GOV.UK
Mobile and Web Healthcare Applications
Out-of-the-box Mobile and Web healthcare applications – adding easy-to-use capability to existing EPR solutions to support clinicians and patients. Bespoke development, hosting and support of applications – to address specific healthcare needs for individual customers (or groups of customers)
Features
- Links to core EPR systems
- Easy to use
- Tailored to specific needs
- Fully web accessible
- e.g. Acute Patient Flow management for A&E and Inpatients
- e.g. Real-time Clinical Data access for clinicians
- e.g. Clinical Data Archive Viewer embedded within EPR
- e.g. Automated Friends and Family Test
- e.g. Clinician Ward Round mobile app
Benefits
- Highly cost effective
- Rapid deployment of benefits realisation
- Supports remote and mobile working
Pricing
£1000 to £15000 per unit per month
- Free trial available
Service documents
Framework
G-Cloud 11
Service ID
230649958435911
Contact
Service scope
| Software add-on or extension | No |
| Cloud deployment model |
|
| Service constraints | Nil |
| System requirements | Nil |
User support
| Email or online ticketing support | Email or online ticketing |
| Support response times |
Standard Support Monday to Friday: 08:00 - 18:00 - 1 hour response 18:00 - 08:00 - responded at 08:00 24/7 support available at additional cost |
| User can manage status and priority of support tickets | No |
| Phone support | Yes |
| Phone support availability | 9 to 5 (UK time), Monday to Friday |
| Web chat support | No |
| Onsite support | Yes, at extra cost |
| Support levels | Dependent upon agreed SLA |
| Support available to third parties | Yes |
Onboarding and offboarding
| Getting started | Solution documentation and onsite setup |
| Service documentation | Yes |
| Documentation formats | |
| End-of-contract data extraction | Users have full access to all data |
| End-of-contract process | Full data copy provided to customer, then service terminated and all data deleted |
Using the service
| Web browser interface | Yes |
| Supported browsers |
|
| Application to install | Yes |
| Compatible operating systems |
|
| Designed for use on mobile devices | Yes |
| Differences between the mobile and desktop service | Dependent on specific application |
| API | No |
| Customisation available | Yes |
| Description of customisation | Limited customisation within Apps |
Scaling
| Independence of resources | Dedicated virtual servers per customer |
Analytics
| Service usage metrics | Yes |
| Metrics types | Uptime, performance, usage |
| Reporting types | Reports on request |
Resellers
| Supplier type | Not a reseller |
Staff security
| Staff security clearance | Staff screening not performed |
| Government security clearance | None |
Asset protection
| Knowledge of data storage and processing locations | Yes |
| Data storage and processing locations | United Kingdom |
| User control over data storage and processing locations | Yes |
| Datacentre security standards | Managed by a third party |
| Penetration testing frequency | At least once a year |
| Penetration testing approach | Another external penetration testing organisation |
| Protecting data at rest |
|
| Data sanitisation process | No |
| Equipment disposal approach | Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001 |
Data importing and exporting
| Data export approach | Full access via MS SQL tools |
| Data export formats |
|
| Data import formats | Other |
| Other data import formats | N/A |
Data-in-transit protection
| Data protection between buyer and supplier networks | Legacy SSL and TLS (under version 1.2) |
| Data protection within supplier network | Legacy SSL and TLS (under version 1.2) |
Availability and resilience
| Guaranteed availability | Dependent upon SLA |
| Approach to resilience | Dependent upon SLA |
| Outage reporting | Email Alerts |
Identity and authentication
| User authentication needed | Yes |
| User authentication |
|
| Access restrictions in management interfaces and support channels | Customer controlled access rights |
| Access restriction testing frequency | At least once a year |
| Management access authentication | 2-factor authentication |
Audit information for users
| Access to user activity audit information | Users have access to real-time audit information |
| How long user audit data is stored for | User-defined |
| Access to supplier activity audit information | Users have access to real-time audit information |
| How long supplier audit data is stored for | User-defined |
| How long system logs are stored for | User-defined |
Standards and certifications
| ISO/IEC 27001 certification | No |
| ISO 28000:2007 certification | No |
| CSA STAR certification | No |
| PCI certification | No |
| Other security certifications | No |
Security governance
| Named board-level person responsible for service security | No |
| Security governance certified | No |
| Security governance approach | Joint board level responsibility |
| Information security policies and processes | Adheres to customers security policies |
Operational security
| Configuration and change management standard | Supplier-defined controls |
| Configuration and change management approach | Responsibility of solution architect |
| Vulnerability management type | Supplier-defined controls |
| Vulnerability management approach | Responsibility of hosting partner |
| Protective monitoring type | Supplier-defined controls |
| Protective monitoring approach | Responsibility of hosting partner |
| Incident management type | Supplier-defined controls |
| Incident management approach | Incident reporting via customer service desk. |
Secure development
| Approach to secure software development best practice | Supplier-defined process |
Public sector networks
| Connection to public sector networks | No |
Pricing
| Price | £1000 to £15000 per unit per month |
| Discount for educational organisations | No |
| Free trial available | Yes |
| Description of free trial | Limited period access |