Silverlink Software Limited

CaptureFertility Integrated Digital Care Record and Clinical Management System

CaptureFertility is an all-digital integrated care record and fertility clinical management system developed by Silverlink Software Limited. Recording data throughout the fertility process, including detailed information of egg and sperm providers and embryology. In addition, the system provides real-time analytics, reporting and documentation generation across the fertility pathway.

Features

  • User-friendly desktop and mobile solution
  • Provides real-time performance and key-care intervention notifications
  • Configurable reporting and data presentation capabilities
  • Care overviews display every patient under care
  • Intuitive real-time dashboards
  • Automatically collates captured data in a manageable format
  • Full audit capability of entire system activity
  • Integration with patient administration systems (PAS)
  • Automatic data upload to the HFEA
  • Designed for use by multiple and concurrent users

Benefits

  • Reduces data duplication and improves data quality
  • Includes full system training and support services
  • Ensures patient safety, data quality and information governance
  • Improves communication within and between teams regarding care and performance
  • Integration with other authoritative hospital/Trust systems
  • Real-time notifications regarding performance and time to target breach
  • Browser-based system, accessible from multiple devices
  • Supports paperless/paper-light operations

Pricing

£9000 per instance per quarter

Service documents

G-Cloud 9

155989778314855

Silverlink Software Limited

Elizabeth Hobson

0191 280 5824

info@silverlinksoftware.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints During occasions of system upgrade or maintenance, the Purchaser’s users may experience limited access to the system. Users will be notified in advance of any scheduled upgrade or maintenance work, which may result in limited access to the system. Silverlink will ensure that such limited service is only experienced for up to a one-hour period and will make every effort to keep occasions of upgrade and maintenance work to a minimum. Silverlink will also endeavour not to carry out any scheduled upgrade or maintenance work during Service Hours. Support Services are only available on Working Days during the Service Hours.
System requirements
  • Browser requirements: IE7 or later
  • Server specification: Windows and SQL 2008 R2 or later

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response within 1 hour (Monday to Fridays 09.00 to 17.00 excluding public and bank holidays)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support is provided during the Service Hours - Monday to Friday 09.00 to 17.00, excluding public and bank holidays and this service is included in the annual charge payable for use of the system. If a Purchaser requires support to be provided outside of Service Hours, the Supplier reserves the right to charge the Purchaser on the basis of our standard hourly rates (dependent upon when the service is to be delivered - £125 week day nights and weekend day times, £150 per hour weekend nights and £200 per hour during bank holidays)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite training
Online training
User documentation: User guides, FAQs, help sheets
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction Date can be exported from the system in CSV, ODF, HTML format. If the Purchaser requires any data migration services o be completed by the Supplier, the Supplier reserves the right to charge for these services.
End-of-contract process In the event the contract for the provision of the system is terminated, for whatever reason, Silverlink will co-operation with the Purchaser to make arrangements for the transition of the supply of services to another supplier where appropriate. Silverlink will also liaise with the Purchaser in relation to the return and/or destruction of data (upon receipt of written instructions from the Purchaser) and all related procedures will be carried out in accordance with NHS Data Destruction Guidelines. These services are included in the contract price.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None.
Accessibility standards None or don’t know
Description of accessibility The software is a webpage.
Accessibility testing We have not done any interface testing with users of assistive technology however we conform to all of the required standards for development of web applications and therefore the solution should work with screen readers, text to speech converters and other such assistive technologies which accord to these standards.
API Yes
What users can and can't do using the API Data input and retrieval via RESTful and SOAP.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The system supports the collection of local data items which can be added to the dataset, in addition to configuration of the workflow, provided that this does not compromise the integrity of the national audits which the system supports.

Scaling

Scaling
Independence of resources Ensure that the hardware is provisioned to service the needs of the specified users. Physical separation between the live data store and the reporting data store.

Analytics

Analytics
Service usage metrics Yes
Metrics types Support logs and fault severity
Time to response
Time to resolution
Number of users
Numbers of patients
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach There is a function within the application which enables data export or data can be exported via APIs or standard database interrogation tools.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats HTML
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The system is designed to be available 24/7.
However where a fault is logged and the priority is Immediate, Silverlink will respond to the call within 1 hour during Service Hours with a target fix time of 4 hours. (E.g. System Failure / Unavailability of System affecting a large number of users across 1 or multiple sites.) Where the priority is Urgent, Silverlink will respond to the call during Service Hours within 4 hours with a target fix time of 8 hours. (E.g. System Failure / Unavailability of System affecting a small number of users at 1 or more sites.)
Approach to resilience Our service designed to support a distributed architecture leveraging an enterprise grade platform to facilitate resilience so that the application can be spread over multiple servers in multiple locations with various options for fail over in either active-active or active-passive with a range of difference resilience techniques such as mirroring and on-site and off-site back up mechanisms.
Outage reporting User email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access to all systems is approved by the Operations Manager. Staff are only given access to those systems required for the performance of their role. Access is governed by unique user names and secure passwords and all activity is logged and audited on a regular basis.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACS Registrars awarded the accreditation
ISO/IEC 27001 accreditation date 03/04/2017
What the ISO/IEC 27001 doesn’t cover There is nothing excluded from the scope set out in our ISO27001 certification which is ‘The protection of information associated with the software development, support and data collection services for the health sector’, however we did claim one exemption within the statement of applicability, relating to working in specific secure areas, as we don’t have any. Our servers are secure and our development environments are protected, but we don’t have any areas that staff occupy on a day today basis that requires restricted access above and beyond our already secured office environment, which is secured and physical access restricted by swipe cards and room keys.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • ITK
  • IG Toolkit
  • Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes As an ISO27001 accredited organisation Silverlink has a comprehensive suite of Information and Security Policies and processes encompassing all facets of information management and governance, from access control and security, continuous process improvement, change management, data protection and retention, in addition to secure destruction and disposal of information assets.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We have an information security change management procedure that controls the introduction of new information assets which are logged and tracked on our Information Asset Register. In addition, Change Control Notices are created and reviewed by the relevant stakeholders in the organisation when needed. In terms of system development, we use Microsoft Team Foundation Server (TFS) for full traceability from recording of the initial Product Back Log Item(PBI)/User Story through to development, code check in, source and version control and then into Testing to then ultimate deployment to Live production use.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Silverlink has an information risk register, which is used to identify potential risks to the information held by the business based on the likelihood of potential threats and the level of impact such threats, would have. We either accept the level or risk or raise an improvement log to identify what reasonable action could be undertaken to reduce likelihood of the threat and impact, prior to acceptance. At a senior level, we also have a business risk manager which is part of our quality management system.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our internal network is protected by two firewall devices one connected to the general internet connection and the other to NHS N3/HSCN connection, no inbound connection to the network is permitted except via secure VPN. All servers and PC’s are protected by antivirus and anti-malware software.
Incident management type Supplier-defined controls
Incident management approach As part of our ISO27001 Accreditation, we have in place a Security Incident Reporting and Investigation Procedure, which includes incident management techniques for certain type of incident events. All incidents are reported to the Operations Manager in the first instance. All incidents are thoroughly investigated to identify root causes and corrective actions that would prevent recurrence. The results of any investigations are documented and reported as part of our information security management system management review meetings. Corrective and preventative measures are recorded in our quality management system’s Improvement Log.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)

Pricing

Pricing
Price £9000 per instance per quarter
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑