Outcomes Based Healthcare

OBH® Outcomes Platform

The OBH® Outcomes Platform provides cohort and population level segmentation analytics and outcome measurement. Applying a data-driven approach of the Bridges to Health segmentation model, the tool provides continuous visibility of health outcomes across populations Through ongoing monitoring of outcome measures, it helps drive clinical interventions and support commissioning decisions.


  • Identify baseline values for each outcome using historical data
  • Make statistical adjustments to allow for meaningful comparison
  • Monitor outcomes data with a minimal time lag
  • In depth analysis of each outcome measure, where applicable
  • Monitor survey data to measure person-centred outcomes
  • View the annual financial out-turn of outcomes-based contracts
  • In depth cohort and whole population level segmentation analytics
  • Application of data-driven and clinically robust population segmentation model
  • System-level view of outcomes, consistent with population health management requirements
  • Data-driven, accurate measurement of Healthy Lifespan® or HealthSpan™


  • Measure outcomes for whole populations or single conditions
  • Know your outcomes at the start of the process
  • Trust your outcomes measures are accurate and complete
  • Assurance that your outcomes definitions are always up to date
  • Segmentation analytics allows for real insight into populations
  • Confidence that Information Governance rules are followed
  • Reduce the time and complexity to set up outcomes-based contracts
  • Timeliness of reporting allows for in-year contracting
  • Key quality improvement insights for successful population health management
  • Evaluation approach that measures impact of interventions


£75000 per licence per year

Service documents


G-Cloud 11

Service ID

4 8 7 9 3 9 4 9 5 9 8 7 0 1 4


Outcomes Based Healthcare

Rupert Dunbar-Rees



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints 1. Client must have legal access to data for outcomes measurement
2. Updates are dependant on timely access to data
3. Accuracy depends on access to multiple linked data sources
System requirements Modern browser which is internet accessible

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24h on weekdays.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 0 is in the form of a) documentation describing the outcomes, b)templates for data sharing agreements related to data flows to OBH, c) specifications for data extractions. These are included in the contract.
Level 1 is included as contracted hours of support for queries / questions related to the Outcomes Platform.
Level 2 is any support required above and beyond the contracted hours and will be based on the rate card.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Basic training is included in the initial purchase of the cloud software. Additional support can be purchased via services provided in lot 3 (cloud support).
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction There is no functionality to extract derived outcomes data at the end of the contract. Depending on the contract, derived outcomes data can be left on the Outcomes Platform for benchmarking purposes.
End-of-contract process Access to the Outcomes Platform is removed. Depending on the contract with the buyer, derived outcomes data may remain for benchmarking purposes or be removed and destroyed in accordance with IG regulations.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Service interface No
Customisation available No


Independence of resources A 99.99% uptime SLA is in place with the hosting server provider. Servers can be resized when usage increases beyond required levels. Independent servers can be provided for users at the prevailing rate when requested.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach There is no functionality for users to export derived outcomes data. Data is provided by the buyer at the start of the contract and can be viewed on the Outcomes Platform during the life of the contract.
Data export formats Other
Other data export formats N/a
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network The webserver hosting the OBH Outcomes Platform is not on the OBH company network. In addition, the Outcomes Platform is installed on a server which has an SSL/TLS certificate and all data is therefore transmitted over an HTTPS secure connection. A firewall is installed on the server. TLS connections are in place between data servers and users. File data is stored on encrypted blocks on the storage servers. Access to data is also password protected.

Availability and resilience

Availability and resilience
Guaranteed availability 99.99% uptime SLA with server provider and contractual commitment.
Approach to resilience Multiple servers are load balanced when required. In addition, there is a contractual commitment from the server provider for any required uptime.
Outage reporting Email to registered client and/or a notification on the company / service website.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Management interface access is through role-based access for defined usernames and passwords. Support channels are restricted by direct contact with individuals including email and telephone.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach OBH ensures that all members of our staff are aware of, and comply with, relevant legislation, including the Data Protection Act and more recently, General Data Protection Regulation. In addition, OBH maintains policies which describe the principles of information security management and how these shall be implemented within OBH. OBH will assist staff to identify and implement information security as an integral part of their day-to-day role within the company. OBH will also safeguard information relating to staff and clients under the control of the company.
Information security policies and processes OBH holds its own Information Security and Information Governance policies. In addition, OBH is compliant with the NHS Digital Information Governance toolkit as a Commercial Third Party, having secured Level 3 (100%).

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration is managed as part of the installation process for a buyer and any changes are made after communicating to buyers about expected impact, if any. Any requirements changes are analysed for impact assessment and for budgetary considerations.
Vulnerability management type Undisclosed
Vulnerability management approach Potential threats are assessed and managed through a variety of means. These include security software running on servers as well as third party hosting providers assessing threats and scanning hardware. Patches can be deployed as quickly as same day, depending on the required solution. Monitoring on the hosting servers will also report potential threats directly to OBH staff.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Monitoring on servers report potential issues and compromises on a regular basis. This monitoring allows OBH staff to action any relevant response within minutes of any potential issue, if required.
Incident management type Supplier-defined controls
Incident management approach The OBH Information Security Policy defines the incident management process. Incidents are reported to the SIRO or IG lead (depending on the nature of the incident) and these are recorded, analysed and investigated.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £75000 per licence per year
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑