INVENTASIA LTD

eDoc V11

The eDoc V11 is a simple and easy to use end-to-end clinical document management platform. It streamlines document management flow, and it can also be configured and integrated with any hospitals' existing systems. It is an embodiment of different solutions that can work independently or all together as a whole.

Features

  • Digital Dictation
  • Typing Platform for your in-house staff
  • Premium Outsourced MedicalTranscription
  • Document Workflow Management
  • User Management
  • Support Centre
  • Analytics
  • Electronic Distribution
  • Interoperable with your clinical systems

Benefits

  • Accelerate document turnaround times via a single digital platform
  • Reduce resource costs including overtime, bank staff, facilities, etc.
  • Significant time and efficiency savings for clinical and administration staff
  • Reduce the risks and costs of using multiple systems/providers
  • Ensure good governance, patient safety, and competent administration
  • Sustainable cost savings

Pricing

£50 a user

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@prescribe-digital.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

2 4 3 7 7 7 6 2 9 4 0 7 8 6 5

Contact

INVENTASIA LTD Richell Streegan
Telephone: 02032827110
Email: info@prescribe-digital.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
EDoc v11 is generally cloud-based and do not require much maintenance on the clients' side. However, Client Deployment with hardware setup and installation may require Support Packages which are all discussed upon sign off of the Service Level Agreement with the Contract. Any constraint arising from connectivity requirements to Client's Data Warehouse is defined by client restrictions and not by the solution platform - which, again, is included in the agreement.
System requirements
  • Server Resource Connection for Storage (at least 1-2 TB)
  • Latest Windows OS on workstations for users' PC or laptop
  • Foot Pedals (optional), Dictation Device, Mobile device
  • Google Chrome (recommended) to access web based applications
  • Server Access Configuration for Integration (Authentications, Tokens, Keys, etc.)

User support

Email or online ticketing support
Email or online ticketing
Support response times
KPI response times for Acknowledgement to e-mail, phone and/or Live Chat shall be 30 minutes. For Technical help our customer service representatives shall respond on receipt of call/email. Follow-up reports shall be given after 24 hours (1 working day). Should there be a need for a Complaint Investigation, our team shall report back in no more than 3 working days.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
EDoc V11 support enlarging font displays, and can be adjusted to show a larger display of menu or command buttons to for the user's ease of use. The software is also tested using a variety of screen readers and browsers. It is found that the following combinations provide the most accessible experience when using the software: If you're using Windows, using NVDA with Firefox. If you're using OSX, using VoiceOver with Safari.
Onsite support
Yes, at extra cost
Support levels
Our Support Level is simple. Just one.

We provide consultations, email, telephone, and online chat facilities, or site visit if needed, to accommodate general inquiries and all support services. If necessary, remote connection can be initiated, but only with the governing IT security's permission/configuration. These and all are discussed and included in the total cost of the contract.

Onsite Support is conditional and subject to additional cost [or none at all] depending on the nature and complexity of work. This then can be further discussed with the client as the need arises.

The Contracts Manager will ensure that an operations manual of all procedures and instructions of our software sufficient to permit a trained operator to follow the instructions without prior knowledge of the specific application is provided. Any updates will be automatically distributed. A troubleshooting guide is also contained to enable easy resolution of an issue. The manuals are distributed to the users prior to on-boarding. We also offer a remote or online training if desired by the customer at no additional cost.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Prescribe have developed a well proven training and implementation programme for our customers, supported by online and paper-based materials which we provide to the Trusts who use our Transcription service and eDoc software platform. In addition to the above, we also provide live demonstrations (on site and remotely) and training for the Trust’s authors and secretaries to give them a real feel of the actual processes happening prior to the commencement of our service. This helps to set expectations and answer any queries they may have during the first few weeks of implementation. After commencement/implementation of our service, our customer support staff can remain on-site (“floor walkers”) for a reasonable period in order to provide any assistance required. For any queries the client may have after the training, they have full access to our customer and IT support group who can provide assistance by phone, email or online chat 24/7. All new clients are engaged in weekly review meetings for any feedback and further training needs if necessary.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
There is an application in our platform to extract contract details, including signed documents and other account related files.

NO DATA IS KEPT IN OUR SERVER
All raw, processed, and completed documents are all kept within the organisation's storage facility.
End-of-contract process
A buyer may terminate the contract with a 12-month notice from the issuance date of the Confirmation Document. We reserve all rights to terminate accounts and services at our sole discretion as allowed by legally allowed by governing laws.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Desktop service is accessed via our solutions based in the cloud. It has all the features and functionality.

Mobile service varies on the following:
1. The TYPE of the mobile Device
2. The environment it can handle (Connection, Storage, OS, Memory, Processor, etc.)

The mobile device app is equipped with almost all the features primarily the core components. All other features such as document and team management, administration, may have limited features for security reasons. Previewing documents, outsourcing, and managing voice recordings are just some of the features available on mobile.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Services are customised based on the client's requirements.
All solution are made and configured to work as one. These solutions are also made to comply with every changing requirements of the organisations.

What can be customised?
The files
The output
The workflow
The design of templates
The process flow of document management
Scheduling, Priority, Letter Contents, etc.

Who? Anyone with granted permissions / authority to do them.

In terms of customising the whole application itself, we may need more information on this concern before we move forward.

Scaling

Independence of resources
The solution is cloud based and requires only one storage facility to accommodate the files it generates (clinical documents), secured and encrypted.

All processes and functionalities are done in the cloud.

Our solution doesn't require more resources than that. It is accessed via a web browser, simple, and it doesn't eat much of computing resources of the user or the organisation. i.e. Memory, Hard disk space, Server computing and storage resources, etc.

Our solution is isolated to work on its own without sacrificing other resources that the organisation use.

Analytics

Service usage metrics
Yes
Metrics types
We provide data analysis and summary of the jobs and the usage among all users in all departments in the whole organisation. Filterable, sortable, printable, and exportable when needed.

No finance involved.
Analytics and reports rely on the usage data of files only i.e outsourced, in-house, by department, or by the whole organisation, department performance, scaled team performance in a week, a month, or any given date range, etc.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Data at rest and in transit to and from our web servers are protected by RSA with 256-bit AES encryption supporting TLS 1.2 protocol which is a globally accepted security standard.

All clinical correspondences are processed in our ISO 27001 data centres in the UK with complete redundancies in place as part of our Business Continuity Policy.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
We provided functionality on any lists of data or forms in the applications that allows exporting and downloaded of data or file at any time.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Excel Files (XLS)
  • Word Files (DOC/DOCx)
  • WAV Audio Files (WAV)
Data import formats
Other
Other data import formats
  • Word Files (DOC, DOCx)
  • WAV, MP3, DDS and other Audio File Types

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
ACL Based Network Security

Availability and resilience

Guaranteed availability
The buyer shall be given a credit note if the service levels have not been met.

Should we receive any complaint against KPI, this is notified to the Customer Support Manager. Any complaints would be recorded, investigated and discussed in operational meetings. Actions required would be included in the meeting minutes with feedback implemented and reviewed.

The KPI for response times shall be:

Acknowledgement to e-mail, phone and/or Live Chat - 30 minutes
Technical help - On receipt of call/email
Follow-up report - 24 hours (1 working day)
Complaint investigation - 3 working days
Approach to resilience
In the event of a disaster which interferes with InventAsia’s ability to conduct business from one of its offices, a Business Continuity plan is in place to be used by the responsible individuals to coordinate the business recovery of their respective areas and/or departments. The plan is designed to contain, or provide reference to, all of the information that might be needed at the time of a business recovery.

This is periodically verified by active or passive testing.

The Information Security Manager is responsible for ensuring that the personnel who would carry out the Business Continuity Plan are sufficiently aware of the plan’s details. This may be accomplished in a number of ways including; practice exercises, participation in tests, and awareness programs.

The plan also includes InventAsia’s Disaster Recovery Plan, which focuses on the recovery of technology facilities and platforms, such as critical applications, databases, servers or other required technology infrastructure. Unless otherwise modified, this plan does not address temporary interruptions of duration less than the time frames determined to be critical to business operations.
Outage reporting
The IT Support Teams constantly monitors and is informed in real time with online alerts via email.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
All users are provided with ACL and permissions to use specific functions and applications in the platform. All verifications are authenticated with high level encryptions.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
06/03/2020
What the ISO/IEC 27001 doesn’t cover
As we are a Tech solutions company, all our processes are covered by our ISO 27001.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO 9001:2017 (Quality)
  • Cyber Essentials
  • NHS Digital - Data Security and Protection (DSP) Toolkit
  • General Data Protection Regulation (GDPR)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 9001:2017 (Quality), Cyber Essentials, NHS Digital - Data Security and Protection (DSP) Toolkit, General Data Protection Regulation (GDPR)
Information security policies and processes
InventAsia is registered with the ICO (registration number Z9717899) and is fully GDPR compliant. We are ISO 27001:2017 (Information Security Management System) certified which extends to all aspects of Prescribe Digital's facilities. Prescribe Digital is the medical transcription division of InventAsia.

We hold confidentiality and data integrity at the very core of our company’s information security principles. Thus, not having issues with information security ever since our UK Operations began in 2005.

Our IT infrastructure is protected by up-to-date antivirus and firewall applications and is daily being monitored as part of internal risk assessment procedure.

As part of our standard Normal Operating Procedure and in compliance with GDPR, numerous Information Sharing Agreements as well as Privacy Risk Assessments are in place with our Public and Private Healthcare clients.

Furthermore, all our production staff have signed confidentiality and data protection agreements. They are also given regular training on Information Security and Information Governance which are required under their employment contracts.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration and change management is handled in strict confidence with the Development and Technical Team. The project manager in place handles the timeline and monitors the achievement of all processes, ensuring proper deployment of needed resources towards achieving the certain goal. Initial discussion and/or investigation may be performed with the client and with any on-site infrastructure to properly identify risks and assess impact towards implementation of changes.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We keep a regular penetration test in our platform and our infrastructure. We enforce the highest level of security and allow rigid tests performed to assess the vulnerability in our systems and machines. We passed and we are maintaining that security.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We are monitoring our systems 24x7. Any potential risks or compromises are identified quickly, or in many cases, prevented it, by regularly monitoring the systems hardware and system software status, condition, performance, and behavior. We have a cascaded support levels that monitors all the facets of our network infrastructure.

When a potential compromise arise, we respond quickly in real-time as we are notified quickly within our proper channels.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Any complaints would be recorded, investigated and discussed in operational meetings. Actions required would be included in the meeting minutes with feedback implemented and reviewed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£50 a user
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full service provision at no limited period.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@prescribe-digital.com. Tell them what format you need. It will help if you say what assistive technology you use.