SwiftCare Suite - MediLog

Provides end to end patient care management: digital electronic patient record application, enabling healthcare professionals to capture, manage and monitor patient administrative and clinical status during referral and retrieval process including online submission to fulfil PICANET compliance for paediatric intensive care units. Service live across many Trusts.


  • Remote monitoring of patient metrics
  • Live, real-time patient vital sign visualisation
  • Big data collection and analytics
  • Database storage of patient and transport details
  • Digital patient record managment
  • Simple and automated way to fulfil PICANET Compliance requirements
  • Cot/Bed Management - effective resource utilisation


  • Cross-platform connectivity and interoperability
  • Secure device connection and data encryption
  • Extremely simple, easy to use UI
  • Single source for reviewing patent information
  • Support effective decision making
  • Effective Resource utilisation - people and bed status
  • Improved patient care - smooth/transparent handover between staff
  • Increase digital presence - reduce paper process
  • Knowledge management - teach new healthcare professionals
  • Enable fulfilling Audit/compliance requirments


£12500 per instance per year

  • Free trial available

Service documents

G-Cloud 10



Dr. Pal Bhusate


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints Data can be stored encrypted in non-identifiable format on Azure datacentres, or on-premises / on our own localised cloud servers (at customer option)
System requirements Web connected device (PC, Tablet, Phone)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24/7 Support, initial response within the hour (maximum SLA), usually within minutes.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Yes, at an extra cost
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.0 A
Web chat accessibility testing Our chat service is available through any compatible service connectivity to the Microsoft Skype for Business platform - end user applications will connect to the service, and any compatible application can be used to reach our engineers.
Onsite support Onsite support
Support levels 24/7 Support, through Phone, email, SMS. Account manager will manage all interactions, but client can choose to directly contact engineering team.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Initial accounts are set up, on-site training is provided if requested, and training / instructional materials and videos are available to all users.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction All data is exported to a standard, secured data-export (as XML, JSON, or other requested format), and can be distributed to user through any standard method of file transfer.
End-of-contract process Contract provides continuance of service and support. At end of contract, data will be archived and sent / stored by customer.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Customised, simplified experience for touch-enabled mobile devices.
Accessibility standards None or don’t know
Description of accessibility All on-screen elements are visually distinctive and at high contrast. All elements are named appropriately for screen readers, and no interactive elements are known to cause issues with assisted input devices. We have not yet certified with WCAG, but this is in progress.
Accessibility testing Tested with openly available screen readers and assisted input devices.
Customisation available Yes
Description of customisation Fields, structure and format of data can be customised based on the agreed design by the design and development team to match local business workflows.


Independence of resources Independent instances on cloud services, live rollon / rolloff of processing power, RAM, Hard drive space, and other resources based on live backend monitoring.


Service usage metrics Yes
Metrics types User logins, time on service, data used, records created / edited - full CRUD analytics on database, timestamps on all transactional changes.
Reporting types
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach In-built exporting and interfacing with medical informatics allows continual export of data. Users are able to generate reports and facilitate export of data on demand. Users can request support to manually extract data in any required standard format.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • JSON
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks In-flight encrypted data (AES, RSA)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% uptime, 24/7 availability
Approach to resilience Failover / rollover servers, continual secure backup processes enable resilience of data. Round-the-clock monitoring allows services to be fixed before trouble arises.
Outage reporting Email alerts are sent to all users, key contacts are telephoned personally.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Specific user accounts and provisions for management interfaces restrict access to only named individuals. Secure login and access provided through previously identified means, and continual login monitoring identifies unauthorised access "as it happens".
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ICO - Cert ref: ZA178776
  • ISO27001 - in progress

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Third party vendors provide specific guidance and designs around security approach and governance. Our ISO27001 accreditation is currently in progress and should be achieved within the next 6 months. However, all our internal controls have been reviewed and approved by a NHS Trust client we currently serve as part of their compliance process.
Information security policies and processes Internal security policies are governed and managed by all members of the team, and oversight is provided / regular checks performed by senior management personnel.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All components are managed and measured for efficacy and availability throughout their lifecycle. Continual monitoring of security vulnerabilities and issues helps ensure team provide immediate as-and-when patching / securing of environment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Continual monitoring based on third party provider recommendations and published vulnerability assessments. Also for our systems, the client security team have also validated our controls and given the approval as it fulfils the NHS Trust security protocols. As and when a change process is triggered by us or client, we follow the formal change procedure agreed by the client with appropriate release notes for patch deployment.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Direct monitoring of network activity, logins, and server processes. We use auto operational management tools that provides the necessary alerts in case of events on the network. As we provide 24/7 support capability, we take immediate actions to (ERIC) Eliminate, Reduce, Isolate and control the situation.
Incident management type Supplier-defined controls
Incident management approach All incidents are categorised as Low, Medium, High. However, immediate remediative action is performed by dedicated personnel within the organisation, and all incidents are investigated through to deep root cause analysis regardless of the category type. We use Microsoft CRM tool to keep track of all incidents logged and we monitor the progress until case completion.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £12500 per instance per year
Discount for educational organisations No
Free trial available Yes
Description of free trial 30 days access to demo site


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑