OGMA THERAPY LTD

The Ogma Assistant

The Ogma Assistant helps speech and language therapists by automating clinical notes. Therapists can add the assistant to their teletherapy calls—or upload recordings—and the assistant automatically generates reporting notes in various formats, SOAP, ROCAIP, onward referrals, parent summaries, and more. It saves therapists an estimated 3 hrs per client!

Features

• Saves time by automatically generating reporting notes
• Real-time note generation
• Organises reporting notes and clients
• Seamlessly handles informed client consent

Benefits

• Streamlines therapy session documentation, saving hours of work
• Maintains consistency of note-taking across therapists
• Creates easy-to-understand templates for users
• Provides long-term documentation with notes and transcripts

£120 to £120 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at luke@ogmatherapy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

917418526646544

Contact

Luke Bennett
+44 7760 578238
luke@ogmatherapy.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The Ogma Assistant does not have any constraints. It is a hardware-agnostic web application which users can access from any computer connected to the internet. Our service level agreement guarantees >99.99% uptime.
• System requirements:
  • Users must have a computer with access to the internet.
  • Users must have a phone multi-factor authentication.
  • Users need a working email address to sign up.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to questions within 48 hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Basic Support; Description: Access to an online knowledge base and email support with a guaranteed response within 2 business days. Ideal for non-urgent, general questions about the Ogma Assistant's features and functionality.; Cost: Included with the purchase of the Ogma Assistant service.; Technical Account Manager or Cloud Support Engineer: Not included at this level.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide online training in the form of informational videos and tutorials (user documentation). We can also provide training through our AI Hacks for Speech and Language Therapists workshop series, which can be delivered online or onsite.
• Service documentation: No
• End-of-contract data extraction: To extract report notes from the Ogma Assistant, users can simply copy and paste reports from the Assistant to their preferred text-editing program. Alternatively, users who wish for all their data to be bulk extracted can email info@ogmatherapy.com.
• End-of-contract process: At the end of the contract, users lose access to the Ogma Assistant.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The Ogma Assistant offers a user-friendly interface designed for simplicity, ensuring speech and language therapists can navigate the service with ease. Upon logging in, users are greeted with an intuitive dashboard that guides them through obtaining parent consent with a clear, step-by-step flow, ensuring all legal and ethical requirements are met. The interface includes a straightforward portal for uploading session recordings, allowing therapists to quickly and securely upload files. Additionally, the platform features organised screens for managing notes from previous sessions and patient information, enabling therapists to easily access, review, and update patient records.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We used a Figma plugin, Simple WCAG 2.1 Color Contrast Checker to verify our accessibility and contrast ratio of 4.96, meeting at least a WCAG AA standard.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Yes. The Ogma Assistant uses modern cloud infrastructure that scales seamlessly with demand, ensuring that users are not affected by overall demand on the Ogma Assistant. To ensure this is the case, we run comprehensive periodic load testing and set the pass criterion to 10x expected traffic without diminished response time. We have processes in place to scale architecture should the Assistant ever fall below this robust standard of excellence.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export reports simply by copy and pasting from the Ogma Assistant to their preferred text editing program. At the end of a contract, users can also request a bulk download of their data by emailing info@ogmatherapy.com.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats:
  • MP4
  • M4a
  • MP3
  • Flag

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our Service Level Agreement (SLA) between Ogma Therapy and our clients guarantees we commit to a monthly uptime percentage of 99.99% for the Service, calculated on a 24/7 basis. Scheduled maintenance shall not count as downtime. Ogma Therapy will give our Client's a minimum of 48 hours' notice for all scheduled maintenance. If the Service availability falls below the committed uptime percentage of 99.99%, the Client will be eligible for a prorated service credit on their next billing cycle. Service credits will be calculated as a decrement of 5% of the Client's monthly service fee for each 1% or part thereof by which actual uptime falls below the committed uptime percentage, up to a maximum of 100% of the monthly service fee.
• Approach to resilience: More information is available on request.
• Outage reporting: Our service reports outages by sending email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: The Ogma Assistant does not provide any management level access so privilege escalation is effectively impossible. All management interfaces are accessed through ring-fenced secure 3rd party cloud infrastructure providers (e.g. AWS) protected by secure multi-factor authentication processes. Support is provided by email and phone so is also ring-fenced from the application, making privilege escalation impossible from within the Ogma Assistant.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: At Ogma, our approach to security governance is structured around rigorous policies and comprehensive oversight to ensure alignment with industry best practices and regulatory standards. Our governance framework is underpinned by strong leadership from our security governance task force, which includes key stakeholders and our third-party Data Protection Officer. Together task force sets security policies, oversees their implementation, and ensures compliance. Regular audits reinforce our commitment to security. Training and awareness programs are continuously updated to reflect the latest security trends, ensuring all employees are equipped to uphold our high security standards.
• Information security policies and processes: For Ogma, our information security policies and processes are built to ensure the confidentiality, integrity, and availability of all our data and services.; ; Policies and Compliance:; ; We maintain a comprehensive suite of information security policies covering areas such as data protection, access control, incident response, and risk management.; ; Regular audits and reviews are conducted to ensure compliance with these policies.; ; Reporting Structure:; Our Chief Technology Officer (CTO) oversees the information security task force and program.; ; The CTO reports directly to the CEO and informs the board of directors about security matters.; ; Ensuring Compliance:; All employees undergo regular security training to understand their roles in maintaining security.; ; We employ continuous monitoring and logging to detect policy violations.; Incident response procedures are in place to handle any security breaches, ensuring that they are managed promptly and effectively.; Through these measures, we ensure that our security policies are not only comprehensive but also rigorously followed, maintaining high standards of security for all data and operations at Ogma.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to the Ogma Assistant code base are automatically tracked through a modern collaborative software development and version control system that integrates tickets and issues directly with relevant code updates (Github). Changes to cloud deployment infrastructure (AWS) are tracked using cloud logging functionality. Ogma periodically conducts security reviews through annual crest-certified penetration testing and immediately fixes any OWASP top ten vulnerabilities that score > 7 using the CVSS v3 scoring framework.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process involves regular automated scanning and external penetration tests aligned with the OWASP top ten vulnerabilities, at least annually or with every major software launch, in accordance with DTAC requirements. We prioritise fixing critical and high-priority threats, dedicating all engineering resources to patch deployment through our secure CI/CD infrastructure. Information on potential threats is sourced from CREST-certified external penetration tests and continuous monitoring of security advisories and threat intelligence feeds to ensure timely and effective response to vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: At Ogma, we use advanced security information and event management ; systems for continuous monitoring to detect anomalies indicating potential security compromises. This includes third party CREST-certified penetration testing. Our incident response team responds immediately to contain and mitigate threats. Supported by a third-party Data Protection Officer overseeing data protection policies and impact assessments, we ensure compliance with the CSA CCM v3.0 framework. Responses to incidents are swift, aiming to initiate action within minutes. Post-incident, we review processes for continuous improvement, enhancing our readiness for future challenges and maintaining a secure environment for all users.
• Incident management type: Supplier-defined controls
• Incident management approach: At Ogma, our incident management approach is anchored in agile methodologies, enabling us to quickly track incidents, assess their criticality, and implement solutions. We deploy fixes immediately through our continuous integration and continuous deployment (CI/CD) pipeline, ensuring minimal disruption to our service. Users can report incidents via email. In response, we provide detailed incident reports through email, update our website, and, when necessary, post on our social media channels to keep all stakeholders informed. This proactive and transparent communication strategy ensures that our users are well-informed and supported throughout the resolution process.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  The provision of fast, effective speech and language therapy is essential for young people who suffer from atypically developing speech and language. If they don't get necessary therapy early, the economic effects can reverberate for the rest of their lives, leading to decreased literacy, falling behind in school, and decreased professional success. Whilst private speech and language therapy is an option, it may not be affordable for lower income families. At the same time, the NHS currently has 65,000 patients on the waiting list for speech and language therapy, and wait times can be up to two years. The Ogma Assistant is designed to address this issue by drastically reducing the administrative time speech and language therapists spend writing standard medical reporting notes. By using AI to streamline this process, the Assistant can save as much as 30% of therapists' time, freeing them see more patients. This gives low- and middle-income children increased access to the speech and language therapy they need to grow and thrive in life.

Pricing

• Price: £120 to £120 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full access to the Ogma Assistant is provided free of charge for a 30 day period.
• Link to free trial: https://assistant.ogmatherapy.com

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at luke@ogmatherapy.com. Tell them what format you need. It will help if you say what assistive technology you use.