Ardens for EMIS-Web & SystmOne

Ardens is a Clinical Decision Support System that gives clinicians immediate and easy access to the latest evidence-based diagnostic, treatment and referral resources. Ardens also enables GP Practices and CCGs to accurately evaluate services. This allows the delivery of standardised best practice, whilst protecting patient safety and maximising savings.


  • Clinical decision guidance
  • Safety alerts
  • Referral capacity and demand
  • Reports for commisioning, clinical reporting
  • Safeguarding & risk stratification
  • Practice management tools
  • High-risk drug monitoring
  • Regularly updated clinical templates
  • Links to drug formularies for efficient prescribing
  • Support for remote consultations


  • Easily access clinically rigorous templates from within clinical systems
  • Standardise care across teams and practices
  • Promote patient safety
  • Improve best practice & reduce significant events
  • Simplified referral process and safety netting
  • Reduce administrative costs
  • Upskill your workforce and increase productivity
  • Promoting self-care
  • Increase GP QOF & Enhanced services income
  • Save money through consistent prescribing


£0.15 to £0.25 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

5 2 9 4 6 6 4 4 4 7 7 0 2 8 8


Telephone: 01725 762062

Service scope

Software add-on or extension
What software services is the service an extension to
TPP SystmOne
Cloud deployment model
Private cloud
Service constraints
Ardens can only be used in conjunction with SystmOne and EMIS Web. Planned maintenance to these platforms will temporarily restrict our ability to install, update and implement Ardens. Through proactive scheduling, we ensure we support users prior to and after any maintenance to maximise user satisfaction and experience and reduce service downtime. During periods of planned maintenance, we will communicate with our clients informing them of the maintenance period and how we can support them in the meantime.
System requirements
  • Must Have access to SystmOne or EMIS-Web
  • Must have a N3 or a HSCN connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
A summary of response times can be found on website:

If deemed clinically relevant or urgent by Ardens, a response will be given within 4 hours and an update provided within 8 hours (excluding issues outside of Ardens control).
Response times are likely to vary at weekends.
All significant feedback is audited monthly by Ardens. For all other feedback and requests, a response will be delivered in 1-4 weeks, depending upon the work required.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
All of our customers have access to the same support levels. Our expert post-implementation Support Team is available from 08:30-18:30 Monday – Friday and they are responsible for answering customer queries and ensuring that Ardens has been fully installed and optimised successfully on our customer’s systems. Further support can be provided depending on customer need, such as customising Ardens Manager dashboards to meet specific, local contract reporting requirements.

Additionally, we have a dedicated Support Desk that operate between 08:30-18:30 on weekdays and they handle any customer issues and provide them with assistance to rectify them.

All customers have access to:
• Screensharing facilities with Ardens’ staff to rectify problems
• Webinars
• Users guides
• Online forums and Facebook group chats discussing Ardens
• Email support
• Our Support Desk
• Our post-implementation Support Team
Support available to third parties

Onboarding and offboarding

Getting started
As part of the Ardens initial setup package, we provide free training to support deployment and adoption. These will be tailored to the customer’s specific systems, most used templates and customer type (e.g. individual GP practice or GP Federation or CCG) to ensure the customer’s full understanding, confidence and ease of use. Training can also be delivered for more specific topics such as Medicines Management. Additionally, all users are provided with an online set-up guide and email instructions. Documentation will be tailored to customer type and customer location to meet each customer’s specific needs.

Users can visit the support page on our website to access resources for further assistance such as:

• Frequently asked questions
• A contact form and our Support Desk for specific queries
• News and updates
• Webinars
• Guides
• Training videos
• Help via screensharing
• Online forums and Facebook group chats
Service documentation
Documentation formats
End-of-contract data extraction
We are committed to our clients having access to their data even if they decide to end their contract with us. All data is always held on the customers’ patient administration system; therefore, no data extraction is required post-contract.
End-of-contract process
At the end of contract, the customer is invited to renew their subscription. If the contract is ended without renewal, the customer and all 3rd party users – such as GP practices if the customer is a CCG or group - will lose access to all Ardens Templates and Manager functionality. However, customers at the end of the contract are supported as part of our offboarding process to provide a smooth transition. Customers can buy another licence for Ardens at any time.

All patient data entered using our system resides on either SystmOne or EMIS web, and is not deleted as part of the end-of-contract process.

None of our end-of-contract processes attract an additional cost.

Using the service

Web browser interface
Application to install
Compatible operating systems
Designed for use on mobile devices
Service interface
Customisation available
Description of customisation
Customers can request customisation. Ardens can customise various components including localised enhanced services, referral forms and formularies. For further information, please see


Independence of resources
From an operational standpoint, our service is locally hosted by our clients within their instance of EMIS or SystmOne. Therefore, each individual instance doesn’t draw on resources used by other clients.

See our attached Terms and Conditions document for more details.


Service usage metrics
Metrics types
Clinical reporting; Commissioning reporting
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Protecting data at rest
Other data at rest protection approach
Not relevant, data processed through secure NHS network
Data sanitisation process
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can export CSV files containing fully aggregated non-patient identifiable data for commissioning reports and Business Intelligence purposes.
Data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • RPT
  • Xml

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
All of our Template functions are locally hosted on clients’ SystmOne or EMIS installation, therefore uptime is 100%. Manager functions have a guaranteed 99.99% uptime. In the unlikely event of a significant outage of management functions, we will compensate our clients with service credits.
Approach to resilience
A secure data centre accredited by the HSCIC holds all SystmOne and EMIS data. Through this, SystmOne and EMIS provide both a primary data centre & a secondary data recovery centre. Our cloud services are securely hosted on a UK based server, and we have a SLA in place to guarantee resilience within our server environment.

Ardens resilience protocol and safeguards are available on request.
Outage reporting
We report any outages to our clients as possible, and within 60 minutes as a maximum. We alert via webpage notifications, emails and our Ardens Chat Facebook group.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Management interfaces are limited by roles, which are documented in Data Security and Protection Toolkit.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Data Security and Protection Toolkit
Information security policies and processes
We fully comply with NHS Digital Data Security and Protection Toolkit, and have a range of policies and procedures to support the security of our system. These are available to clients on request.

All of our staff are trained on security as part of their induction, and receive regular training updates to ensure continued compliance. For those with access to sensitive parts of software – for example our development environment – additional security training is carried out, as well as appropriate pre-employment checks.

Our reporting structure is in line with our security policy. Overall, our Chief Executive has overall responsibility for security, supported by individual product leads.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Prior to the delivery of new resources, a Clinical Safety Case Report (CSCR) is established. Once changes are deployed, the validity of any assumptions and the effectiveness of any controls made in the CSCR are monitored to ensure the perceived level of clinical risk remains representative and acceptable.

Should modifications be identified (e.g. defect fixes or new functionality) we review the CSCR to establish if modifications or updates impact on existing hazards or introduce new hazards. Ardens hold a log of all modifications delivered.

Our approach is strictly detailed in our Clinical Safety & Risk Management Policy (available on request).
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our vulnerability management approach is detailed in our risk management policy and risk register, which are regularly reviewed by our Board. We have an SLA with our web host. This covers regular security audits to assess potential threats, as well as any remedial actions. This is reported back to us on a regular basis.

Our development team rigorously tests our software for any vulnerabilities pre-release. If a vulnerability is identified post-release, then we deploy patches as quickly as possible. If necessary, we have processes in place to roll back to previous versions of the software.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All resources are built in a standardised design and go through the design, build and test approach. Our protective monitoring approach is compliant with the Data Security and Protection Toolkit. We work with a third party specialist – JumpSec – to monitor both our cloud deployment and our internal development systems. They immediately alert us to any potential compromises, which are escalated to our Board, who direct the development team as required.

Once submitted:
• Non-urgent fixes are implemented within 20 working days
• Urgent fixes are implemented within a maximum of 5 working days
Incident management type
Supplier-defined controls
Incident management approach
• Serious incidents such as practices not being able to access Ardens – acknowledged within 4 hours of occurrence and resolved within 2 working days
• Complaints such as a complaint about training quality – acknowledged within 3 days of receipt and response within 20 working days
• Urgent updates and issues such as incorrect details on the referral form – delivered within 5 working days of request

Complaints are received via our support desk and regular update reporting provided to the customer. We are compliant with the Data Security and Protection Toolkit.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)


£0.15 to £0.25 a unit a year
Discount for educational organisations
Free trial available
Description of free trial
Free trial of 3 months.
Included: full access to software package, free in practice training session, technical support.
Not included: localised referral forms and formularies.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.