Docobo Ltd


ARTEMUS-ICS™, a predictive population health intelligence service provides powerful health intelligence to healthcare professionals, securely via a web browser over the N3 network. The tool combines GP data and SUS data to provide a complete view of patient care and assigns a risk score for all patients, and supports PCN.


  • Overview dashboard, identifies the number of patients and their activities
  • Cost dashboard, total and average indicative costs per risk segment
  • Prevalence dashboard, number of patients with each Long Term Condition
  • Cost-Benefit dashboard, identifies patients suitable for a service and ROI
  • Changes in Risk Dashboard, identifies patients increasing/falling in risk
  • Polypharmacy dashboard, identifies patients receiving a number of different medications
  • Patient Manager, access to detailed patient level data
  • Export to CSV/Excel and individual patients to PDF
  • Search by NHS Number
  • Patient timeline of primary and secondary care events over time


  • Allows creation of custom lists/cohorts. e.g. top 2% at risk.
  • Enables identification of appropriate patients for key LTC services.
  • Supports the DES initiative, identifying and tracking the top 2%.
  • Enables monitoring of complex patients by tracking risk score changes
  • Secure Data Storage and handling within NHS IG Regulatory Framework
  • HSCIC approved provider
  • Provides a platform for evaluation and impact ability monitoring


£50000 to £500000 per unit per year

Service documents

G-Cloud 10


Docobo Ltd

Sophie Gourlay


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Maintenance at times informed to the user
System requirements Common browsers

User support

User support
Email or online ticketing support No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Telephone and email support, 8.30am-5.30pm, business working days.
Dependent on customer requirements we provide level 1,2 and 3 support. For out of hours technical support we will charge £1000 per month. Do provide technical account manager.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite training, online training and user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Via termination agreements
End-of-contract process Access to cloud services stop. Any termination activities are chargeable.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility Commonly available access tools for operating a web browser will allow usability.
Accessibility testing N/A
Customisation available No


Independence of resources Use of load balancing technologies.


Service usage metrics Yes
Metrics types Audit trail and reporting engine
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Via reporting tools
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% .
Refund based on individual SLA breaches.
Approach to resilience Available on request.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Through username and password with role based management
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications IG Toolkit

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Defined within our quality management system.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Contained within our quality management system. Change management, managed within our DCF procedures.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Potential threats are assessed using online cyber security forums and intelligence.
Testing is done on the day of release and, if successful, deployed same day or next day.
Online forums such as Alien Vault OTX are used to get information about potential threats
Protective monitoring type Supplier-defined controls
Protective monitoring approach Staff are well trained to report any anomalies and server logs are interrogated for any indications
Isolate the problem and investigate using the incident response procedure
Immediate response and initial assessment then a planned investigation depending on the severity
Incident management type Supplier-defined controls
Incident management approach We don’t have any common events, but the process is the same for any incident or event.
Incidents are reported by phone, email or in person, whatever is quickest to enable an immediate response
There is a template report to include a risk assessment, notification requirements, disciplinary action, root cause, trend analysis, corrective action, preventative action and later, effectiveness.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)


Price £50000 to £500000 per unit per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑