GNOSCO Teledermatology

Dermicus Teledermatology Platform

Dermicus is a CE-certified digital teledermatology platform for fast, secure and remote diagnosis of skin cancer and wounds. Dermicus improves patient experience with faster, early diagnosis and increases communication and collaboration between the clinicians. Dermicus provides a continuous e-learning platform for doctors and nurses to enable the adoption of teledermatology.

Features

  • iPhone App to securely capture and send patient consultation data
  • Web App for secure remote diagnosis by a specialist
  • Secure digital collaboration - professional to professional
  • Continuous education to support clinician training

Benefits

  • Secure, fast remote diagnosis of skin cancer
  • Reduction in patient referrals
  • Reduction in face to face contact - patients and clinicians
  • Reduction in number of excisions
  • Improved patient diagnosis due to clinician collaboration across the platform
  • Significant reduction in ulcer healing time
  • Reduction of clinician time required for wound management
  • Secure and compliant transition of patient data and images
  • Continuous education for clinicians in teledermatology
  • Secure Multi Disciplinary Team (MDT) collaboration and communication

Pricing

£300 a unit a month

Service documents

Framework

G-Cloud 12

Service ID

4 9 1 3 8 5 0 9 5 5 8 3 8 5 6

Contact

GNOSCO Teledermatology Philip Daniels-May
Telephone: 020 8144 9739
Email: philip@gnosco.se

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Dermicus is a platform that can be configured for skin cancer diagnosis, wound management, health in justice/prison health, and general patient photo communication.

Many customers start with implementing a single pathway but we are happy to support the addition of new pathways to your Dermicus solution.
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
The service supports the three latest versions of the following browsers: Internet Explorer, Edge, Google Chrome and Mozilla FireFox

The service supports iPhone 6 (or later version) running iOS version 10 (or later). The customer also needs to procure a dermatoscope, Hiene iC1 is recommended.

GNOSCO are responsible for the App and platform and customer is responsible to being compliant with standard industry security requirements.
System requirements
  • Supported browsers: Internet Explorer, Edge, Google Chrome and Mozilla FireFox
  • Supports iOS 10 or later
  • Requires secure WiFi or mobile data connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support function by email weekdays 08.00-17.00 (excluding UK Public and Bank Holidays UK public holidays).

Support requests will be actioned immediately and will be resolved using our reasonable endeavours, as quickly as practicable to determine the next step in the troubleshooting / analysis.

Users will be kept up to date by email or phone, notifying them of progress regarding their support query.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
No
Onsite support
No
Support levels
Support function by email weekdays 08.00-17.00 (excluding UK Public and Bank Holidays UK public holidays).

Support requests will be actioned immediately and will be resolved using our reasonable endeavours, as quickly as practicable to determine the next step in the troubleshooting / analysis.

Users will be kept up to date by email or phone, notifying them of progress regarding their support query.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Gnosco has designed the Dermicus solution to be extremely simple to implement and start being used by clinicians. Our solution is specifically designed to support organisations to start using Dermicus with none or little implementation support, allowing fast and easy onboarding.

Once the commercial arrangement is agreed, the Dermicus app will be installed on the required end user devices and user names and logins for the platform allocated. This can be done remotely by the Dermicus team.

All that is required after this is to log in and begin using the solution. When you log in and open a new request the users will connect automatically with the clinical centre they are assigned to on the Dermicus Platform. There's no special action to make this happen and levels of access can be allocated per role of the clinician.

Dermicus recommend onsite training in how to use the solution; however, the app has been designed to intuitively lead users along pre-defined pathways. As such the app is simple to use and requires only a very short training period (no more than one day) to become fully proficient.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
At the end of the contract, Gnosco aim for offboarding and data access to be as simple as possible. Gnosco will make all data input into the solution freely available to the buyer. It shall be the buyer's responsibility to engage the services of a data transition expert or a replacement service. Gnosco will provide a full data extract which shall be provided either to the buyer's replacement service or data transition expert. For the avoidance of doubt the Buyer shall be responsible for the migration of data into their new solution.
End-of-contract process
Gnosco have designed the service to have as simple an exit as possible. From an end user device perspective Dermicus is like any other iPhone app and can be simply removed from the device. No data is stored on the device so once the app is deleted from the device it can be used as normal and will not store any Dermicus data.

The Gnosco customer team will be in contact throughout the term of the agreement and will support any data migration requirements required.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile App must be installed to ensure the secure transmission of patient data into the Dermicus platform.

Secure access to the web App is provided by two-factor authentication by SMS code or smart card access.
Service interface
Yes
Description of service interface
Native iOS application and web based application.
Accessibility standards
None or don’t know
Description of accessibility
At present the Dermicus solution has not specifically designed with any formal accessibility features. However the solution has been designed to be easily navigated and clearly laid out to aid comprehension and support safe clinical practice. Should the customer have any specific accessibility requirements please discuss them with the customer team.
Accessibility testing
None.
API
Yes
What users can and can't do using the API
All patient data and management information can be accessed via the API.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The configuration of new patient pathways and practice administration processes, not currently configured in the Dermicus platform can be added for any new customer.

Scaling

Independence of resources
The Dermicus platform is architected to utilize industry standard secure public cloud autoscaling technologies.

Analytics

Service usage metrics
Yes
Metrics types
A range of management service metrics are available, to be discussed during on-boarding process.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported through REST APIs.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
A service level of 99,9 % is provided and any failure to do so results in service credits that will be applied to the next invoice. For more information please see the attached SLA document.
Approach to resilience
Available on request.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
The platform allows customers to restrict user access specific to their role.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Security policies and processes complies with ISO 27001 and OWASP. Any documentation supporting these policies and processes are available on request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes are assessed for potential security impact and all changes are tracked through their lifetime.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Documentation available on request that conforms with ISO 27001 and OWASP.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Documentation available on request that conforms with ISO 27001 and OWASP.
Incident management type
Supplier-defined controls
Incident management approach
Documentation available on request that conforms with ISO 27001 and OWASP.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
Health and Social Care Network (HSCN)

Pricing

Price
£300 a unit a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
2x user accounts to Dermicus - 30 day trial

The following is excluded from free trial:
iPhone
Mobile or Wifi connectivity
Dermatascope - must be compatible with iPhone (recommended Heine iC1)
Link to free trial
https://dermicus.com/en/book-demo/

Service documents