Strata CHC Decision Support Tool
Strata CHC Decision Support Tool can operate on its own, be integrated with existing IT systems to aid completion or deployed as part of a region wide system to deliver CHC and other funding decisions within mandated timescales. It is fully audited and offers bi-directional communication across CHC Teams.
Features
- Continuing Healthcare Assessment within CHC 28 day target
- Virtual Panels and collaboration tools to speed up decisions
- Audited digital work flow with no paper processes
- Built to mirror the Care Act national funding framework
- Onward referral to MDT after funding award
- removes non-qualified applications and thus duplication of effort
- Can be integrated to any health and care IT systems
- Speeds up communication and tracks progress
- Decision Support Tools DST and fast track features built in.
- Bi-directional Communication
Benefits
- Low cost entry point to regional patient flow and eRefferals
- Collaboration across organisations / stakeholders in one system
- Full reporting tool and BI included
- Cloud solution that can be used on any device
- Can be deployed within 2 weeks
- Resource availability and characteristics matched to patient need
- collaboration with community services
- Improve data quality and enforce data capture
- Simple to use- works within existing GP and Acute systems
- System already in use across NW of England
Pricing
£60,000 to £250,000 an instance a year
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
4 0 1 8 9 8 3 6 3 8 1 9 4 7 3
Contact
Strata Health LTD
Strata Sales Team
Telephone: +44 (0) 3330 020233
Email: Sales@stratahealth.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No - however additional costs will apply for integration with IT systems
- System requirements
-
- Access to internet connected device
- Access to up to date internet browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Strata Pathways is a cloud solutions that is available and supported 24x7x365. All parts of the system are available at all times and scheduled upgrades and maintenance are planned and communicated in advance and only take place out of normal business hours. We operate a global round the clock approach to support and maintenance which allows us to accommodate full availability of support services at all times.
• We provide Software uptime of 99.5% with planned maintenance authorised in advance.
• Support is 24/7 with immediate support during business hours and call back within 60 mins outside of business hours. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- No
- Support levels
-
Strata Support is delivered to the highest standard at all times and this is included in the cost to clients. All NHS clients are treated equally and as Strata Pathways is a cloud solutions support is available and supported 24x7x365. All parts of the system are available at all times provided that clients have access to the internet. Scheduled upgrades and maintenance are planned and communicated in advance and only take place out of normal business hours. We operate a global round the clock approach to support and maintenance which allows us to accommodate full availability of support services at all times.
• We provide a Software uptime of 99.5% with planned maintenance authorised in advance.
• Call support is 24/7 with immediate support during business hours and call back within 60 mins outside of business hours. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
A full and structured training programme will be provided to admin and users at the start of the project but also on an ongoing basis if requested. Training can be provided on site or via webex sessions. The Strata Account Manager will worm with the client lead determine the frequency and when and where they should take place. It is expected that training would take place on client premises and that users will have access to a PC or mobile device with internet access.
This is delivered as part of the ongoing sessions where users are invited to attend training sessions to learn how to get the best from the solution and also how to build specific requirements that may be outside the normal requirements.
Full documentation tailored to the solution will also be provided. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- The users can either request Strata to extract data and return to them or they have the ability to do this themselves with the management console. Strata will be happy to supply destruction certificates etc if requested to do so.
- End-of-contract process
-
Towards the end of a contract when a client does not wish to continue with the service, the Strata Account team will work with the client well in advance of the termination date in order to smoothly switch of the service,
At the end of the contract a client can either download their data themselves and Strata will then carry out a full destruction and data removal process if requested to do so, This is a chargeable service and will be scoped and agreed with the client in advance. Strata will also switch off all links and APIs to any client system as soon as requested to do so.
Should a client need to extend the services in line with approved regulations, we will be happy assist but will charge at the normal monthly rate for any part of each monthly period after the contract termination date.
Additional charges will be incurred for any services involved in Strata being requested to download the data on behalf of the client, Again this will be scoped and agreed in Advance.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- No
- API
- No
- Customisation available
- No
Scaling
- Independence of resources
-
The Strata Software as a service is delivered within UK Data centres within HSCN and with the ability to scale up and down our service requirements based on service usage and demands on the platform. The service is fully resilient over a number of sites and fully managed by our ISO processes.
The Strata services is a stand alone service which is not co-located with any other services. It operates with virtual servers and can be quickly expanded as needed.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
The Strata Pathways application layer and cloud infrastructure system as well as activity and usage is measured using a service called New Relic APM which lets us know what’s happening in platform application environment and shows full usage and access stats
This provides a complete picture by combining key metrics from mobile and browser apps with supporting services, datastores, and hosts, so we can optimize performance holistically and ensure the system is up and running as peak performance based on the level of user and service usage. - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Data Export can be carried out directly by the client using bulk export via the Strata Pathways management console. Strata will be happy to work with clients to assist them in doing this.
- Data export formats
- CSV
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- We provide 99.5 availability of the service under our standard SLA. Our Service Level Agreement is include with the Terms and Conditions and in the event of an outage Strata will work with the clients to agree any monetary compensation based on lost whole service days.
- Approach to resilience
- This information can be provided on request. The Data centre is managed with HSCN and is bound by the SLA in place for that service.
- Outage reporting
- Outage reports are extremely rare but if they do occur clients will be notified by email and through a notification in the log-in page
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- The Strata Platform used Role Based Access Control to determine which individuals or groups of individuals can access any part of the system. The ability to restrict access can be controlled by client leadership and the Strata system will only provide access to the features and parts of the system that their role and level dictates. This can also be applied to the users ability to access support and management consoles features,
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QAS International
- ISO/IEC 27001 accreditation date
- 30 June 2014 and annually since
- What the ISO/IEC 27001 doesn’t cover
- Not Applicable
- ISO 28000:2007 certification
- Yes
- Who accredited the ISO 28000:2007
- QAS International
- ISO 28000:2007 accreditation date
- 30June 2018
- What the ISO 28000:2007 doesn’t cover
- Not Applicable
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
To ensure all Patient Health Information is secure and safe, Strata Health Solutions has created in depth policies and procedures around the handling of PHI or PID. Strata Health defines confidential data into two categories, client confidential and business confidential as defined in ISF03 Information Security Document Classification. Confidential information is any data stored on our systems as pertains to our clients or business. This includes but is not limited to:
• Personal Health Information (PHI) as defined by the privacy acts of the regions we operate in.
• Information regarding the services provided by any of our customers or client sites.
• Information regarding clinicians and any other customer contacts.
• Any other Personally Identifiable Information (PII) that falls outside of the health care privacy acts.
All staff share a responsibility to safeguard any and all confidential and client confidential information and to ensure it is used appropriately and must agree to a stringent set of security criteria linked to how all information in handled and secured. The CEO is ultimately responsible for ensuring that all policies are adhered to and the Security office is responsible for ensuring that the service is fit for purpose.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- All aspect of configuration and change management are managed under our ISO 27001 guidelines, processes and principles. Strata use various system to track and manage all config and change programme and follows industry best practices and guidelines at all times.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- All aspect of vulnerability management are managed under our ISO 27001 guidelines, processes and principles. Strata use various system to track and manage all potential threats and can mobilise quickly to address threats and apply patches. Strata follows industry best practices and guidelines at all times and work with industry leading partners to keep ahead of all information relevant to threat management.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- All aspect of protective monitoring are managed under our ISO 27001 guidelines, processes and principles. Strata use various systems to track and manage all potential threats and can mobilise quickly to address threats and apply patches. Strata follows industry best practices and guidelines at all times and work with industry leading partners to keep ahead of all information relevant to threat management.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- All aspect of incident management are managed under our ISO 27001 guidelines, processes and principles. Strata use an incident management system called JIRA and follows industry best practices and guidelines including ITIL for service desk management. Users can reports incidents by email or using our 24/7 support numbers. Using our support processes we will track and monitor progress and report back to users as necessary.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- Public Services Network (PSN)
- NHS Network (N3)
- Scottish Wide Area Network (SWAN)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £60,000 to £250,000 an instance a year
- Discount for educational organisations
- No
- Free trial available
- No