Docobo Ltd


ARTEMUS-ICS™, a predictive risk stratification based population health intelligence service provides powerful health intelligence, securely via a web browser over the HSCN network. The tool combines GP data and SUS data to provide a complete view of patient care and assigns a risk score for all patients, and supports PCN.


  • Overview dashboard, identifies the number of patients and their activities
  • Cost dashboard, total and average indicative costs per risk segment
  • Prevalence dashboard, number of patients with each Long Term Condition
  • Cost-Benefit dashboard, identifies patients suitable for a service and ROI
  • Changes in Risk Dashboard, identifies patients increasing/falling in risk
  • Polypharmacy dashboard, identifies patients receiving a number of different medications
  • Patient Manager, access to detailed patient level data
  • Export to CSV/Excel and individual patients to PDF
  • Search by NHS Number
  • Patient timeline of primary and secondary care events over time


  • Allows creation of custom lists/cohorts. e.g. top 2% at risk.
  • Enables identification of appropriate patients for key LTC services.
  • Supports the DES initiative, identifying and tracking the top 2%.
  • Enables monitoring of complex patients by tracking risk score changes
  • Secure Data Storage and handling within NHS IG Regulatory Framework
  • HSCIC approved provider
  • Provides a platform for evaluation and impact ability monitoring


£50000 to £500000 per unit per year

Service documents


G-Cloud 11

Service ID

3 0 5 8 0 1 4 8 2 2 5 6 2 2 7


Docobo Ltd

Adrian Flowerday


Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
Maintenance at times informed to the user
System requirements
Common browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 4 hours, Monday - Friday in working hours.

Weekends are covered by an out of hours service (there is an extra cost for this).
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Telephone and email support, 8.30am-5.30pm, business working days.
Dependent on customer requirements we provide level 1,2 and 3 support. For out of hours technical support we will charge £1000 per month. Do provide technical account manager.
Support available to third parties

Onboarding and offboarding

Getting started
We provide onsite training, online training and user documentation.
Service documentation
Documentation formats
End-of-contract data extraction
Via termination agreements
End-of-contract process
Access to cloud services stop. Any termination activities are chargeable.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Service interface
Description of service interface
Secure HSCN web browser user interface, allowing role based access to multiple health and social care related dash boards.
Accessibility standards
None or don’t know
Description of accessibility
Navigation via standard computer displays with keyboard and mouse operation.
Accessibility testing
Standard V&V regression testing includes applicable accessibility capability.
Customisation available


Independence of resources
Use of load balancing technologies.


Service usage metrics
Metrics types
Audit trail and reporting engine
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Via reporting tools
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.9% .
Refund based on individual SLA breaches.
Approach to resilience
Available on request.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Through username and password with role based management
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
IG Toolkit

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Defined within our quality management system.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Contained within our quality management system. Change management, managed within our DCF procedures.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Potential threats are assessed using online cyber security forums and intelligence.
Testing is done on the day of release and, if successful, deployed same day or next day.
Online forums such as Alien Vault OTX are used to get information about potential threats
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Staff are well trained to report any anomalies and server logs are interrogated for any indications
Isolate the problem and investigate using the incident response procedure
Immediate response and initial assessment then a planned investigation depending on the severity
Incident management type
Supplier-defined controls
Incident management approach
We don’t have any common events, but the process is the same for any incident or event.
Incidents are reported by phone, email or in person, whatever is quickest to enable an immediate response
There is a template report to include a risk assessment, notification requirements, disciplinary action, root cause, trend analysis, corrective action, preventative action and later, effectiveness.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£50000 to £500000 per unit per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑