CareDirector Social Care Case Management
CareDirector is a comprehensive health and social care case management system. It is an enterprise grade, modular system used by health and social care organisations to manage their electronic patient recording needs. The solution comprises case recording, business intelligence, finance and numerous specialist modules in an integrated care platform.
Features
- User-friendly
- Accessible
- Easy to integrate
- Real-time reporting
- Customisation layer
- Forms engine
- Dashboards & Graphical Data Visualisation
- Mobile Apps
- Portal Platform
- Built-in Finance modules
Benefits
- Intuitive user interface, reduces training and improves efficiency
- Accessible from multiple browsers and devices. Tested to accessibility standards
- Open API’s, FHIR standard, REST Service and HL7
- Interactive charts and lists customisable by the user
- User defined forms, views, charts, dashboards and workflows
- Form design engine with capable of building sophisticated dynamic forms
- Dashboards incorporating interactive charts and lists with drill-down capability
- Online/Offline capability with support for Android, Windows and iOS
- Resource directory, provider and citizen portal capability with CSS styling
- Financial assessment, invoicing and payment management
Pricing
£250 to £500 a user a year
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
5 9 3 4 0 9 5 1 3 3 1 6 5 4 9
Contact
CareWorks Limited
<removed>
Telephone: <removed>
Email: <removed>@a5c1fd0c-310d-4e28-8b92-7f70be96066f.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
-
- Windows Edge, Firefox and Chrome
- Support for Active Directory and CareDirector proprietary authentication schemes
- Window 7 and Windows 10
- Office 2013 or 2016 for Excel and Mail Merge integration
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
CareWorks helpdesk allows customers to log and track progress of support call , access product, technical knowledge and documentation 24 hours.
This is performed through the web-based customer portal. The portal allows customers to view relevant information, track the progress of individual questions, support performance during a period and communicate with the team.
Once a question is raised through the portal, the main objective is to find a satisfactory answer ASAP. Questions are answered during core business hours only as defined in the SLA and target times for responses can be tailored within the SLA. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
CareWorks provide a comprehensive support service in line with the requirements of our enterprise grade customers, may of whom are government organisations.
CareWorks operate an ITIL standard support service with both online and telephone support underpinned by automated helpdesk system and associated procedures.
CareWorks offer a range of support levels as follows:
Standard Business Hours (9am-5pm) - As per Pricing Schedule
Extended Business Hours (7am-7pm) - On Request
24 x 7x 365 Hours (24 hour) - On Request
CareWorks provide a technical account manager as part of the standard support offering. They are responsible for acting as the primary contact for all account management and support related issues. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
We help users to get started by providing them with access to a series of video tutorials which show them ‘how to’ complete the common tasks using the system.
We provide user manuals and product documentation.
Online and Onsite training are also available for a fee.
Data migration, business-process consultancy, configuration, customisation, project management and technical set-up services are all available at the standard day rates. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- As part of the contract we could agree an exit strategy and plan. That would describe an agreed set of chargeable services which we would provide to extract data for transfer to the customer in a suitable format.
- End-of-contract process
-
Within 30 days of either party issuing notice of Contract Termination or 120 days before Contract expiry, CareWorks undertakes to provide the customer with a written specification and pricing for subsequent extracts of the customer’s data pertaining to this Contract, hereafter referred to as the ‘Data Extract Specification’.
On the day of Contract Termination, CareWorks will provide to the customer one full set of system data including but not limited to client data, user data and reference data, in accordance with the structure and format detailed in the ‘Data Extract Specification’.
If the customer requires additional data extracts in accordance with the ‘Data Extract Specification’ then CareWorks shall provide these data extracts on a Time & Materials basis at the day rates provided, to a schedule agreed by both parties.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The mobile version is a cut-down version of the desktop version. The CareDirector Mobile client supports paperless futures by providing mobile users with information on their workloads, clients and appointments whilst on the move removing the need to print off details prior to leaving the office. It also allows the local authority and partners to complete assessment forms and case notes on the move plus the collection of mandatory signatures on forms using the mobile device screen. Photos of documents can also be taken and uploaded to the client record.
- Service interface
- Yes
- Description of service interface
- The service interface has multiple graphical user interfaces- desktop, mobile and portal. The application is web based. User-led design provides CareDirector with an inherent usability derived from its familiar look and feel. CareDirector uses graphics, icons and colours to make it easier to use and intuitive navigation structure to provide a consistent methodology throughout the system.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
-
CareDirector has been tested by users of:
• Supernova: a screen reader and magnification application used by those with low or no vision
• ZoomText: a magnification application used by those with low vision
• JAWS: a screen reader used by blind people to access Web pages
• Dragon NaturallySpeaking: voice activated software used by those that do not use a conventional input device such as a keyboard or mouse.
• Switch Access: used by those with severe mobility impairments such as Cerebral Palsy to input commands to a computer.
CareDirector user testing has been carried out by carried out by people with a range of disabilities including:
• Blindness or visual impairment
• Deafness
• Colour blindness
• Hard of hearing
• Autistic spectrum disorders
• Dyslexia
• Mobility impairment
• Learning difficulties
• Cognitive impairments
CareDirector has been integrated with the text-to-speech tool from ReadSpeaker, this tool’s features include:
• Read entire content area of page, or
• User can select text to speak
• Current word being spoken is highlighted
• Multiple languages
• Usage statistics - API
- Yes
- What users can and can't do using the API
- The CareDirector API supports two-way communication including Create, Read, Update and Delete (CRUD) operations. This allows users to make changes through the API including the creation of contact records and updating of existing service user and case details. Data retrieval is also supported which includes case delivery information, such as service user contact and demographic details in addition to case summary and status information.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The customisation suite allows system administrators to do the flowing:
• Add new Data Placeholders (fields) to the records
• Modify the Forms for each record type including fields, sections and tabs
• Modify and Create new Views of the data
• Create new Relationships with other data types
• Create Data Mapping to pass data from one record to another
• Create entire new Record Types to support other processes
The customisation processes all take place in a purpose designed user interface without the need for managing manual changes to the database or resorting to code.
The Customisation Suite enables the customer to customise the system locally to meet additional requirements. So, even if you require an additional data field added to a screen or would like to change the layout to facilitate a new business process, these changes can often be made locally without the need for recourse to the supplier.
Scaling
- Independence of resources
-
CareDirector is built on a platform that provides enterprise levels of scalability and performance. With virtualisation, multi-tenancy and hosting options, organisations can maximize hardware utilization and increase their capability to deliver superior application performance and scalability while simultaneously reducing costs.
CareDirector is designed to meet enterprise performance and scalability requirements and can be cost-effectively optimized and tuned using readily available resources and tools. CareDirector is built on the powerful and scalable Microsoft SQL Server platform. Microsoft customers are using Microsoft SQL Server today in multi-thousand user deployments and expanding those deployments to include tens of thousands of users.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- No
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Subject to security permissions, a user can easily export data from CareDirector to Excel. A data export button is embedded into screens with a list of data. Lists of records are created by ad-hoc searches, views and reports. This means that users can create their own data views using our simple to use interface, add or remove columns from those views and save views for reuse later. Each time a view is reused, the latest information is displayed and can be exported to Excel using the ribbon bar button.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
CareDirector can be configured to support up to 99.999% availability. The CareDirector Application servers can be arranged in a high availability Network Load Balanced Cluster. If one of the CareDirector Application servers fails, then the load will automatically be taken up by the remaining application server. The CareDirector database servers also support high availability options including SQL Active/Passive or Always-On availability groups.
We would expect to agree appropriate Service Level Agreements and a Service Credit Regime based on an agreed set of service levels on a case by case basis with the relevant customer. - Approach to resilience
-
The CareDirector Application servers can be arranged in a high availability Network Load Balanced Cluster. If one of the CareDirector Application servers fails, then the load will automatically be taken up by the remaining application server. The CareDirector database servers also support high availability options including SQL Active/Passive or Always-On availability groups.
Data centre Disaster Recovery options are also available with failover to an alternative site.
You can set up automated backups for your SQL Server VMs and a manual backup function is also available. - Outage reporting
- The CareWorks Event management procedure outlines that standardized procedure for handling of Events through the recording, classification, action definition and implementation and closure of activities. Events can be generated by means of email alarms. The event is logged on the Service Desk and reported to the customer through the Service Desk.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
CareDirector provides a comprehensive and granular level of security adopting a role-based security model. Roles can be created for different groups of staff or individual users.
The main components of the Role Based Security are:
Business Units
Teams
Security Roles
Users
Once added to the system, a user is assigned to a business unit and must provide a user name and password before access is granted. One or more security roles are added to each user which govern access to the management interface and modules within. Staff can be grouped into Teams and security roles assigned at the Team level. - Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials
- NHS Data Security and Protection
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Careworks follow a remote Access Security policy that define the rules on how assets or networks are used by employees. A Change Management Policy that defines the formal policy for applying changes to a system. A security incident response Policy to deal with security related events. An acceptable use and email guidance policy. A Data security policy that outlines rules around physical security, system security, data security and internet security. Policies are reviewed each 6 months. Reporting is performed on a monthly basis to the CTO except where incidents occur which require immediate reporting.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- A change management and configure plans would be created. The remote management software implemented by Careworks and Azure contains a configuration management database. This allows an audit of changes of the components throughout their lifetime. This includes asset tracking and auditing. All changes are managed and agreed using standard ITIL change management processes and a change control board. All changes are peer reviewed to ensure are assessed for potential security impacts and other impacts.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Vulnerabilities are assessed according to our patching policy. Patch contents include critical, security, rollups and third-party updates. New updates are checked and updated weekly. Zero-day critical patches are installed immediately. Network and other hardware firmware checks are made monthly to ensure devices are running established and publicly available firmware, updated to manufacturer recommendations. A case is raised with associated priority for identified vulnerabilities. CareWorks contract a third-party to perform Penetration Testing on a yearly basis against the entire environment and full penetration testing against the application. A report is compiled identifying risks and potential impact of vulnerabilities with remediation options.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Careworks use remote monitoring software and Azure monitor to monitor all components and services. The azure security monitor and Careworks monitoring can identify potential compromises. These potential compromises will be logged as incidents and managed using incident management and change management processes. The severity of the potential compromise will be determined rating against risk, and this will determine the severity rating of the incident. This will dictate using SLAs the response time on the incident.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
All cases are formally recorded on the Service Desk. Incidents are managed as per CareWorks documented Incident Management process which adheres to the ITIL V3 Framework. The Incident Management process is applied to every incident regardless of what channel it was received through or time of day. The Service Desk incident supports all three recommended ITIL metrics: Impact, Urgency, Priority.
How calls are logged:
• Alerts
• E-mail
• Phone
• Web Portal
A portal allows customers to view relevant information, track the progress of individual incidents, track the support performance during a period and communicate with the team.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £250 to £500 a user a year
- Discount for educational organisations
- No
- Free trial available
- No