ARDEN'S HEALTH INFORMATICS LIMITED

Ardens for EMIS-Web & SystmOne

Ardens is a Clinical Decision Support System that gives clinicians immediate and easy access to the latest evidence-based diagnostic, treatment and referral resources. Ardens also enables GP Practices and CCGs to accurately evaluate services. This allows the delivery of standardised best practice, whilst protecting patient safety and maximising savings.

Features

• Clinical decision guidance
• Safety alerts
• Referral capacity and demand
• Reports for commisioning, clinical reporting
• Safeguarding & risk stratification
• Practice management tools
• High-risk drug monitoring
• Regularly updated clinical templates
• Links to drug formularies for efficient prescribing
• Support for remote consultations

Benefits

• Easily access clinically rigorous templates from within clinical systems
• Standardise care across teams and practices
• Promote patient safety
• Improve best practice & reduce significant events
• Simplified referral process and safety netting
• Reduce administrative costs
• Upskill your workforce and increase productivity
• Promoting self-care
• Increase GP QOF & Enhanced services income
• Save money through consistent prescribing

£0.15 to £0.25 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at support@ardens.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

529466444770288

Contact

Mick Smith
01725 762062
support@ardens.org.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: TPP SystmOne; EMIS-Web
• Cloud deployment model: Private cloud
• Service constraints: Ardens can only be used in conjunction with SystmOne and EMIS Web. Planned maintenance to these platforms will temporarily restrict our ability to install, update and implement Ardens. Through proactive scheduling, we ensure we support users prior to and after any maintenance to maximise user satisfaction and experience and reduce service downtime. During periods of planned maintenance, we will communicate with our clients informing them of the maintenance period and how we can support them in the meantime.
• System requirements:
  • Must Have access to SystmOne or EMIS-Web
  • Must have a N3 or a HSCN connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: A summary of response times can be found on website: https://www.ardens.org.uk/key-performance-indicators/; ; If deemed clinically relevant or urgent by Ardens, a response will be given within 4 hours and an update provided within 8 hours (excluding issues outside of Ardens control).; Response times are likely to vary at weekends.; All significant feedback is audited monthly by Ardens. For all other feedback and requests, a response will be delivered in 1-4 weeks, depending upon the work required.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All of our customers have access to the same support levels. Our expert post-implementation Support Team is available from 08:30-18:30 Monday – Friday and they are responsible for answering customer queries and ensuring that Ardens has been fully installed and optimised successfully on our customer’s systems. Further support can be provided depending on customer need, such as customising Ardens Manager dashboards to meet specific, local contract reporting requirements. ; ; Additionally, we have a dedicated Support Desk that operate between 08:30-18:30 on weekdays and they handle any customer issues and provide them with assistance to rectify them. ; ; All customers have access to:; • Screensharing facilities with Ardens’ staff to rectify problems; • Webinars; • Users guides; • Online forums and Facebook group chats discussing Ardens ; • Email support; • Our Support Desk; • Our post-implementation Support Team
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the Ardens initial setup package, we provide free training to support deployment and adoption. These will be tailored to the customer’s specific systems, most used templates and customer type (e.g. individual GP practice or GP Federation or CCG) to ensure the customer’s full understanding, confidence and ease of use. Training can also be delivered for more specific topics such as Medicines Management. Additionally, all users are provided with an online set-up guide and email instructions. Documentation will be tailored to customer type and customer location to meet each customer’s specific needs. ; ; Users can visit the support page on our website to access resources for further assistance such as:; ; • Frequently asked questions; • A contact form and our Support Desk for specific queries; • News and updates; • Webinars; • Guides; • Training videos; • Help via screensharing ; • Online forums and Facebook group chats
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We are committed to our clients having access to their data even if they decide to end their contract with us. All data is always held on the customers’ patient administration system; therefore, no data extraction is required post-contract.
• End-of-contract process: At the end of contract, the customer is invited to renew their subscription. If the contract is ended without renewal, the customer and all 3rd party users – such as GP practices if the customer is a CCG or group - will lose access to all Ardens Templates and Manager functionality. However, customers at the end of the contract are supported as part of our offboarding process to provide a smooth transition. Customers can buy another licence for Ardens at any time.; ; All patient data entered using our system resides on either SystmOne or EMIS web, and is not deleted as part of the end-of-contract process.; ; None of our end-of-contract processes attract an additional cost.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: No
• API: No
• Customisation available: Yes
• Description of customisation: Customers can request customisation. Ardens can customise various components including localised enhanced services, referral forms and formularies. For further information, please see www.ardens.org.uk/packages.

Scaling

• Independence of resources: From an operational standpoint, our service is locally hosted by our clients within their instance of EMIS or SystmOne. Therefore, each individual instance doesn’t draw on resources used by other clients. ; ; See our attached Terms and Conditions document for more details.

Analytics

• Service usage metrics: Yes
• Metrics types: Clinical reporting; Commissioning reporting
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest: Other
• Other data at rest protection approach: Not relevant, data processed through secure NHS network
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users can export CSV files containing fully aggregated non-patient identifiable data for commissioning reports and Business Intelligence purposes.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • RPT
  • Xml

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: All of our Template functions are locally hosted on clients’ SystmOne or EMIS installation, therefore uptime is 100%. Manager functions have a guaranteed 99.99% uptime. In the unlikely event of a significant outage of management functions, we will compensate our clients with service credits.
• Approach to resilience: A secure data centre accredited by the HSCIC holds all SystmOne and EMIS data. Through this, SystmOne and EMIS provide both a primary data centre & a secondary data recovery centre. Our cloud services are securely hosted on a UK based server, and we have a SLA in place to guarantee resilience within our server environment. ; ; Ardens resilience protocol and safeguards are available on request.
• Outage reporting: We report any outages to our clients as possible, and within 60 minutes as a maximum. We alert via webpage notifications, emails and our Ardens Chat Facebook group.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are limited by roles, which are documented in Data Security and Protection Toolkit.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Data Security and Protection Toolkit
• Information security policies and processes: We fully comply with NHS Digital Data Security and Protection Toolkit, and have a range of policies and procedures to support the security of our system. These are available to clients on request. ; ; All of our staff are trained on security as part of their induction, and receive regular training updates to ensure continued compliance. For those with access to sensitive parts of software – for example our development environment – additional security training is carried out, as well as appropriate pre-employment checks.; ; Our reporting structure is in line with our security policy. Overall, our Chief Executive has overall responsibility for security, supported by individual product leads.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Prior to the delivery of new resources, a Clinical Safety Case Report (CSCR) is established. Once changes are deployed, the validity of any assumptions and the effectiveness of any controls made in the CSCR are monitored to ensure the perceived level of clinical risk remains representative and acceptable. ; ; Should modifications be identified (e.g. defect fixes or new functionality) we review the CSCR to establish if modifications or updates impact on existing hazards or introduce new hazards. Ardens hold a log of all modifications delivered.; ; Our approach is strictly detailed in our Clinical Safety & Risk Management Policy (available on request).
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management approach is detailed in our risk management policy and risk register, which are regularly reviewed by our Board. We have an SLA with our web host. This covers regular security audits to assess potential threats, as well as any remedial actions. This is reported back to us on a regular basis.; ; Our development team rigorously tests our software for any vulnerabilities pre-release. If a vulnerability is identified post-release, then we deploy patches as quickly as possible. If necessary, we have processes in place to roll back to previous versions of the software.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All resources are built in a standardised design and go through the design, build and test approach. Our protective monitoring approach is compliant with the Data Security and Protection Toolkit. We work with a third party specialist – JumpSec – to monitor both our cloud deployment and our internal development systems. They immediately alert us to any potential compromises, which are escalated to our Board, who direct the development team as required. ; ; Once submitted:; • Non-urgent fixes are implemented within 20 working days; • Urgent fixes are implemented within a maximum of 5 working days
• Incident management type: Supplier-defined controls
• Incident management approach: • Serious incidents such as practices not being able to access Ardens – acknowledged within 4 hours of occurrence and resolved within 2 working days; • Complaints such as a complaint about training quality – acknowledged within 3 days of receipt and response within 20 working days; • Urgent updates and issues such as incorrect details on the referral form – delivered within 5 working days of request; ; Complaints are received via our support desk and regular update reporting provided to the customer. We are compliant with the Data Security and Protection Toolkit.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Pricing

• Price: £0.15 to £0.25 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trial of 3 months. ; Included: full access to software package, free in practice training session, technical support.; Not included: localised referral forms and formularies.
• Link to free trial: http://www.ardens.org.uk/trial/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at support@ardens.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.