service. All incidents are documented and the reports are available on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We have an environmental management policy in place, readily accessible to all via our intranet. We recognise our activities influence the local, regional, and global environment. We are therefore committed to continuous improvements in environmental performance and the prevention of pollution. We aim to achieve our Net Zero Targets by 2045 via our Carbon Reduction Plan We exploit technologies which are environmentally friendly as much as possible we supply information in electronic format and make use of web-based delivery systems. In administrative activities, we limit as far as possible the use of paper. Employees are encouraged to be paper free and sign electronically where appropriate. All employees are fully remote and work from home, from when they join the organisation. If our employees opt-in to the company car scheme, we will always encourage them to opt for either a full-electric EV or Hybrid company vehicle. EIDO will make a contribution to the EV charger installation costs, reimburse the cost of car insurance, for opted-in and opted-out employees, up to a maximum of £900pa. Financial support is available to employees choosing to opt-out of the company car scheme, by providing an opted-out monthly car allowance as required by their role. We have increased our full-electric fleet by adding a fourth full-electric vehicle. The Directors have responsibility for policy development, coordination, and evaluation of performance. We strive to: -comply with the requirements of environmental legislation and approved codes of practice. -assess the environmental impact of historic, current, and future operations. -promote recycling and the use of recycled materials, while reducing consumption of all raw materials, energy, and supplies, raise awareness, encourage participation, and train employees in environmental matters. -expect similar environmental standards from suppliers and contractors. -assist customers and the local community to use products and services in an environmentally sensitive way

  Covid-19 recovery

  In response to the COVID-19 pandemic, we have implemented a comprehensive strategy to aid recovery and ensure the safety of our employees. We have provided support through the continuation of remote working, the increased use of Microsoft Teams for internal and external meetings. Through the implementation of Covid-19 safe working methods when we had access to our temporary office during the Covid-19 Pandemic. We currently don’t have a temporary office, all staff work fully remote. Through delivering trusted patient consent information digitally. This decision not only prioritises the health and safety of our staff but also contributes to the broader societal effort to curb the spread of the virus. All employees are fully remote, working from home from day one when they join the organisation. All employees who undertake business travel as part of their role, have the option to opt-in to the company car scheme we actively promote this scheme and all staff who do opt-in are encouraged to choose either a full-electric or hybrid company vehicle. During the pandemic, there was an increase in the use of Microsoft Teams by team members across the organisation. Company car travel was reduced during the pandemic, resulting in annual anld contracted mileage allowances being reduced. This resulted in significant cost savings. We have a company sick policy that supports all employees to recover from periods of sickness. All employees including full-time and part-time staff have access to company sick pay. Our company sick and compassionate leave policies support the physical and mental health of our employees. Employees are encouraged to actively keep in contact and speak to their line managers during their period of sick leave about how recovery is progressing, and if there are any appropriate adjustments to workday start/end hours and/or working days that need to be made.

  Tackling economic inequality

  EIDO is committed to tackling economic inequality, we aim to do this through fair pay practices, employee development, diversity and inclusion initiatives, and impactful community outreach. We believe in creating opportunities for all, driving change from within, and contributing to a fairer society. We are committed to being an equal opportunities employer and promoting equal opportunities in employment. We have an Equal Opportunities Policy in place included in our staff handbook. The policy sets out our approach to equal opportunities and the avoidance of discrimination at work. It applies to all aspects of employment with us including recruitment. This commitment extends beyond the company, with a pledge to only do business with partners who share the same values. We invest in employee development and upskilling by providing training and educational opportunities. During their employment, staff will be required to complete various in-house training courses which the company will provide. Employees will be notified of any training course they are required to complete which will be paid by the company. Employees are encouraged to speak to their line manager about training opportunities and their relevant training requirements, and the course they are interested in taking. The training will be paid by the company. We invest in local communities by choosing local suppliers where applicable. This helps to create opportunities and stimulate local economic growth. We will always strive to choose suppliers that hold the same values as EIDO. We have an Employer-Supported Volunteering Policy. Employees can take paid time off work to volunteer. One of the ways in which we encourage staff to help tackle economic inequality is to upskill others by volunteering to deliver workshops, mentoring or schools career talks. We understand the significant role we play in tackling economic inequality and will continue to our initiatives to do so.

  Equal opportunity

  We are committed to being an Equal Opportunities employer and we have an Equal Opportunities Policy in place. We are in the process of exploring various avenues that will allow us to commit to becoming a ‘Disability Confident’ employer. This commitment is not just a label, but a reflection of our dedication to creating an inclusive and accessible environment for all. We have identified five key actions that we will need to undertake to achieve this goal. Firstly, we will ensure our recruitment process is inclusive and accessible, providing equal opportunities for all applicants. Secondly, we will actively communicate and promote job vacancies to reach a diverse pool of potential candidates. Thirdly, we will offer interviews to applicants with disabilities, ensuring they are given fair consideration. Fourthly, we will anticipate and provide reasonable adjustments as required, ensuring our workplace is accommodating to all. Lastly, we will support any existing employee who acquires a disability or long-term health condition, helping them to continue their work. During their appointment, employees are required to complete various in-house training which the company will provide. Employees are notified of any training they are required to complete, paid for by the company. Employees are encouraged to speak to their line manager to discuss any training course that they are interested in taking relevant to their roles. We are a Living Wage Foundation accredited employer. Our commitment to this accreditation extends to all employees, contractors, staff and workers in the organisation. Our company is committed to eradicating Modern Slavery. We recognise the importance of maintaining ethical business practices and we perform due diligence on our new suppliers and are dedicated to ensuring our operations are free from any form of exploitation. We believe in transparency, fairness, and respect for all individuals involved in our business operations.

  Wellbeing

  EIDO Healthcare takes a proactive approach to the wellbeing of its employees, through the active encouragement of taking appropriate breaks from their workspace as required and as their schedules allow. We provide all employees access to an Employee Assistance Program (EAP) provided through our Life Assurance (DIS) employee benefit. Through this programme, employees can access services such as wellbeing, financial and mental and physical wellbeing topics. Confidential help and support can be accessed by them via a 24/7 support phone line. Wellbeing resources are also available via an online portal, which employees’ access by downloading the related health and wellbeing app. EIDO has been involved in multiple events and initiatives to show our support to wellbeing. One initiative we have been involved in was the participation in a step challenge to raise money for two charities. Employees took part raising a sum of money for two good causes. In late 2023/early 2024 we sponsored one of our own team members in her bid to row across the Atlantic Ocean as part of the ‘World’s Toughest Row’, raising funds for Macmillan and Prostate Cymru. We encourage our staff members to take volunteering days throughout the year which our staff use to volunteer or raise funds for charities such as Air Ambulance. During the COVID-19 pandemic employees were encouraged to catch up with fellow team members via virtual coffee breaks. Employees were also encouraged to participate in whole team virtual quizzes that were regularly held, ensuring team members were communicated with socially to limit the effect on their wellbeing. A WhatsApp group was setup for team members to share social non-work-related content including hobbies, interests and topical news items. Our Chief Executive Officer actively engages with and collaborates on the delivery of relevant projects with business communities at a national level.

Pricing

• Price: £2,500 a licence
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial of the service is available which is delivered in a ‘web-only’ interface. This allows easy access to review the course material with very little IT work by the customer. Recommended trial period 1-2 months depending on size and scope of Trust pilot.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@eidohealthcare.com. Tell them what format you need. It will help if you say what assistive technology you use.