This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with AccuRx are still valid.
AccuRx

AccuRx Chain Huddle

Instant messaging platform for NHS GP practices.

Communicate better as a team without interrupting your workflow. Quickly get help from colleagues when you need it. Save everyone time and improve practice efficiency.

Securely discuss patients with a record of the conversation.

Features

  • Full audit trail for all messages sent and read receipts
  • Support for message 'groups'
  • Threaded messages, just like a conversation
  • Auto-login and push notifications on the toolbar
  • 'Urgent' messages and 'Panic Alerts' will pop-up for the recipient
  • Authenticated by NHS mail account
  • Clip and export a section of messages to save elsewhere
  • Room and phone extension for all online users
  • Message history search
  • Message colleagues in other organisations

Benefits

  • Save time sending emails, screen messages and paper notes
  • Work as a team, even when behind closed doors
  • Easily share updates with the entire team
  • Collaborate in role-based groups
  • Quickly find an available colleague for a second opinion
  • See who is in the building and where they are
  • Receptionists can ask GPs a question whilst on a call
  • Let colleagues know when you're running late and need support
  • Create knowledge-sharing groups between practices
  • Save an audit trail of a conversation about a patient

Pricing

£0.20 a person a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sharan@accurx.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

6 3 2 9 0 7 9 5 3 8 1 7 7 0 0

Contact

AccuRx Sharan Nichani
Telephone: 02070992279
Email: sharan@accurx.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
EMIS Web
Cloud deployment model
Public cloud
Service constraints
All functionality that interacts with the medical record is currently limited to practices using EMIS Web. We are working to support a wider range of practices.
System requirements
  • Microsoft Windows 7 and above
  • 50MB hard drive space
  • 100MB working RAM
  • .NET 4.6.1 or greater
  • Reliable internet connection
  • EMIS Web (for functionality requiring the medical record)
  • Whitelisting details available if necessary upon request

User support

Email or online ticketing support
Email or online ticketing
Support response times
Usually within the hour during the working day, but it can take up to one working day
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
We use Tidio Chat to manage web chat with our users. Tidio does not use WCAG 2 guidelines, as they are not a governmental body. However, they confirm that they always act in accordance with the relevant UK and EU legislation and comply with policies. They may be adding accessibility standards in the future.
Web chat accessibility testing
NA
Onsite support
Yes, at extra cost
Support levels
All users are able to use email, phone, web chat and self-help support. At busy times we will prioritise support requests from users on the premium tier.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We've designed Chain to be intuitive so that users don't need training. To start using Chain, users can simply visit our website, download the desktop client, and follow the instructions.

We also share a Powerpoint presentation that can be given to the team in a practice meeting.

We provide onboarding support by email, phone, web chat and remote desktop. We log the nature of each query, and prioritise development improvements on any repeating barriers to use.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Clinical data is saved back into the principal clinical system. Additional data can be exported to csv and provided upon request.
End-of-contract process
At the end of the contract, if the contract is not renewed, all users (i.e. practice staff, not patients) will be sent an email notifying them that they will be downgraded from the premium tier to the free tier.

Should the practice wish to entirely discontinue using AccuRx services, all users will be notified of this, and the practice will be sent uninstall instructions. The practice will be deactivated after 14 days.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
Windows
Designed for use on mobile devices
No
Accessibility standards
None or don’t know
Description of accessibility
AccuRx Chain is primarily provided through a desktop client. Correspondence is sent to patients via SMS message, utilising mobile device native accessibility features.
Accessibility testing
NA
API
No
Customisation available
Yes
Description of customisation
GP practices are able to customise the modules of AccuRx Chain that they require. They can tailor their setup to the individual organisation, for example creating their own messaging groups.

Scaling

Independence of resources
We routinely monitor server performance to ensure reliable service levels. Our server implementations are fully scalable, and we will be implementing Microsoft Azure AutoScale in 2018.

Analytics

Service usage metrics
Yes
Metrics types
We provide a weekly email summarising usage for that organisation.

We also provide a practice dashboard that can be accessed at any time. This shows the usage of Chain products, including cuts by user, role, and group.

Custom reports can be provided at extra cost.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Clinical data is filed to the principal clinical system, which has its own reporting function.

Organisational data can be exported to csv on request and at no charge.

We are developing a self-export function.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
Microsoft Excel (.xls or .xlsx)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We guarantee 99% availability per calendar month during 8am-8pm Monday-Saturday (excluding bank holidays).

Where we do not meet this level of availability, we will provide a refund pro-rated to the period of downtime, with a 100% uplift.

We will not refund downtime as a result of:
hardware, software or network requirements;
failing to allow AccuRx Chain to update to the latest version; or
failing to assist our support team in resolving issues.
Approach to resilience
We use Microsoft Azure hosting. Resiliency information can be found at https://azure.microsoft.com/en-gb/features/resiliency/

We have a backup SMS gateway that is activated in the event that our primary gateway is not available.

Further information on our resiliency is available on request.
Outage reporting
In the event of service outages, we will notify users via email.
Service status can also be found at www.accurx.com/status

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
User accounts are limited to users with a valid *@nhs.net or *@*.nhs.uk email address. In order to connect to patient or organisation data, a user must be logged into EMIS Web.

The Microsoft Identity service is used to manage User Authentication. By default, users do not use a password, but instead request a login link to be sent to their NHS email account. This creates a token on their device with a rolling two-week validity.
Access restrictions in management interfaces and support channels
Management access is controlled by users with Administrator privileges. These users are defined in the setup phase and managed from the AccuRx server. Only existing Administrators can provide or revoke Administrator privileges from other users. Any user can access support, however our support team will only respond to organisational management requests from Administrators.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Username or password
  • Other

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • NHS IG Toolkit Level 2 (ODS code 8JT17)
  • ISB0129 Clinical Governance assurance
  • Currently completing Cyber Essentials (estimated assurance June 2018)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
We have IG Toolkit Level 2 assurance. We are currently completing Cyber Essentials (estimated completion June 2018)
Information security policies and processes
We have board level responsibility for Information Governance. We have a range of policies in place for information governance, network security, information handling, teleworking, business continuity, confidential information, incident reporting, access control and staff confidentiality. We review these policies at least annually, and will update them if a product or business change necessitates. We conduct Information Governance onboarding and training with all staff to ensure that they are up to date with our policies and processes, and to identify opportunities to improve our Information Governance.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
AccuRx runs a change management process in which all changes are tracked, tested and assessed for their security and clinical impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
By using Azure's platform as a service, we automatically recieve the latest patches to our web service and database. We also regularly update our third party libraries every month to include the latest updates. Any software problem can be patched within 2 hours.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All services on azure have audit trails and automatic threat and vunerability assessment. Any threat generates an email to admins so they can assess and respond immediately.
Incident management type
Supplier-defined controls
Incident management approach
AccuRx have an incident management process that all staff are aware of. This includes a reporting process, a triage process and an escalation path for any incidents that occur. We also conduct simulation incidents to ensure that we are fully prepared.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0.20 a person a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
The free tier of AccuRx Chain can be used indefinitely.
Full details of the functionality available in each tier can be found in the attached pricing document.
Link to free trial
Www.accurx.com

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sharan@accurx.com. Tell them what format you need. It will help if you say what assistive technology you use.