Case management and reporting software for delivering holistic wellbeing services, managing payments for outcomes and spanning the boundaries for joined up care across LTCs, social prescribing, health checks, mental health, smoking cessation and other public health issues to identify multi-morbidity cases and where cost savings can be made.
- Web-based access from any device
- Custom export
- Advanced reporting in real-time
- Full patient view
- Fine-grained permissions for different users
- Link with GPs for social prescribing
- Dedicated support service from Vital Service
- Dynamic dashboards
- Manage cases from anywhere
- Easily find data for reporting requirements
- Little to no burden on local IT
- Highlights multi-morbidity cases
- Measure outcomes faster
- Hourly back ups taken as standard in UK data centres
£3000 per licence per quarter
- Education pricing available
Cloud Data Service Limited
0191 495 7465
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||There is a minimum hardware requirement|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Email acknowledgement is automated and sent immediately.
The service desk is operated 9am-5pm Monday to Friday.
Emails and tickets send outside this time will be dealt with as soon as possible during the next working day.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Minimum email and phone support is included with cost:
Monday - Friday, 9am to 5pm
Coverage outside this time can be arranged and will be costed separately.
A named person will deal with your support request and follow it through to resolution.
|Support available to third parties||Yes|
Onboarding and offboarding
Included with the service:
Online training through the demo site and video consultation (Skype or TocBox) one half day for administrators. Or at a venue in Newcastle upon Tyne.
Administrators are set up by us and they are then expected to set up their own users.
Services that can be arranged for addition cost:
Other users set up.
Onsite training at your place of business.
Additional data imports.
|End-of-contract data extraction||After the extraction is requested, the data is provided in a suitable raw format delivered in a secure way that is mutually beneficial to both parties.|
Data extraction and purging is included.
If extra third party assurances are required, that would incur an additional cost.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Must still be accessed via internet connection and browser|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
Testing has not been officially carried out with users of assistive technology but has been tested against independent measurement sites and by our partner company Vital Service who deal with the user-facing side of the service.
We are confident that the service meets the selected standard but have no official assurances to offer at this time.
|What users can and can't do using the API||An API in RESTish, JSON can be provided but we will need the details of what the buyer expects from it at the time of onboarding.|
|API documentation formats||Other|
|API sandbox or test environment||No|
|Description of customisation||Outcome reporting and dashboard views can be customised per user. Further customisation requirements can be discussed at the onboarding stage if necessary.|
|Independence of resources||Our dedicated server through our hosting company can handle ad hoc requests placed on it. The usage is also managed by our hosting company who would when excessive loads were placed, would accommodate for that automatically - then notify us and get us to change our expected usage and buy more space from them. However the likelihood of this happening is small as we always have a certain percentage free just in case.|
|Service usage metrics||Yes|
Google analytics will be added if you give us a Google account to add at the time of onboarding.
Other metrics can be added separately on request.
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Users are able to export their data in CSV format, and in PDF from the reporting functionality available in the system.
If there are any other requests for data in a different format, this can be requested from the support desk and this will be provided where necessary.
|Data export formats||
|Other data export formats||Additional cost may be incurred for something other than CSV|
|Data import formats||
|Other data import formats||Additional cost may be incurred for something other than CSV|
|Data protection between buyer and supplier networks||Private network or public sector network|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
At the datacentre level, backups are taken hourly. These are both transferred and stored off-site using encryption.
Backups can be restored at any time.
Should the service suffer catastrophic hardware failure, it can be brought back online within four hours. If the datacentre suffers a serious disaster, service can be resumed within 24 hours.
Financial recompense model for not meeting service levels is not offered at a generic level, but individual terms can be agreed with customers at time of purchase if required.
|Approach to resilience||
The server infrastructure is managed by a trusted third party, Paragon Internet Group Ltd t/a Vidahost. Further information is available on request.
Under normal conditions, the service will be fully available 24/7. Monitoring systems will be in place to detect any issues relating the availability of the service. Issues will be reported immediately, and dealt with as soon as possible during office hours.
|Outage reporting||Outage reporting will be done via email alerts by Vital Service.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||2-factor authentication|
|Access restrictions in management interfaces and support channels||Where someone requests change over the telephone, this is verified by email. Access to project management tool (Trello) is restricted to management also and they would have to put in a secondary request through this channel to authorise any changes.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Exova BM Trada|
|ISO/IEC 27001 accreditation date||16/02/2015|
|What the ISO/IEC 27001 doesn’t cover||Nothing, the whole company is covered.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Our policies and processes are part of the scope of our ISO27001 certification.
Internal yearly information security training takes place for all staff and all hands information security meetings take place quarterly.
Because we are a micro company everyone directly reports to the Managing Director.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Using a project manangement tool, Trello, roadmapping and ISO27001 controls|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Details of how we monitor for attack, misuse or malfunction can be found in our ISMS, if you would like further information please request. We are happy to work with a buyer to put in place a robust monitoring system of their choosing to entirely meet their needs at the time of onboarding.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We respond to compromise, potential or otherwise, by following our procedures that make up part of our ISMS.
If you would like details on this please get in touch and we can forward you the relevant documentation.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have implemented the relevant controls regarding incident management from ISO 27001 into our system.
We have pre-defined processes for reporting incidents and reports are created as part of our ISO 27001 management system.
Users can report incidents to the IT helpdesk generally and there is a dedicated email for submitting faults and information security risks and breaches to.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||New NHS Network (N3)|
|Price||£3000 per licence per quarter|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|