BERING LIMITED

Brave AI

Brave AI is a Population Health Management (PHM) platform. Brave uses Machine Learning to integrate and rapidly analyse routinely-collected health and social care data to empower patients and clinical teams to create the most appropriate plan of action for delivery of proactive anticipatory care.

Features

• Advanced risk stratification models with bespoke configurations
• Custom service interfaces and dashboards for clinical teams
• Integrations with Electronic Medical Record and Primary Care Systems
• Customised for GPs, PCNs, CCGs, CSUs, and ICSs
• Real-time analytics and reporting
• Data integration from wearables, sensors and apps
• Geographical mapping and support for public health analysis
• Interactive cohort building and population segmentation
• Support patient facing digital services
• Expert consultancy, data analysis, implementation, and training

Benefits

• Analyse populations and case find patients for anticipatory care
• Identify and understand unwarranted variations in care delivery
• Enable proactive care through Allied Health Professionals
• Understand drivers for care and service demand
• Identify gaps in care
• Combine patient-monitoring with AI-assisted decision support for early intervention
• Deliver operational efficiencies by reducing need for face-to-face contact
• Strengthen relationships, leadership and collaborative working
• Prioritise where teams can focus to make an impact
• Open Platform with developer portal. No vendor lock-in

£5,000 to £25,000 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at idrozdov@beringresearch.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

964135910954981

Contact

Ignat Drozdov
020 7487 0460
idrozdov@beringresearch.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: The service is only available over the N3 and HSCN networks. Access to patient identifiable information is only available to health and care teams. We do not provide access to underlying data structures for security reasons. No information regarding dissented patients and sensitive conditions is held.
• System requirements:
  • Users must have an N3 or HSCN connection
  • The buyer is responsible for completing NHSD DARS application
  • The buyer is responsible for performing privacy impact assessments
  • The buyer must support practices with signing data processing agreements
  • The buyer must enable the IG process and lawful requirements
  • Minimum supported browsers: Internet Explorer v10, Chrome v50, Firefox v96

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The Bering service desk is available Monday – Friday between 9am – 5pm. All incidents and contacts are recorded on service desk software with agreed priorities.; ; Our service levels for incidents are as follows:; ; - Critical; resolved with 4 hours; ; - High; resolved within 1 day; ; - Medium; resolved within 3 days; ; - Low; resolved within 15 days; ; - Non-urgent (information); resolved and closed within 30 days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Technical Account Manager is provided.; ; Our support levels are described as follows:; ; - Critical; resolved with 4 hours; ; - High; resolved within 1 day; ; - Medium; resolved within 3 days; ; - Low; resolved within 15 day; ; - Non-urgent (information); resolved and closed within 30 days
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: To support customers we offer tailored training for the Brave AI Platform which can be delivered remotely or on premise.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: An option will be offered to the customer to export certain historic data items from the system (separately chargeable fee may apply). This will be offered as a database snapshot or CSV file export.
• End-of-contract process: Upon end of the contract, all data associated with the customer (e.g. patient records, historic data) will be removed from the system. Certificates stating that this deletion has happened will also be made available. This service is included in the price of Brave AI. Where the option to export additional historic data items is taken up, this may be chargeable.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile experience is fully featured but interfaces are optimised for smaller form factor.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Secure service interfaces in the form of clinical dashboards are provided for healthcare professionals.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Manual and automated interface accessibility testing has been undertaken but not specifically for users of assistive technologies.
• API: No
• Customisation available: Yes
• Description of customisation: Almost any element of the Brave AI platform can be customised to meet specific customer requirements. Customisation is available to support bespoke risk stratification, on-line reporting, or to provide extended help desk cover.; ; Customisation requirements are typically defined through early stage work in determining user needs and organisational goals. For a live service, further customisations can be considered in response to analytics, user feedback and product enhancements.

Scaling

• Independence of resources: The performance of the service is actively monitored. If users are making demands on the servers which affects other customers on the same platform, Bering will work with the hosting provider to increase system resources to mitigate any effects.

Analytics

• Service usage metrics: Yes
• Metrics types: Brave AI implements an action audit trail and database monitoring tools. We monitor service usage and performance and recommend where service improvements could be made. Brave AI provides online reports on who has used the tool and which functions are being used. These reports can be accessed at anytime to give real-time information on usage.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Approach can be designed to suit customer requirements.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We provide 99% uptime excepting agreed service outages (e.g. to implement new customer features). Users are refunded according to the terms of existing Service Level Agreements.
• Approach to resilience: The data centres we use to host Brave AI are N+1 throughout. This means that all parts of the physical architecture have backups to ensure maximum reliance.
• Outage reporting: The service is monitored by our product specialists. Any downtime, planned or otherwise, is reported to all customers with expected resolution times. Metrics are published to users through email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management functions are restricted to authorised personnel and need specific access. Support channels are also restricted to authorised customers.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: NHS Data Security and Protection Toolkit
• Information security policies and processes: Bering has a duty to respect and protect information. We have achieved Cyber Essentials accreditation and are in the process of achieving compliance with ISO27001.; ; We have developed a rigorous information security management system (ISMS), which sets our approach to managing information security. The system is approved by top management and communicated to all employees and contracted third parties.; ; Security policy procedures, technologies and audit logs are reviewed annually to ensure a continuous improvement in overall security framework.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management is used to evaluate, control, and minimise operational risk and cost, as well as maintain the established product standards and quality.; ; Our change controls:; ; establish the purpose, category and nature of changes; determine the potential consequences of changes; assess resource requirements for the changes; ; We use configuration management to establish and maintain consistency in our software’s performance. This includes configuration management for:; ; Project/work management; Source control; Build/test/release pipelines; Software packaging
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Wherever Brave AI is hosted we require the infrastructure is protected from external threats by an industry leading firewall which is actively updated against new vulnerabilities. The operating systems of our application and data servers are also regularly updated to guard against any new threats. Lastly our software and built-in access controls undergo regular security and penetration testing. Critical updates are deployed within hours and important and other patches deployed within weeks.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Brave AI audits access to the system and tracks users actions within the system. This information is accessible to users with appropriate security permissions via online reports and analysis. Bering also perform regular audits of system usage. If any compromise was found the threat would be immediately evaluated to understand the current impact to the system. Our response would then proportionate to the threat level. We also require any hosting partner to provide industry standard defences against malware and hacking attacks.
• Incident management type: Supplier-defined controls
• Incident management approach: Bering's incident management process is based on the ITIL incident management process which we have modified to fit our needs. Incidents are captured, prioritised, and tracked to resolution. Management and technical escalation processes are defined, supported by industry standard incident management software solution. Performance against SLAs is reviewed and reported.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Bering strives to limit the carbon impact of our AI technology, contributing to the NHS Net Zero initiative. We achieve this by training our models on low-energy hardware, whilst systematically monitoring the energy and carbon outputs of AI experiments. An in-house “smart” job scheduling system enables us to dynamically provision available compute resources only when they are needed. Finally, we have developed a proprietary compression algorithm that deploys slim versions of our AI models into production, drastically reducing hardware requirements.; To estimate the energy use and the concomitant environmental impact, all our study designs go through Emissions Calculator (https://mlco2.github.io/impact/) by Lacoste A et. al. This allows us to evaluate our carbon footprint on an ongoing basis.
• Covid-19 recovery:

  Covid-19 recovery

  Brave AI offers insights that support Covid-19 recovery. Brave identifies not just the highest-risk individuals (top 2%), but surfaces unexpected risk and complexity across the entire population. Advanced risk stratification accelerates preventative programmes, which proactively engage citizens at risk of poor health outcomes.

Pricing

• Price: £5,000 to £25,000 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Access to a demonstration system of Brave AI with test data. Provides full functionality of 'live' platform. Remote e-mail/webinar support available for the duration of the trail period.; ; Bespoke tailoring/Bering consultancy NOT included in the trail.; ; Trial service typically available for a one-month period.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at idrozdov@beringresearch.com. Tell them what format you need. It will help if you say what assistive technology you use.