MEDMODUS BI LIMITED

Healthcare Business Intelligence

MedModus provide a comprehensive business intelligence platform and responsive analyst service supports to hospital trusts, individual hospitals and other healthcare organisations. Our deployments focus on helping organisations to deploy BI, but also the management processes that must be in place to drive better outcomes.

Features

• Comprehensive cloud-based healthcare BI portal with intuitive user interface.
• Embedded Microsoft PBI dashboards or other preferred visualisation technologies.
• Automated customisable paginated email reports in excel or pdf formats.
• Collaborative data model development plus hosting.
• Easy Excel/PBI access to data models for power-user report development.
• Flexible forms functionality for manual data capture.
• Integrated electronic meeting action and performance improvement project tracker.
• ISO27001 certification of all business processes and activities.
• Extensive in-house healthcare software development capability.
• Integrated ticketing management for support and analytical requests.

Benefits

• Access performance visualisations designed to embed a data-driven decision-making culture.
• Deploy fully customisable dashboards enabling a continuous improvement management process.
• Gain immediate insights for improving care quality and wait times.
• Receive insightful priority reports or alerts automatically by email.
• Integrate analytics-as-a-service offering to answer requests quickly and accurately.
• Intuitively navigate menus of dashboard content developed by healthcare experts.
• Implement performance management action trackers for sustainable results and benefits.
• Access quality, operational, HR and financial information across source systems.
• Capture data manually using highly flexible forms functionality.
• Collaborate with a responsive Team who work with front-line clinicians.

£30,000 to £120,000 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at deaglan@medmodus.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

927335582933321

Contact

Déaglán MagFhloinn
+353 1 443 4135
deaglan@medmodus.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Certain services may be switched off outside working hours for environmental, energy saving reasons. However, MedModus can fully customise this to meet customer's requirements. Refer also to MedModus Service Definition document.
• System requirements: A modern browser (Internet Explorer is not supported)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Technical User Support:; All priorities: Immediate acknowledgement.; Priority High: Considered Response* <3 hours, Resolution <24 hours.; Priority Medium: Considered Response* <24 hours, Resolution <72 hours.; Priority Low: Considered Response* <48 hours, Resolution <5 days.; ; Analytics as a Service User Support:; All Complexities: Immediate acknowledgment.; Complexity Low: Considered Response* <24 hours, Resolution <48 hours (faster if urgent); Complexity High: Considered Response*<48 hours, Resolution On-Time per agreed delivery date.; *Monday to Friday 8am to 5pm.; ; Note: SLA response times can reduce for certain critical clinical applications and is requirements dependant.; ; Refer also to MedModus Service Definition document.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Technical User Support Levels: High, medium, low priorities.; Analytics as a Service User Support Levels: High, low complexities.; Costs: Refer to MedModus SFIA rate card (Delivery and Operation).; Technical account manager or cloud support engineer available depending on support required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite Training: MedModus conduct onsite instructor-led group training sessions with users. These training sessions are hands-on. Each participant will have access to a computer and the MedModus’ BI platform. First, the instructor will demonstrate how to use the platform. Next, with the instructor’s assistance, participants will learn to use the platform themselves by completing a series of tasks. Online Training: MedModus also conduct one-on-one and group training sessions online. Like the onsite training sessions, these are hands-on and instructor-led. Online sessions can be used to train users who cannot attend the group sessions, or to refresh the skills of existing users. eLearning: MedModus can also deliver training content via on-demand online training courses that include videos and tests. User Documentation: All users will be provided with a MedModus BI platform user manual. This covers the concepts and skills taught in the training sessions and can be used by participants to refresh their skills. User guides are also embedded within the platform to improve ease of use. Learning Community: MedModus encourages participation in our customer learning community to ensure users have the opportunity to share and adopt best practices.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can request a copy of their data from MedModus when the contract ends. MedModus will send these users their data in a secure manner.
• End-of-contract process: The data of users will be provided to them upon request. This will not incur any additional cost. User data is cryptographically erased from MedModus infrastructure following the end of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The BI portal has been designed to be responsive for desktop and tablet use. Viewing the portal dashboard on certain mobile phones may not be optimal. A mobile phone application is part of our BI platform product roadmap.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: MedModus BI portal has an interface that allow users to view reports, dashboards and other performance content, including forms for data submission, based on their roles and access level. The BI portal works with technologies from a number of BI vendors including Microsoft Power BI, Tableau and Qlik.
• Accessibility standards: None or don’t know
• Description of accessibility: See prior response to 'Describe the service interface'. Also refer to MedModus BI Service Definition document.
• Accessibility testing: No interface testing has been conducted with assistive technology users to-date. MedModus are open to investigating further depending on customer requirements.
• API: No
• Customisation available: Yes
• Description of customisation: All report pages and the menu hierarchy are fully customisable. MedModus works closely with customers to customise the BI platform to meet their needs.

Scaling

• Independence of resources: MedModus monitors usage and workload of cloud resources and has a capacity plan in place. This includes up-scaling and out-scaling of resources as required.

Analytics

• Service usage metrics: Yes
• Metrics types: Persons defined by the customer have access to comprehensive BI portal usage statistics by user and by visualisation/report. Separate reports on analytics as a service requests and turn around time are also provided.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can access data in a number of ways: - Export directly from BI portal dashboards - Via patient level data export reports - Via MS Excel or MS PBI connections to MedModus data models
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • ETL processes
  • Excel
  • XML
  • Azure Data Factory (ADF)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: There is the option to enable access from only specific IP addresses.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: MedModus guarantees a 99.95% availability SLA. Any requests for refunds will be handled on a case-by-case basis but have never arisen to-date. However, we would expect to refund customers who experience prolonged availability issues caused by MedModus. In the event of a serious availability incident MedModus Business Continuity plan states a Recovery Time Objective (RTO) of <= 24 hours for BI products and services.
• Approach to resilience: All MedModus cloud services are hosted by Microsoft Tier 4 data centres which follow strict operational standards. Tier 4 datacentres are designed towards a customer SLA and service need of 99.995% availability. Microsoft designs and manages the Azure infrastructure to meet a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1, and SOC 2.
• Outage reporting: MedModus reports service outages via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: MedModus employs a role-based Identity and Access Management (IAM) framework.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Standards Institute.
• ISO/IEC 27001 accreditation date: 1/12/2021.
• What the ISO/IEC 27001 doesn’t cover: There are no exclusions in MedModus certified Statement of Applicability.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: MedModus operates comprehensive and cohesive Information Security Management Systems (ISMS) policies, procedures, processes and guidelines which are ISO27001 certified by the British Standards Institute (BSI). MedModus ISMS was established by and is governed by MedModus Compliance Office (CO) comprised of the CEO, CTO and the Internal Audit Co-ordinator. All MedModus employees, contractors, and where relevant, MedModus suppliers and customers must adhere to MedModus policies, procedures, processes and guidelines. All MedModus employees have access to and must read and pass comprehension quizzes on relevant ISMS policies, procedures and guidelines. To ensure policies are being followed, the CO conducts (i) regular, company wide topical and informative Information Security and focused IT awareness sessions, (ii) annual ISMS management reviews, including review of ISMS KPIs versus information security objectives, (iii) quarterly ISMS risk register reviews, (iv) bi-weekly CO meeting focused on: actions across all ISMS task lists, regular testing/meetings/document review pipeline, ISMS continual improvement opportunities, (v) regular ISMS internal auditing (vi) annual ISMS audit/assessment by BSI.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components of MedModus services, including hardware and software, configuration and dependencies are documented, tracked, and managed over their lifetime via ongoing review, consideration, and development of MedModus (i) customer licensing agreements, (ii) supplier agreements, (iii) policies, procedures, processes, and guidelines, aligned with new customer, regulatory, and legal requirements. As part of MedModus ISO27001 certified Change Management Process and Information Security Risk Management Procedure, MedModus CEO and CTO ensure that changes are assessed, impacts are identified and captured, and classified as high, medium, or low depending on the change impact and risk level. Changes are validated prior to go-live.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MedModus operates ISO27001 certified technical vulnerability management processes. Potential threats to services are assessed according to MedModus Risk Management Procedure including regular risk register reviews and Change Management Process. MedModus deploys: ‘Critical’ patches within 2 hours of availability, ‘Important’ patches within 2 weeks, and ‘Other’ patches within 8 weeks. Information on potential threats is obtained from multiple sources including but not limited to: regular monitoring of Azure Defender, regular user-access reviews, TrendMicro anti-virus deployment, BSI penetration testing, internal/external audits, employee/customer feedback, Disaster Recovery/Business Continuity Plan testing.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: MedModus identifies potential compromises via implementation of its Periodic ISMS Reviews Procedure outlining the multiple regular reviews and monitoring conducted to mitigate information security risk per ISO27001 recommendations. This includes the activities listed under vulnerability management plus monitoring of information processing facilities to detect deviations from MedModus’ Access Policy, internal/external user access, Azure AD/Microsoft 365 access, customer licensing and supplier agreements, and others. Monitoring outcomes are analysed, risk assessed per MedModus Risk Management Procedure, and where required remediation is implemented per MedModus Change Management Process in a timely manner based on service risk and impact.
• Incident management type: Supplier-defined controls
• Incident management approach: MedModus operates a pre-defined, ISO27001 certified, Information Security (IS) Incident Response Plan to appropriately respond to and manage incidents of all types, frequencies, and scale. It defines the roles and responsibilities of participants, key points-of-contact, characterisation of incidents, relationships to other policies/procedures, and reporting of requirements. The goal of the IS Incident Response Plan is to detect and react to information security incidents, determine their scope and risk, respond appropriately to the incident, communicate the results and risks to all stakeholders, and reduce the likelihood of incident recurrence. MedModus tests its IS Response Plan annually.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Wellbeing

  Fighting climate change

  MedModus’ approach to fighting climate change is two-fold, leveraging both Microsoft Azure’s sustainability commitments and our organization’s energy efficiency practices.; ; Microsoft Azure’s Sustainability Efforts; Our platform operates on Microsoft Azure, which has a strong focus on environmental sustainability. Key areas of their commitment include:; • Achieving 100% renewable energy use by 2025.; • Aiming to be water positive by 2030, replenishing more water than consumed.; • Targeting zero-waste certification by 2030.; • Ensuring net-zero deforestation from new construction.; A 2018 study found that using the Microsoft Azure cloud platform can be up to 93 percent more energy efficient and up to 98 percent more carbon efficient than on-premises solutions. Azure, as a part of Microsoft, has been 100 percent carbon neutral since 2012. This means they are removing as much carbon each year as they emit, either by carbon removal (carbon offsetting) or reducing carbon emissions.; Energy Efficiency Practices; To further enhance sustainability, we propose optimizing data centre demand for the solution:; In line with our current practice, we suggest making the platform available during core operational hours (6 AM to 11 PM) and switching off unnecessary servers and services outside these hours. This practice reduces the demand on Microsoft data centres, aligning with energy efficiency goals. We would of course need to consider this approach for data sets and related alerts you deem to be needed 24 x 7 if required.; ; Travel and commuting: Where possible MedModus avoid travel by road and use online meeting tools for interactions including training, support and meetings. We also encourage remote working to reduce commuting emissions. For necessary travel, we prefer public transport, car-pooling and low-emission vehicles. ; ; Eco-friendly Office Practices: we are a paperless first company and encourage our customers not to print the reports and visualisations we develop for them.

  Covid-19 recovery

  Business intelligence (BI) solutions in hospitals can extend their benefits beyond hospital walls to help local communities manage and recover from the impact of COVID-19 in various ways:; Resource Allocation: Data from the MedModus BI solution can help local governments allocate resources effectively based on real-time data on COVID-19 cases, hospital admissions, and healthcare capacity. This includes distributing medical supplies, deploying mobile testing units to areas with high infection rates, and coordinating vaccination clinics to reach underserved communities.; Education and Awareness Campaigns: BI solutions can identify demographic groups that are disproportionately affected by COVID-19, such as elderly populations, racial minorities, or low-income communities. Local authorities can use this information to tailor education and awareness campaigns to address specific health disparities and promote preventive measures like mask-wearing, social distancing, and vaccination.; Community Health Interventions: The MedModus BI solution can support targeted interventions to address health disparities and social determinants of health within local communities. For example, hospitals can collaborate with community organizations to provide healthcare services, mental health support, and social services to vulnerable populations affected by the pandemic.; Monitoring and Compliance: BI solutions can monitor compliance with public health guidelines and regulations, such as mask mandates and capacity limits for businesses and public gatherings. By tracking data on compliance levels and identifying areas of non-compliance, local authorities can enforce regulations more effectively and mitigate the spread of COVID-19.; Long-Term Planning and Preparedness: The MedModus BI tool can provide data which can help local communities develop long-term plans for pandemic preparedness and response. By analyzing lessons learned from the COVID-19 pandemic, communities can identify areas for improvement in their healthcare systems, emergency response protocols, and public health infrastructure to better prepare for future health crises.

  Wellbeing

  MedModus’ Business intelligence solution in healthcare organisations can significantly improve health and wellbeing in many ways:; Enhanced Patient Care: Healthcare organisations can use the information provided by MedModus’ BI tool to analyze patient data to identify trends, patterns, and risk factors associated with various medical conditions. This enables healthcare providers to deliver more personalized and proactive care, leading to better health outcomes for patients.; Efficient Resource Allocation: The MedModus BI platform help scheduling staff optimize resource allocation within hospitals, ensuring that patients receive timely and appropriate care. This includes managing staff schedules and optimizing bed and other capacity to reduce wait times and improve patient satisfaction.; Population Health Management: BI tools can analyze population-level health data to identify trends, disparities, and public health risks within communities. This enables hospitals to develop targeted interventions and public health programs to address the underlying determinants of health and improve population health outcomes.; ; MedModus’s BI solution can facilitate community integration through:; Community Health Needs Assessment: BI tools can analyze population health data to identify the specific health needs and priorities of the local community. By understanding the unique challenges and disparities faced by community members, hospitals can tailor their services and programs to address these needs effectively.; Targeted Outreach and Engagement: BI solutions can help hospitals identify high-risk populations and target outreach efforts to engage community members in preventive care, health promotion activities, and screenings. ; Collaborative Care Coordination: BI solutions can facilitate care coordination among healthcare providers, community organizations, social services agencies, and other stakeholders involved in supporting patients' health and wellbeing. By sharing patient data securely and efficiently, hospitals can ensure continuity of care and provide holistic support to patients beyond clinical settings.

Pricing

• Price: £30,000 to £120,000 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at deaglan@medmodus.com. Tell them what format you need. It will help if you say what assistive technology you use.