VITALHUB UK LIMITED

MyPathway

MyPathway is a digital platform, connecting patients / carers to clinical teams via a patient app and a clinical portal. MyPathway automates key steps in each clinical pathway that enables patients to manage appointments, access self-help
resources, complete questionnaires, and record regular medical information remotely.

Features

• Automated clinical patient platform
• Remote monitoring
• Appointment management
• Supported self-management
• Digital triage
• Self Referral - Patient Initiated Follow Up
• Waiting list management
• Clinical and administrative validation
• Digital letters
• Customisable pathways for automation

Benefits

• Monitoring of patients without the need for appointments
• Two-way communications with patients/ carers and their care teams
• Design individual questionnaires
• Collect clinical data for population health management and research
• Bulk administration capabilities for patient worklists, mail outs and communications
• Ability to recognise early warning signs in patient conditions
• Encourage self management of long term conditions

£10,000 an instance

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.garrod@vitalhub.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

970948374384850

Contact

Mr. Colin Gqrrod
+442045833142
colin.garrod@vitalhub.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: The application can be used in conjunction with a patient Administration System (PAS) or an Electronic Patient Record (EPR). It may also be used stand-alone but is commonly fully integrated with the above for best use.
• Cloud deployment model: Hybrid cloud
• Service constraints: The service is constrained by the client's available up/downstream bandwidth.
• System requirements:
  • The solution requires use of modern web browsers
  • Patients may also use the system via an installed App
  • Internet connectivity with available up/downstream bandwidth

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support requests are constantly monitored by the support team.; Our standard terms of business for support queries are:; Urgent (P1): 2 Hour response; High Priority (P2): 4 Hours response; Medium Priority (P3): One working day response; Low Priority: (P4): One working day response; Normal working hours (Mon-Fri 09.00 - 17.30). Out of hours or weekend support is available (at additional cost).; User can manage status and priority of support ticket online 24/7.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide support services via our Helpdesk. Support levels costs are based on 20 percent of the list cost of our software and hardware products (our G Cloud SaaS costs include software support but not hardware support).; ; Our technical team are based throughout the UK. We offer both account managers and cloud support services locally. The support team are knowledgeable and can quickly resolve any issues or queries. Support is usually provided during normal office hours Mon-Fri 5 days per week (higher levels is available - price on application).; ; Note we have an HSCN connection if we need access to our client system(s).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The engagement process ensures the customers' intended use cases either ; (a) are covered by standard MyPathway functionality, or ; (b) requires any adjustments or configuration to meet customer needs.; GDPR and Information Governance requirements should be dealt with early, especially if the customer's procedures involve a cycle of approvals; we have standardised pro-forma documentation that can be used, or we can work with customers' documentation.; Where pathway automation is required, we have a team that can work with customer IT and clinical stakeholders to ensure data flow and automated pathway design can proceed smoothly using our experience from other deployments. In many cases, automation can take advantage of off-the-shelf pathway templates that can have new automated pathways up and running in days. Where data flows need to be refined, we will work with customer's IT ; We provide training material to staff at the customers' site to include: How to use the Clinical and Admin Portals, how to onboard patients, how to interact with patients on the clinical portal, how to get access to data, and how to deal with support requests.; We can train members of customers' teams to be local experts to help with pathway design and user support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extraction to alternate storage is proved upon request. Alternatively, data can be streamed or sent in batch to the customer’s own data warehouse at the agreed intervals.
• End-of-contract process: Export of encrypted data is provided on request. Once the data has been exported the infrastructure/ database in use is decommissioned and the data is destroyed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The applications are designed to run on mobile and desktop browsers without the need for software installation. The application has an optional App to install for patients on mobile devices (iOS and Android)
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service interface deploys a” Clinical Portal,” enabling a wide variety of service users to access patient-level information pertinent to their role and responsibility. An ”Admin Portal” is also in use to allow service managers to configure options and control access to the Clinical Portal.; ; For patients, the service interface is simple, graphical, and enables them to quickly comprehend the information provided as well as enabling them to update their details (e.g. demographics), access advice specific to their condition, respond to questionnaires and view appointments where desired..
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: For users with visual impairments, our SaaS uses guidelines and conforms to requirements supplied by the National Institute for the Blind (RNIB). In making selections users are offered a variety of visual graphics and textual choices. Non-English language support can be configured as an optional extra (patient interfaces only).
• API: No
• Customisation available: Yes
• Description of customisation: The MyPathway solution is highly configurable and is tailored to each customer’s requirements. MyPathway’s automated pathways are configured to customer specification and are triggered by events in the patient record. These pathways (typically driven by diagnosis or clinic bookings) can send PROMs, reminders, informational resources, and other communications without hands-on staff involvement, from referral through to discharge and beyond. Manual operation of these actions can be achieved through the Clinical Portal at individual patient level. Batch operation is achieved through customer-defined filtered lists and worklists, with mass-communication and patient management features available.

Scaling

• Independence of resources: The system is fully scalable ensuring that all customers have sufficient available resources at all times for system storage and networking, via capacity management.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage metrics are logged and can be reported on using the reporting module, or (if purchased) through a real-time BI dashboard. Depending on configuration, these may include number of patients invited and registered and via what method, PROMs returned, scores calculated, communications sent and received, number of appointments booked, cancelled, attended and DNA’d, pathways activated, resources issued and accessed by patients. Reports can be broken down by timeframe, speciality, and clinic.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Database TDE Encryption
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: MyPathway can provide a number of options for data export. Some data can be exported directly into Excel/CSV format. Data can be sent in batch mode to the customer’s own data warehouse by an agreed interface and format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • HL7

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide a 99.95% uptime guarantee SLA on our backup service.
• Approach to resilience: We operate from available data centres (Tier 3), within each data centre, the actual cloud platform is deployed using enterprise grade infrastructure. Single points of failure have been eliminated using techniques such as load balancing, clustering, RAID, and dynamic routing.
• Outage reporting: We run a major incident process, and any outages are reported via SMS, email, or our dedicated support desk.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: Multi factor authentication
• Access restrictions in management interfaces and support channels: Control measures are in place within the web interface and underlying software, these are evaluated through regular vulnerability assessments by an accredited provider.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Multi factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 06/04/2023
• What the ISO/IEC 27001 doesn’t cover: No exceptions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: DSPT Organisation Code 8JF22

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Security policy, access control policy, asset management policy, classification of information policy, compliance policy, cryptographic policy, HR process, information security incident management, medical policy, mobile device and networking policy, network security management policy, operations workflow, operations security policy, organisation of information security, physical and environmental security, supplier relationships policy systems acquisition and development policy, business management operational objectives, individual user agreement, non-conformance, customer feedback, internal audit procedure, change control procedure, design control, major incident process, business continuity plan, problem management procedure, document management procedure, contact review process, supplier review process etc.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Processes are in place to ensure that all changes to the system are authorised and evaluated prior to being deployed. These are compliant with the relevant aspects of NHS Data Security Protection Toolkit. To track components of services over time, version control is enforced, and access control records are kept and monitored. All change requests are documented and assessed. All staff are trained on operational procedures maintained on the company intranet, including Access Control and Password Management Procedures, Change Control Process, Privacy Impact Assessment & IG Checklist, Project and Change Management Control Plan, Network Security Policy, and Information Security Policy.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All servers are covered by a comprehensive monthly patching and maintenance schedule. Any important or urgent patches are applied out of schedule, with important patches within 2 weeks of a patch becoming available, and critical patches within 24hrs. Patches are always applied to Dev, Test and Demo environments first to prevent issues with production environments.; Servers are actively monitored by a variety of tools including Spiceworks which highlight out of date software version numbers to the internal support team for action.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use tools to monitor logs and highlight potential compromises; anything discovered will be raised to a priority one ticket in our system and responded to within 1 hour. if there has been a compromise this will be remediated and logged as a security incident in our ISO 27001 based business management system in order that it is treated to prevent recurrence.
• Incident management type: Supplier-defined controls
• Incident management approach: We have an incident management process in place to ensure incidents are dealt with to recover a secure and available service. The guidelines apply to all staff and include: All incidents must be reported to a manager and/or Information Security Team. An incident report is then completed detailing; name of the individual reporting the incident, the date, where the incident occurred, details of the incident and any actions taken, including who the incident has been reported to and the date the report is created. The Information Security Team investigate the incident and employ the necessary ; measures and actions to resolve.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We acknowledge the undeniable challenges faced by the NHS and all providers supporting Health and Social Care nationally, and we recognise the staff and the resolute response they have demonstrated in the face of mounting workforce pressures and the increasing demands on NHS services. Our products and services have a positive impact on Net Zero that align with the NHS carbon challenge.; VitalHub UK regards itself as a Human Systems company that does IT, that’s because we couldn’t do what we do without our people, or the users of the system. We have a strong commitment to corporate social responsibility (CSR) and a vision to create positive social, economic, and environmental impacts. Our corporate statement elaborates on how we ensure the delivery of social value through our products and services, describing the benefits we offer in terms of improving economic, social, and environmental well-being.; We are dedicated to minimising our environmental impact. The company's practices, such as reducing emissions, promoting recycling, and encouraging eco-friendly transportation options, align with the goal of protecting the environment. By reducing our carbon footprint and advocating for sustainable practices, VitalHub contributes to the environmental well-being of the local community. We positively encourage (on an individual basis) our staff to work remote and use public transport where practicable.; Our services are designed to help healthcare organisations reduce costs and enhance efficiency. By streamlining business processes and improving information management, the company supports public organisations in achieving better value for money whilst fighting climate change at the same time maintaining the quality of healthcare services.; We also ensure that our suppliers adhere to quality management systems and relevant legislation. This ensures that the services provided to public authorities meet high standards, leading to economic savings and a reduction in inefficiencies.

  Covid-19 recovery

  We acknowledge the undeniable challenges faced by the NHS and all providers supporting Health and Social Care nationally, and we recognise the staff and the resolute response they have demonstrated in the face of mounting workforce pressures and the increasing demands on NHS services. The NHS as a whole has been grappling with escalating demands and the pressures placed on healthcare systems across the country have been profound, necessitating creative solutions and a collaborative spirit to ensure the well-being of our communities. As a provider of solutions to the NHS we have stood on the frontlines, facing these challenges with determination and resolve.; Over the last two years, healthcare organisations and staff across the globe have unanimously felt the effects of the COVID-19 pandemic and united together to ensure continuation of service and the health of the population while operating in exceptionally uncertain conditions. As a provider of critical IT and software solutions to healthcare organisations, and in light of the dual pressure of both performance and pandemic, protecting not just the health but also the happiness of employees, who sit at the heart of servicing these organisations, has become a business imperative. ; We have collaborated and worked with our customers through and pots COVID to ensure our technologies help improve patient services and optimise limited NHS resources.

  Tackling economic inequality

  VitalHub have been involved in several initiatives, not only in the UK but globally, that we would like to highlight as examples of our commitment to Social Value and helping where we can to tackle economic inequality, examples include:; • We work closely with UK universities to provide Knowledge Transfer Partnership opportunities to graduates, which has resulted in employment with us for all participants to date.; • We have provided apprenticeship and secondment opportunities to the community and to customers to support workforce development and growth, as well as industry knowledge. ; • We are about to provide a workplace scheme to encourage the use of electric cars. ; • We have encouraged more home working to reduce carbon footprint.; • We have gifted laptops and other hardware to students, schools, and NHS organisations.; • We have sponsored a number of workshops and gatherings for patients and NHS providers, with no involvement from ourselves.; • We have provided free education on ICT and infrastructure to schools, particularly in areas of deprivation.; ; Our comprehensive CSR initiatives and dedication to ethical business practices strongly align with the Public Services (Social Value) Act 2012. By focusing on economic, social, and environmental well-being, the company not only meets the requirements of the act but goes above and beyond to ensure that its services and products are a force for positive change in the communities it serves. Our commitment to delivering social value is a testament to our dedication to public services and the betterment of the communities we support.

  Equal opportunity

  We are an equal opportunities employer, conversant with the Human Rights Act 2010, Working Time Directive, and the Modern Slavery Act 2015. We are committed to equality of opportunity and to providing a service and following practices which are free from unfair and unlawful discrimination. The terms equality, inclusion, diversity, and equity are at the heart of our values. We value people as individuals with diverse opinions, cultures, lifestyles, and circumstances. ; We will actively support diversity, equity and inclusion and ensure that our workforce is valued and treated with dignity and respect. We to encourage everyone in our business to reach their full potential and enjoy their work. ; Modern Slavery Prevention: Our stringent modern slavery prevention measures align with the Act's objective of promoting ethical business practices. By ensuring that modern slavery is not present within its operations or supply chain, VitalHub contributes to social well-being by promoting fair and just labour practices.; Our comprehensive CSR initiatives and dedication to ethical business practices strongly align with the Public Services (Social Value) Act 2012. By focusing on economic, social, and environmental well-being, the company not only meets the requirements of the act but goes above and beyond to ensure that its services and products are a force for positive change in the communities it serves. Our commitment to delivering social value is a testament to our dedication to public services and the betterment of the communities we support.

  Wellbeing

  At VitalHub we look at wellbeing in several ways,; Social Well-Being, our people, our partners: We take pride in how we support all our people, whether office or remote workers through multiple ways that have include virtual coffee times and workouts for remote workers in addition safe wellbeing meetings, open door access, team meetings and supporting social occasions.; VitalHub actively engages in charitable and community support initiatives. By allowing staff to request sponsorship or monetary donations for local charities, sports clubs, and community centres, VitalHub directly supports social well-being in the communities where it operates. We select two UK charities each year to support both internally with team activities and fundraising but also externally by promotion and exposure. This year’s charities are Julia’s House and Hospice in the Weald. Julia’s House was nominated to us by one of our customers and provides hospice care to some of the most seriously ill children across the counties of Dorset and Wiltshire. The Hospice in the Weald was nominated by one of our team who wanted to show gratitude to the hospice that provided care to his wife shortly after they married and had a child. Our team have raised nearly £3k to date for these charities.; Environmental Well-Being: Protecting the Environment: We are dedicated to minimising our environmental impact. The company's practices, such as reducing emissions, promoting recycling, and encouraging eco-friendly transportation options, align with the goal of protecting the environment. By reducing our carbon footprint and advocating for sustainable practices, VitalHub contributes to the environmental well-being of the local community.; Empowering Healthcare Organizations: we empower healthcare organisations to enhance the quality of care they provide to their patients and communities. By doing so, the company contributes to improved healthcare outcomes, thus positively impacting the social well-being of patients and local communities.

Pricing

• Price: £10,000 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.garrod@vitalhub.com. Tell them what format you need. It will help if you say what assistive technology you use.