askmyGP
askmyGP is the workflow solution for healthcare, enabling patients to receive help from the right person whether GP, PCN or wider network. Ease of use moves an average 71% of demand online, enabling digital triage within minutes, 85% completed same day. Much more than online consultations, digital first system change.
Features
- Patients/parents/carers seek help at any time on any problem, online
- One click self care eases patient access to NHS information
- Information is sent securely from patient to GP via HSCN
- Complete workflow management and analytics for practice, PCN, CCG
- Patient app manages requests, messages, proxies and profile
- NHS Spine integration identifies patient and pulls in data
- Clinician digital triage takes seconds to decide on appropriate help
- Full two-way messaging, video, telephone, appointment as needed.
- Video consulting fully integrated, photo & document attachments
- Simple one click integration with clinical system
Benefits
- Patients helped in minutes (85% seen today, 28% name GP)
- Secure messaging eliminates wait for answer on telephone
- Clinically useful information is gathered from the patient before consultation
- Reception staff are better informed for care navigation
- Data from over 4 million episodes show 80% completed remotely
- GPs see patients only as needed, saving average 4 minutes/episode
- The burden and stress of overwork is lifted from GPs
- DNAs (Did Not Attends) drop by 80%
- 30 - 40% efficiency gains evidenced in multiple diverse settings
- Change intervention gives immediate benefits from launch day
Pricing
£0.79 to £1.90 a person a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
2 5 8 5 1 4 3 7 9 9 0 2 9 5 2
Contact
Salvie Ltd
Harry Longman
Telephone: 01509 816293
Email: harry@salvie.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
Patients can access on any internet connected device.
GP practice staff can access the portal only on a secure NHS compliant network (HSCN) via web browser. - System requirements
-
- Providers must have access to the secure HSCN network
- Providers may use any device connected over the secure network.
- Providers may use on one or many sites and networks.
- Patients may use any internet connected device.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
During office hours a median of 87% of queries are responded to within one hour.
Out of hours response time is 12 hours. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We a multi-channel support desk through Zendesk, serving mainly healthcare staff users but also patients, on technical but not clinical matters. Occasionally they may need help with special needs which we manage as appropriate.
- Onsite support
- Onsite support
- Support levels
-
Pathfinder: diagnostic and preparation for change.
Transform: change programme provided through a personal training partner.
Improve: software subscription with continuous improvement support from a personal training partner.
Pro version - single provider workflow
Network version - workflow between linked network providers - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- We offer a comprehensive onboarding programme, including live and on-demand training, in-app guidance and induction, a searchable help centre and support desk. With our Transform programme, a personal training partner facilitates the change intervention with provider leaders and staff.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- In normal use, data is transferred incrementally to providers. At contract end, a full transfer service is offered for one month free of charge.
- End-of-contract process
- Extraction of all provider data is included in the price up to one month after termination.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- MacOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Patients may use a mobile device (70% do so), tablet or PC.
Provider staff would normally use a PC. There is no restriction on using smaller devices, if they have the correct network security, but this is not usually advised for the provider portal. - Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
-
The software runs on installation with factory defaults. Yet it allows a high degree of customisation to meet the needs of all kinds and sizes of provider. Service times, in and out of hours, are easily set, as is the availability of clinical staff.
Standard questions and messages can be set for all patients and configured by users to their own preference.
Users can manage their own profile in the portal, set preferences for their workflow and manage their day.
Workload and capacity parameters can be set per clinical session.
Scaling
- Independence of resources
- We actively manage service performance with our DevOps team consisting of our own staff, testing and hosting suppliers. We use the Zabbix automatic monitoring and alert system across all resources, and review weekly performance, adjusting resource capacity in line with demand modelling.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Patient demand, runcharts by month/day/week.
Hourly demand pattern
Service response and completion times
Patient demographics by age/sex
Patient usage frequency chart
Patient feedback analysis
NHS Friends and Family Test reporting
Staff activity and mode of resolution
Network activity for all the above where relevant
Resolve rates by message/phone/face to face
Ad-hoc queries on request, research papers on aggregate data. - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
In normal use, data is extracted by staff for every patient request and transferred to their own separate records if they wish.
We can also offer bulk extract for analysis purposes on request. - Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Guaranteed 99.95% uptime, defined as normal service during working hours 08:00 - 20:00, excepted planned maintenance and local causes outside the supplier's control.
The customer is entitled to an account credit for one days service for every day on which the service is unavailable for more than one hour within working hours . - Approach to resilience
-
Our supplier Xicon's Cloud platform is hosted across two data centres in the UK that are configured in a highly resilient architecture meaning that the failure of any component will not adversely affect the availability of services. This architecture means that business continuity and disaster recovery requirements are addressed.
The data centres have world class security services to protect equipment from threats and hold all of the accreditations that we require as part of our ISO27001:2013 accreditation. - Outage reporting
-
Public reporting is provided live on our website.
Alerts can be made to users live in the app.
If the app is not available, email alerts can be sent to all staff users.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Staff accessing patient identifiable data must work from within HSCN, and have a username and password.
Management interfaces and support channels offering anonymous operational data require a username and password. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- Limited access network (for example PSN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BAB British Assessment Bureau
- ISO/IEC 27001 accreditation date
- August 2020
- What the ISO/IEC 27001 doesn’t cover
- GP Navigator operational analytics.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- NHS Data Security & Protection Toolkit DSPT ref 8JH09
- DCB0129 Clinical Safety, assured by Safehand
- Cyber Essentials
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
The IG officer Debbie Ford reports directly to Chief Executive and IG Lead Harry Longman and ensures that the policies listed below are complete, up to date, accessible via the private website pages to all staff, and that new staff are trained in their application.
Information Security Policy
IG and You Guideline
Mobile Computing and Teleworking Policy & Guideline
Incident Management
IG Improvement Plan
Network Security Policy
Data Flow Mapping Report
Managing change which involves personal data – Procedure
Confidentiality Monitoring and Audit Procedure
DPIA Procedure
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Our configuration and change management approach is fully documented in accordance with the requirements and standards of ISO27001/2013 . We are independently audited annually.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
In depth penetration testing is independently carried out by Pen Test Partners and all risks managed to low level through our development process, on a timescale of same day if critical, one week if severe, 8 weeks for moderate or low.
Routine automated penetration testing is carried out by our independent test supplier nFocus Ltd.
Information may be obtained from the above tests, but also from public domain alerts or private channels, all of which are evaluated. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Potential compromises are identified by the Solarwinds monitoring software and alerts are generated to the Xicon service desk by email and to Xicon engineers by text (depending on severity)
P1 alerts are responded to within 15 minutes
P2 alerts are responded to within 3.25 hours
P3 alerts are responded to within 47.25 elapsed hours - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Incident reporting is covered by our processes as described in our ISO27001 documentation.
Users and our own staff may report incidents from the app, by telephone, email or through the usergroup, all of which come into Zendesk.
The support desk duty person creates an Incident, so that all similar reports may be grouped together and responses co-ordinated.
All users may be alerted in the app or separately by email if required.
Incident reports are then generated directly from Zendesk incidents.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Health and Social Care Network (HSCN)
Pricing
- Price
- £0.79 to £1.90 a person a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
-
Our demo enables GPs to simulate patient episodes with demo data. They make decisions, record answers and receive a full set of results online.
Any number of colleagues may be invited to the same demo practice.
Available for 1 months.