Online Referral: In Utero Transfer
Pregnant women in preterm labour require urgent decision-making regarding risks and benefits of in-utero transfer to a maternity unit with associated neonatal intensive care. This online system automates the process from the point of referral and enables direct online communication between clinical teams at different sites, including transport services.
Features
- Process automation from referral to delivery, discharge, or repatriation
- Clinically co-designed to ensure accuracy of content and process
- Real time communication using secure logged access
- Individual and teams-based access and permissions architecture
- Online clinical conversation, tracking of investigations, consultations and decisions
- Includes review processes and data required for audit
- Open API and interoperable with other digital health systems
- Security tested and compliant with information governance standards
- Captures data to evidence best practice, outcomes and performance
- Provides 24/7 secure access to goals, tasks and information
Benefits
- A lean process of online referral, review and shared decision-making
- Supports effective and efficient handover between healthcare teams
- Ensures a scheduled review and avoids loss to follow-up
- Reduces administrative burden on frontline staff
- Supports Better Births national drivers and improvement goals
- Enhanced information governance and clinical governance
- Creates a patient-centred database and central reporting across whole-care pathway
- Access to structured process improves consistency from referral to review
- Central reporting of outcomes and performance
- Enables consistent risk stratification and triage
Pricing
£1,250 a unit a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
4 0 9 8 4 4 5 3 0 4 1 1 2 0 8
Contact
Health Pathways Limited
Marc Hoogstad
Telephone: 07799595446
Email: team@healthpathways.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- The service is designed to be 24/7. Any system upgrades and maintenance will be communicated to customers through the application and other agreed notifications. The service hours for support will be agreed in the SLA.
- System requirements
- Minimum specification for web browsers for each PC or device
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response times are agreed in the service level agreement (SLA). Response target times are dependent on issue priority however are typically within one hour during normal UK office hours and custom support can be provided.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- The web chat has been tested against accessibility standards.
- Onsite support
- Onsite support
- Support levels
- Support will be agreed in the SLA and customised according to the needs of the organisation.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Onsite or remote training will be provided as part of implementation. Training can be delivered using a variety of different methods including train-the-trainer, demonstrations, workshops and online webinars. Online user documentation is available through the Help Centre. Additional training can be provided as required.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Health Pathways detail this process in the contract. We will provide a copy of data when the contract ends in compliance with data protection and information governance standards and securely remove data from servers.
- End-of-contract process
- Health Pathways detail this process in the contract.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The software is optimised for mobile devices without differences in service.
- Service interface
- Yes
- Description of service interface
- Users can access the Help Center in the application and provide feedback that can be prioritised for agreed upgrades to the software.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- The interface is tested for accessibility standards compliance across popular web browsers.
- API
- Yes
- What users can and can't do using the API
-
The API accepts HL7 messages to register a patient and provides a
patient information stream with EPRs and other health systems. - API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Changes can be made to meet a specific need. The application is delivered as a managed service with scheduled releases. Users of the service have a detailed change management process whereby changes are logged and responded to in scheduled release cycles, allowing for elements of customisation which should comply with national standards.
Scaling
- Independence of resources
- Health Pathways provide the application on segregated resources through a managed service with real time alerting to usage issues.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Service usage metrics are shown in the patient list can be given as a customisable export.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Permissioned users can export data in pre-set reports which are available online or which can be downloaded in a CSV format. Health Pathways have an interoperability team that will work with organisations to define the requirement for additional data exports. This may include the use of the API and HL7 messages.
- Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Availability will be agreed in the SLA. Our hosting partners combine international standards for best practice in security and service management, advanced systems management technologies and the UK’s premier data hosting facilities, to provide unsurpassable, 24/7 assurance, 365 days a year.
- Approach to resilience
- Please request full details on resilience by email to team@healthpathways.co.uk
- Outage reporting
- All reasonable methods to report outages will be agreed including a public dashboard and email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- There is a detailed and long standing process for access and permissions as part of the service. Users can access the system to prescribed levels for teams and organisations with individual usernames/passwords. System interfaces will have detailed and agreed security.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- To be provided on request
- ISO/IEC 27001 accreditation date
- To be provided on request
- What the ISO/IEC 27001 doesn’t cover
- To be provided on request
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials scheme and the Data Security Protection toolkit assessment.
- Information security policies and processes
-
Health Pathway is committed to ensuring that information security is given the highest possible degree of importance which is supported by our Information Governance Policy. These include virus control, password requirements, password encryption, automatic password change, inactivity lockout, pseudonymised and anonymised data and databases, user access controls, fully auditable permissions structure,
SSL certification, and business continuity. All procedures are audited once a year and Health Pathways complete the Data Security and Protection Toolkit yearly.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Health Pathways has a detailed change control process. A change control document is available on request that explains how updates, enhancements and changes are tracked, the release schedule and process and version control and assurance process for changes. JIRA is used to plan, track, and manage the agile software development including prioritisation of customer issues or change requests.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- The services are assured through ISO 27001 accreditation. As part of the management review of risks, preventive actions such as patches are put in place as required. Information about potential threats are notified through the industry and suppliers. Monthly security patching occurs as a scheduled activity.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- ITIL ISO 20000 managed services are constantly monitored for threats and potential compromises. Engineers are alerted to any threats and there is a defined process in place to ensure that corrective and preventive actions are completed.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Health Pathways have incident management processes that include pre-defined processes for common user issues, development lifecycle incidents, reporting of incidents by users online and via email and the use of issue and project tracking software that generate incident reporting.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £1,250 a unit a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A limited free trial is available.