Four Eyes Insight Limited

Medical Efficiency & Productivity System (MEPS) - various modules

“MEPS” has been developed from the medical productivity work carried out by Four Eyes. The software helps NHS Trusts establish clinically credible opportunities delivering financial and performance benefits, through improvements in key operational areas such as Risk Stratification, Theatres, Outpatients, Cath Labs, Endoscopy suites, Radiology and Job Planning .


  • Produce productivity reports by specialty, consultant, procedure, activity type
  • Produce benchmark comparison reports at procedural code level
  • Identify efficiency targets by clinician and specialty
  • Identify cost out and income opportunities linked to productivity
  • Track performance by clinician and specialty against KPIs
  • User friendly, interactive dashboard
  • Provide data driven scheduling capabilities including automated reports
  • Regular data updates (depending on service purchased)
  • Regular data updates (depending on service purchased)
  • Multi user, and remote access from any device


  • Inform operational decision making on 'shop-floor' to optimise productivity
  • Deliver 'quick win' productivity opportunities
  • Measure impact of operational improvements on productivity
  • Improve operational performance (RTT, waiting list size, etc.)
  • Repatriate work referred to private sector and other NHS organisations
  • Reduce variable and fixed pay
  • Reduce spend on waiting list initiatives
  • Drive revenue growth (where appropriate to do so)
  • Implement a sustainable methodology for productivity improvements
  • Support NHS Trust's CIP / income plans


£20,500 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

3 4 3 2 6 1 7 7 8 7 8 7 9 5 4


Four Eyes Insight Limited Lee Scothern
Telephone: 020 38801247

Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
System requirements
  • Uninterrupted broadband access to the Internet
  • Access to the N3/HSCN Network for NHS Users

User support

Email or online ticketing support
Email or online ticketing
Support response times
UK time: 9 to 5 Monday to Friday (except national holidays)
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
The software support service comprises an email help desk providing first line technical support to all users of the software, which will include a BIU support team.

The software support service is available to all users of the system between 9am and 5pm, Monday to Friday excluding national holidays.
Support available to third parties

Onboarding and offboarding

Getting started
The process of on-boarding a client will usually take between 5 and 10 working days depending on:

• The number of Software modules included in the Call Off Order Form;
• The number of users;
• The complexity of the client’s requirements…;
• The availability of the data requested by Four Eyes from the Client;
• Whether the Client can make data available via an API.
Service documentation
Documentation formats
End-of-contract data extraction
As this a performance management tool set not an operational tool set, there will be no requirement to extract data at the end of the contract .
End-of-contract process
Unless replaced by a new order, the agreement between FourEyes and the Client will automatically expire at the end of the licence period set out on the Call Off Order Form;

The Software will become inoperative and the users will be unable to access any data stored on the software or use the software in any way;
The Client’s right to receive the services shall cease automatically;
Each party shall immediately return to the other all property and materials containing confidential information belonging to the other;
The Client shall immediately pay to Four Eyes any sums due to Four Eyes under this Agreement;
It is the Client’s responsibility to extract and save any data stored on the software prior to the expiry of the agreement;
If the Client does not remove its data prior to the expiry of the agreement, the Client can request that Four Eyes will remove the Client’s data from its systems and provide a copy of that data to the Client. Four Eyes reserves the right to charge for this service at its standard rate of £1,000 per day;
Client data not removed from the Software within 1 month of the agreement expiring will be deleted.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The Service has been predominently designed for desktop use however the application is fully reponsive
Service interface
Customisation available


Independence of resources
Each individual user is provided with unique access to their own data thereby facilitating and allowing availability.


Service usage metrics
Metrics types
User Reporting
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Standard csv file
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
CVS files will be password encrypted and saved to a secure network location with restricted user access and 256 bit encryption

Availability and resilience

Guaranteed availability
Services provides a 99.5% availability up-time. This is backed by a 10%fee guarantee and 25% if up-time drops to 99%.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Each user client has an unique username and password and cannot gain access to other user's accounts in other sites.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • NHS Data Security and Protection Toolkit
  • Cyber Essentials

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Cyber Essentials
NHS Data Security and Protection Toolkit
Information security policies and processes
We have an IT policy which sets out our data privacy policy that relates to the handling of client sensitive data. This policy is strictly adhered to and reviewed annually.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Internal testing
Annual external reviews of systems
All changes adhere to the ITIL/ITSM standards
components adhere to the following process of identification, control, status and accounting, verification and audit.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Annual penetration testing for potential threats
Each module is pen tested before release
All data we hold is low risk- all anonymised with no patient identifiable data
All data stored in a ISO27001 accredited facility
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
There is an online and automatic auditing of activity which will allow a quick response to incidents
Incident management type
Supplier-defined controls
Incident management approach
Our approach complies with ITSM definition
We record incidents using Zendesk (activity of faults include unexpected faults, bugs, errors. All incidents are logged, and a risk assessment is applied with priority ratings of 1-4
we track all incidents, escalate incidents to senior management if not resolved in a timely fashion. An incident report is produced for every incident.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)


£20,500 a unit a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.