G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with Cloud2 Ltd are still valid.
Cloud2 Ltd

PTL Reporting Module

Cloud2 NHS PTL (patient tracker list) Reporting Modules provide operational teams with the tools needed to ensure optimal day-to-day management of RTT Elective Care, Cancer, Diagnostics, e-referral and Review List pathways. The module offers standardised, practical and comprehensive view covering the whole breadth of elective care management in the NHS.

Features

  • Easy to use intuitive visualisations, using tailored, role-based views
  • Combined Pressure Score to measure overall effectiveness
  • Automated patient list prioritisation for escalation on wards
  • Real time patient level detail
  • Forecast performance against national standards and quality indicators
  • Review how waits for diagnostics/specialist opinions are impacting pathway
  • Early warning alerts and notifications
  • Standard operating procedures (SOP) to support fast-track and deep-dive reviews
  • Supports performance management at trust, division, specialty and clinician level
  • Insights anywhere, on mobile, tablet or computer

Benefits

  • Improved pathway flow from clear visibility and proactive action
  • Supports capacity and demand planning
  • Rapid deployment, delivery within 5 days
  • Visibility of any arising issues or increased demand
  • View trends in activity and performance as SPC chart
  • AI technology to identify key influences for performance outcomes
  • Deliver better outcomes by focusing on the key influences
  • Use demand insights to reallocate clinical resources
  • Track progress towards optimum patient flow
  • Helps trusts achieve constitutional standards and achieve CQC targets

Pricing

£20,000 to £50,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@cloud2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

7 5 5 9 1 4 2 2 8 9 3 2 5 5 5

Contact

Cloud2 Ltd Oliver Chan
Telephone: 01274 308378
Email: sales@cloud2.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Microsoft Power BI and Azure services.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No specific constraints depending on architect agreed with customer
System requirements
Microsoft SQL Server

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response hours are Mon-Fri 9am - 5.30pm. Response times are 1 hour for critical (P1) and 4 hours for others (non-critical).
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
We use standard Microsoft features
Web chat accessibility testing
None.
Onsite support
Yes, at extra cost
Support levels
Our Support Services are described in detail in our 'Cloud2 - Support Services' offering in G-cloud 11.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide on-boarding options as standard as part of the setup fee, which is charged on a daily rate as per Cloud2 rate card, depending on complexity of customer's environment.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Microsoft Word
End-of-contract data extraction
All data remains the property of the customer in their source systems.
End-of-contract process
The customer ceases to have access to the module and data feeds terminated.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
No feature differences. Layouts will auto adapt dependent on screen configuration.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Trust branding such as logo and colour themes can be customised. Some customisation's will need to be provided by Cloud2, whereas some can be provided by the customer via the browser.

Scaling

Independence of resources
We deliver our cloud services via the Microsoft Cloud (Azure/O365).
Please see http://www.microsoft.com/en-us/download/details.aspx?id=54249

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Other
Other data at rest protection approach
For data at rest, Office 365 deploys BitLocker with AES 256-bit encryption on servers that hold all messaging data, including email and IM conversations, as well as content stored in SharePoint Online and OneDrive for Business. In some scenarios, we use file-level encryption. Office 365 moves beyond a single encryption key per disk to deliver a unique encryption key so that every file stored in SharePoint Online is encrypted with its own key. files are distributed across multiple Azure Storage containers, each with separate credentials, rather than storing them in a single database
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is kept in standard data formats and can be extracted at any time by the customer using standard Microsoft or other products.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • JSON
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • JSON
  • HTML

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
Please see https://docs.microsoft.com/en-us/azure/security/azure-network-security
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
https://docs.microsoft.com/en-us/Office365/securitycompliance/office-365-tenant-isolation-overview

Availability and resilience

Guaranteed availability
Services are delivered on the Microsoft Azure stack, Cloud2 offer no additional guarantee.
Approach to resilience
Available on request
Outage reporting
A public dashboard and email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
We supply permissions based on the customers active directory.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We have a robust information security policies and processes in place. Our data are stored in the Cloud and are encrypted at rest and in transit. They are labelled based on sensitivity and secured & tracked end to end using technologies i.e. WIP, AIP and Office365 protection and compliance mechanism. Our employees are required to enrol for MFA. We use technologies i.e. IAM to secure authentication and authorization process including RBAC, ATP to secure against anti-phishing/spam/malware. Our domain is protected by dmarc, spf and dkim protocols. Our endpoints and on-premise equipment are protected using industry-standard firewall and anti-virus software.
Information security policies and processes
We operate a mature Information security process, based on best practice approaches to system access, information handling, intrusion prevention and detection. We make extended use of the state of the art capabilities in our cloud technology platforms and enhance these on a continuous basis to accommodate new capabilities and threats. We are compliant with GDPR and NHS IG Toolkit. Our processes are detailed in our “Confidential information and disclosure information policy”, which is a contractual element for all staff and supported by further obligations in our Staff Handbook. Responsibility lies with staff and their line manager, however the Director of Innovation is SIRO for Information Governance and the COO is responsible for other security policies.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Development and test copies of the solution will be held on our network. Bug fixes and enhancements will be logged in our ticketing system. Those tickets approved for implementation will be implemented on our development environment and then promoted to test where unit and integration testing will take place. Changes will be promoted to our production environment though a formal and documented change control process. Full version control of all parts of the solution will provide roll back options should they be required. Bug fixes will be implemented on an ad-hoc basis, enhancements will be released on a monthly cycle.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
This runs in the Microsoft environment, the office 365 and Azure vulnerability management approach applies.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
This runs in the Microsoft environment O365 and Azure, these processes are applied.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Please see http://aka.ms/Office365SIM

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£20,000 to £50,000 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@cloud2.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.