OrderWise™ Clinical Decision Support
OrderWise is a clinical decision support service that enables evidence-based diagnostic imaging requests at the point of care. As a result, clinicians can request the right test at the right time for patients directly within their workflow, thereby enabling quality care and reducing inappropriate imaging utilisation.
Features
- Clinician-Preferred Workflow – Integrates within order communications systems and workflow
- Flexible Guideline Deployment – Evidence-based content with opportunity for customisation
- Exclusively loaded with Royal College of Radiologists-approved decision structures
- Agile approach to guideline customisation using an authoring Studio
- Integrates with patient record and GE Dose Watch
- Recommends optimum examination and tracks any deviation
- Evidence-based content with opportunity for customisation
- Analytics Enabling Process Improvement, resulting in improved quality and outcomes
- Enables CDS capabilities beyond radiology, including cardiology, oncology, clinical pathways.
- Value-Added Integrations with radiation dose management solutions
Benefits
- Reduces demand rise
- Increases optimised referrals
- Reduces clinical variation
- Reduces patient irradiation
- Improves assessment before referral
- Improves the quality of patient care through appropriate imaging requests
- Enables cost savings through a reduction in inappropriate imaging utlilisation
- Engages clinicians to enable a change toward value-based care
- Enables clinical process improvements
Pricing
£17,388 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
5 0 7 0 5 3 3 6 3 3 0 3 8 9 7
Contact
GE Healthcare Finnamore Ltd
<removed>
Telephone: <removed>
Email: <removed>@6a16b623-f50b-4d88-b5c2-42f83b06cad0.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Value and workflow efficiency is optimised when the software is integrated within order communications or electronic patient record systems
- Cloud deployment model
- Private cloud
- Service constraints
- The value and efficiency of OrderWise is optimised when integrated within an order communications system or electronic patient records system. As a result, buyers should consider the integration requirements if choosing this option. GEHCP can support this integration and are already in discussions with many of the most prolific suppliers on these systems in the UK.
- System requirements
-
- Active internet connection
- Supported web browser
- API connectivity to local order comms or EPR (integrated version)
User support
- Email or online ticketing support
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Tier 1 support is provided by GE Healthcare Partners. Tier 2 and 3 support is escalated to the software supplier/host (Medcurrent).
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- GEHCP provides best practice software implementation support; digital & analytics cloud strategy; programme management and assurance and organisational development/change management to support effective use.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- Customers can export their data via the embedded export function within the analytics module or via service request.
- End-of-contract process
- When a contract terminates, all data is provided to the customer and access to the OrderWise service is withdrawn.
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- N/a
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- End-users can call MedCurrent's OrderWise service via API and communicate any relevant patient information required to drive the clinical decision support workflow. At the end of the CDS session, the API enables data to be pushed back into the host system to ensure workflow efficiency and eliminate any duplicate data entry.
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Users can customise both the software and the evidence-based guidelines contained within OrderWise via the configuration panel and Authoring Studio or through Professional Services
Scaling
- Independence of resources
- OrderWise is hosted on elastic servers whereby requirements expand as system use grows. MedCurrent also monitors performance on a regular basis to ensure server requirements meet customer demand, with flags to alert support staff if any issues arise.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Service metrics are provided across two main dimensions: Availability and Resolution of Issues. In terms of availability and uptime, planned availability is captured and reported to ensure 99.5% uptime. With respect to resolution of issues, a success ratio is captured to ensure timely resolution of issues based on a tiered severity structure.
- Reporting types
- Regular reports
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Medcurrent Corporation
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Customers can export their data via the embedded export function within the analytics module or via service request.
- Data export formats
- Other
- Other data export formats
-
- Spreadsheet
- Data import formats
- Other
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
-
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection within supplier network
- All of our cloud-hosted solutions are protected both in transfer and at rest, with SSL encryption and standard 256-bit AES encryption respectively.
Availability and resilience
- Guaranteed availability
- 99.5% up time
- Approach to resilience
- Medcurrent's Service Level Agreement with Microsoft Azure assures 99.9% server up time, elastic/expansive server capabilities, daily back-up functionality, and constant security/access monitoring.
- Outage reporting
- Any errors or interruption in service are automatically reported electronically to Medcurrent's JIRA help desk, where the issue can be picked up, monitored, and resolved. At the same time, Microsoft Azure offers insight tracking for our development team to log and monitor activity and performance of all our applications on a regular basis.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Limited access network (for example PSN)
- Access restrictions in management interfaces and support channels
- OrderWise authenticates each session via a customer-specific URL and API-key. Although end-user credentials may be captured via the API, it is not required to authenticate the OrderWise session.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Dedicated link (for example VPN)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Medcurrent are HIPAA compliant
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- HIPAA compliance
- Information security policies and processes
- As we have recently engaged Compliancy Group to achieve their "seal of compliance" for HIPAA requirements, we will be migrating our policies and procedures to their online management platform The Guard. Our Security Officer is overseeing this process, and together they are ensuring we continue to attest to high standards of security governance.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- GEHCP provides best practice software implementation support and change management to support effective use. We will hold initial meetings and workshops with each client to establish configuration requirements and will liaise with Medcurrent as necessary. Medcurrent will manage the configuration of the bespoke solution and we will determine the appropriate change control for each client. Change requests during the life of the contract should be communicated to nominated GEHCF contacts, who will then pass them on to the Medcurrent team using change control documentation. Once updates/changes are agreed and are ready for production, UAT takes place before sign-off allows migration.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- As part of Medcurrent's HIPAA-compliance, they undergo vulnerability scanning and penetration testing at least once per year. Any risks identified are structured in a remediation plan and prioritised for fixes/patches, with the most critical vulnerabilities managed first by the Medcurrent Development Team.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Medcurrent utilises the Security Centre functionality provided by Microsoft Azure to monitor and log and suspicious activity or access attempts to our applications, development environments, etc.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- As per HIPAA policies and procedures, incidents go through several stages: (1) identification, (2) containment, (3) eradication, (4) recovery and closure, (5) follow-up. Incidents are categorised by severity and number of members affected, and managed accordingly. Clients will be notified immediately where possible, within 72 hours as a general rule, and no later than 30 days from the incident discovery in any case.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £17,388 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No