Clarity Informatics Limited

Clarity TeamNet

A web based platform for sharing, exchanging and collaborating in Primary Care groups (including related organisations such as CSUs, Trusts etc.). As well as a unique sharing model, TeamNet includes many specialist tools for primary care. We can typically set up a new client, including practices, in two weeks.

Features

  • You define who can share and with whom
  • Targeted sharing by team, practice and role
  • Clinical topics, localised and tailored for clinician access
  • Practice tools like CQC tracker, absence and appraisal support
  • CCG and provider group tools like risk and project management
  • Collaboration tools like discussion forums, questionnaire tools
  • No limits on numbers of teams, portals or users
  • Highly regarded and responsive support
  • Deployed and ready to share within 14 days
  • Available anywhere

Benefits

  • One place for the practice team and their trusted sources
  • Controlled sharing between CCG, Practice and provider intranets
  • Instant sharing within a team or across a region
  • Accurate information to exactly the people who need it
  • Ease collaboration and integration between primary care teams
  • Avoid shared drives and trying to file emails
  • Scalable for primary care networks and federations

Pricing

£300 to £100,000 a unit a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james.stephenson@clarity.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

5 5 1 1 6 7 5 8 2 7 1 4 3 0 3

Contact

Clarity Informatics Limited James Stephenson
Telephone: 01912875813
Email: james.stephenson@clarity.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Community cloud
Service constraints
N/A. See Service description for availability details.
System requirements
Web browsers, as specified in service description

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times for email are up to 3 working hours. Working hours are normal business hours or as published.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
We provide implementation support consultancy of up to 20 days in any licence year with our collaboration package. This includes two onsite workshops and other days onsite as agreed with our clients.
Support available to third parties
No

Onboarding and offboarding

Getting started
The solution can be configured and deployed for a customer in a matter of hours upon the receipt of initial users and organisational information.
The TeamNet support team will coordinate setting up of portals with the appropriate managers. A centralised training session will be arranged (Setup assistance is built into the platform).

A data import service is available. Data is often held on shared drives. GPTeamNet Support can work with the CCG and practice managers to import information in its native file format to the TeamNet solution wherever possible.

With the package, we also include implementation project support. This includes:
● Use of our established project approach
● Launch and awareness meetings
● Awareness presentations to Governing Body and locality groups
● Analytics and usage statistics
● Monthly review sessions by phone or, by mutual agreement, on client premises.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Clarity shall, on the Customer’s request and at Clarity’s standard daily rates, provide reasonable assistance with the migration of any Customer data to the Customer’s IT systems. Information held in TeamNet is at all times owned by, and the sole responsibility
of the customer.
End-of-contract process
Clarity shall, on the Customer’s request and at Clarity’s standard daily rates, provide reasonable assistance with the migration of any Customer data to the Customer’s IT systems.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Generally, all features are available. iPad support for file uploading has some limitations.
Service interface
No
API
Yes
What users can and can't do using the API
We have APIs that allow access to the details of specifically marked items for consumption by other systems.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Our service is constantly monitored to ensure that we have sufficient resources available to meet the needs of our users.

Analytics

Service usage metrics
Yes
Metrics types
View and login dates by team/portal. Others by agreement.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Many areas of the platform provide downloads in PDF or Excel (CSV) formats.
Data export formats
  • CSV
  • Other
Other data export formats
Any formats as uploaded (e.g. Microsoft Office)
Data import formats
  • CSV
  • Other
Other data import formats
Any formats as uploaded (e.g. Microsoft Office)

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The target for 24/7 Service Availability is 99.00% of the time in any given month. The target for Service Hours availability is 99.5%.

Downtime exists when all or a significant number of customers are unable to access the application and is measured from the time the issue ticket is opened until the downtime condition as defined here no longer exists.

Customer service hours for this service are 8.30 to 17.30 on normal business working days (excluding bank holidays and public holidays).

Availability

● 24/7 Availability is measured as: Total minutes downtime/Total minutes in month
● Service hours availability is calculated as: Total minutes downtime within service hours / Total hours in month.
Approach to resilience
Available on request
Outage reporting
Public announcements on the platform if available, otherwise email.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
We use secure passwords and restrict access to only trusted IPs.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
27/06/2019
What the ISO/IEC 27001 doesn’t cover
The current scope is "The information security for the authoring of clinical knowledge summaries, design and hosting of clinician appraisal and revalidation systems, a sharing portal for primary care organisations and clinical quality improvement services." and this therefore covers TeamNet.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Security policies and procedures are documented in our ISMS, which is independently audited and certificated to ISO27001. This includes board level responsibility and formal paths for asset ownership and risk management.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have a process that is certified by ISO 27001 where we we plan and assess any changes that need to be made to the system on an ongoing basis.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We conduct regular penetration tests with a trusted third party.
Our servers are kept up to date with the latest patches on a weekly basis.
We subscribe to the latest feeds from Microsoft about potential vulnerabilities.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
As detailed in our ISMS, we monitor the industry for known threats/vulnerabilities and also have product specific controls and alerts for suspicious activity. Response times and actions vary with the level and nature of threat but can be within minutes or hours.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have several well defined processes for events both from customers and from internal alerts. User reports are via our helpdesk system (email or phone) and can be escalated immediately if appropriate. Significant events are logged and reviewed, with feedback to involved users and/or more general announcements or communications, Disaster recovery plans are in place for "common" incidents.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£300 to £100,000 a unit a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james.stephenson@clarity.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.