NELIE Analytics and Business Intelligence (BI) Platform
NELIE provides a platform for Analytics, Design and implementation services to help healthcare organisations use IT, organise commissioning functions and improved outcomes, such as the Covid-19 response using interactive dashboards for population health management. We support evolving commissioning models and Integrated Care Systems prepare for optimisation of cloud services.
Features
- Integrated Health and Social Care data to support ICSs
- Data Warehousing and reporting hosted in the Cloud including Mapping
- Population Health Management - Infrastructure and Intelligence
- Patient reidentification services
- Quintuple Aim - Value, Patient and Carer Experience, Inqualities, Sustainable
- NHS Long Term Plan support including Social Prescribing
- Actuarial Type Analysis, Benchmarking, Health Evaluation and Data Modelling
- Risk Stratifiaction and Segmentation algorithms
- Data Science, Big Data processed in the Cloud
- Interoperability, Data Sharing and linkage - FIHR / HL7 standards
Benefits
- Unrivaled knowledge of health and social care data and systems.
- Our pragmatic strategy and design solutions will focus on outcomes
- Adaptive, flexible, customisable and agile solutions
- Sound and robust investment cases
- Delivery at pace with focus on benefits realisation
- Building stakeholder support and commitment to change
- A collaborative working style, building internal team working
- Skills transfer enabling continuous improvement
- Social value creation
- Influence, scale and partnerships
Pricing
£0.20 to £0.65 a unit
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
5 8 1 8 5 1 9 3 6 2 6 9 9 9 5
Contact
NEL Commissioning Support Unit
Business Development
Telephone: 02036881000
Email: nelcsu.businessdevelopment@nhs.net
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- N/A
- System requirements
-
- IE9
- 2Mbps internet connection
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
As a standard offering, first-line support will be provided between 8:30AM am to 5:30PM pm, Monday to Friday (excluding national holidays) via email and phone. Hours can be extended and customised to meet our customers’ requirements.
• Assignment of service requests and incidents to the appropriate team;
• Agreeing priorities for service requests and incidents with the designated team in line with customer business needs and priorities;
• Escalation of a ticket from incident to problem;
• Provide monthly reports;
• Liaising with second-line and third-line support teams; - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
As a standard offering, first-line support will be provided between 8:30AM am to 5:30PM pm, Monday to Friday (excluding national holidays) via email and phone. The core functions of support provided are listed below. These functions and the core support hours can be extended and customised to meet our customers’ requirements.
Ticket logging for all service requests and incidents relating to access and/or use of systems;
Ticket logging for all service requests and incidents relating to requests for data;
Ticket logging for all service requests and incidents relating to queries and ad-hoc requests;
Assignment of logged service requests and incidents to the appropriate team for resolution; and
Agreeing priorities for logged service requests and incidents with the designated team in line with customer business needs and priorities;
Escalation of a ticket from incident to problem - internal escalation process;
Provide monthly reports on the performance of the service;
Liaising with second-line and third-line support teams;
These functions and the core support hours can be extended and customised to meet our customers’ requirements. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Customers are required to complete Data Processing Agreements allowing NEL to extract data on a legal basis. All new projects will also require a Data Privacy Impact Assessment (DPIA).
Following this, we will propose a roll out plan that includes registration, training modules and support for all customers locally or remotely. We also follow the Agile methodology to deploy new features as and when they become available. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Agreed within the service Agreement, we will work with customers to define a service exit plan including delivery of a wholesale data export in an agreed format, typically presented as the original inbound source files.
- End-of-contract process
- In the absence of a service renewal, Customers will be supported through an agreed exit plan. Source data sets will be packaged and shared with the customer, and accounts will be deactivated.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Optional modules of services
Customisable reporting options
SQL services as a platform provides flexibility to build own BI solutions
Scaling
- Independence of resources
- We build our solutions with scale in mind and ensure our infrastructure is scalable to suit our customers needs. We are able to flexibility adapt the storage and processing power of the underlying architecture, and regularly stress test our solutions to ensure they can cope with increased demand at peak periods.
Analytics
- Service usage metrics
- Yes
- Metrics types
- We are able to offer service usage metrics related to our Sandpit and NELIE Portal modules. This includes but is not limited to measures for distinct user hits, total page hits and SQL instance capacity usage.
- Reporting types
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Variable methods dependent upon the service module. Sandpit Data can be exported through SSMS, Excel and Access. NELIE Portal reports can be exported as PDF, Excel and Word files.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- Excel
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- HL7
- FIHR
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- 98% availability guaranteed to service agreement.
- Approach to resilience
- Variable by module. We provide replication services, and regular snapshot and transactional back-ups dependent upon the use case of the tool/data.
- Outage reporting
- Service outages are reported through our dedicated helpdesk via Email and notifications within selected service modules.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Optional routes to authenticate used through provisioned Local Active Directory account, or Federated Active Directory.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- NHS Industry Standards, IG Toolkit, working in line with ISO/IEC 27001
- Information security policies and processes
-
Security Governance approach includes:
- IG Toolkit Level 2 compliance
- Information Security Management Plans, which are developed through practice-based experience
- ISO 27001 - aligned with the ISO 27001 internationally-recognised gold standard and information security standards
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Requests for change are submitted to Change Control Board for review and approval prior to implementation.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
The system is regularly penetration tested for vulnerabilities in coding and security. It is fully protected by Microsoft Update Service and Sophos Threat Management.
Both these products are automated and fully managed. We subscribe to Microsoft TechNet Technical Security Bulletins and Sophos RSS Feeds for regular updates. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We are proactively monitoring against known baselines using PRTG, Solarwinds. The baseline is regularly reviewed. Sophos identifies immediate firewall breaches. Any breaches or changes to the baseline are dealt with immediately, within business hours, by a dedicated team.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Internally defined incident management policy aligns with NHS Industry Standards. Users report incidents via the Service Desk, either via telephone or email. Each incident is given a unique reference number and a priority, which defines the length of time allowed to resolve the incident. Incidents are analysed to look for common trends by reviewing the type of incidents logged and trying to identify root causes. We report each month to our customers on the number of incidents logged and our performance in terms of meeting the fix time.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- Public Services Network (PSN)
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £0.20 to £0.65 a unit
- Discount for educational organisations
- No
- Free trial available
- No