Primary Care IT

Primary Care Pathways

Our toolkit streamlines workflow and supports efficient care within General Practice. Embedded within native clinical systems it allows users to rapidly see what the pertinent issues are, tailored to individual patients. It standardizes care and data recording, driving up standards.


  • OneTemplate - collation of information required for each unique individual
  • Handy protocols
  • Flu tools
  • Frailty tools
  • Medicines management optimisation
  • Referral optimisation
  • MHRA alert reporting
  • CQC tools
  • Quality improvement programme


  • Standardization of care in keeping with best practice
  • Drives use of local care pathways, reducing variation
  • Drives medicines management priorities, reducing variation
  • Allows safe delegation of chronic disease management to multidisciplinary team
  • Streamlines care processes, driving efficiency
  • Standardizes coding, allowing better audit of outcomes
  • Latest evidence delivered to clinicians during their working day
  • Drives patient safety within practices


£0.25 to £0.50 per person per year

Service documents

G-Cloud 10


Primary Care IT

Dustyn Saint

03333 443678

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to EMIS Web
Cloud deployment model Private cloud
Service constraints None
System requirements GP Practices have EMIS Web licences

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We acknowledge immediately and respond within 24 hours.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels We work with federations, CCGs and STPs to manage the roll out and ongoing support of our tools. This means initial educational events to introduce our package, followed by identification of lead practices who will maintain regular meetings with our team for ongoing feedback and development requests. Through monitoring we identify low uptake or users of our tools and offer onsite support and help of not only our own tools, but more generally optimization of EMIS web to drive engagement. Support access is multifactorial - via web forms, via email, via phone or via facebook group (set up for your region)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started At initial deployment of our professional package we meet with GP teams at an initial educational event to introduce our tools to them. Offers of individual onsite training are made at this time, and followed up as requested. After install 2 drop in sessions are organised for all members of constituent practice teams to come and learn about the tools and how to access them. Regular meetings are initiated with a group of key leaders and influences in the region. Online training is available. We also set up a facebook group for ease of access of training and to provide a community where our tools can be discussed and we can garner feedback. Comprehensive written material and videos are sent out to practices at the time of installation for them to share with their teams.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Their data remains the users the whole time of the duration of the contract. They remain the data controller and hold any clinical data within their EMIS Web system. Our tools simply cease to be supported or usable when the contact ends.
End-of-contract process There are 2 distinct phases of this work:
1) Installation of our core toolset for all constituent GP practices, including:
• OneTemplate
• Handy Protocols
• Flu tools
• Frailty tools
• One clinical pathway – chosen from Hypertension, Asthma, CKD, Hypothyroidism or UTI
Primary Care IT will work with local organisations (usually CCGs, federations or STPs) to implement this toolkit within its practices. This includes initial educational events, with follow up events and webinars as necessary, up to a defined number of hours. Additional hours can be purchased as required
2) Localisation and adaptation of our tools to drive CCG priorities. This includes:
• Localisation of the OneTemplate
• Working with medicines management teams to support their top 5 priorities for the year
• Working with commissioners to deliver tools to support their top 5 referral priorities for the year
• Optimisation of all referral forms and acting as a gateway for new forms to be approved
• Installation of MHRA alert tools within practices
• CQC tools built into practices systems
• A quality improvement programme

Using the service

Using the service
Web browser interface No
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility Our tools are embedded within EMIS web and hence enjoy the same accessibility standards that are native to this system (defined within the SLA for GPSOC) and the Windows environment on which this is run.
Accessibility testing None
Customisation available Yes
Description of customisation • Localisation of the OneTemplate to include local priorities including pathways (referral information), medicines management and contacts (e.g. child protection/safeguarding)
• Working with medicines management teams to deliver tools to support their top priorities within QIPP programmes
• Working with commissioners to deliver tools to support their top referral priorities
• Optimization of all referral forms for use, acting as a gateway for new forms to be approved


Independence of resources Our toolset is loaded into memory upon launching EMIS web hence the numbers of users have no impact upon other users.


Service usage metrics Yes
Metrics types We provide data on the utilization of all of our tools. CCGs can review this at an organisational level using EMIS enterprise, and our local reporting can give reports down to individual clinician level on the use of our tools. We also report on the recording of key elements of care in association with the use of our tools vs not.
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Through the usual reporting function within EMIS web, our tools do not change this functionality, but often provide enhanced functionality to allow users to be able to streamline their workflow to other providers of mail or text message communications.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Because our tools are embedded within EMIS Web, their SLAs are applicable. They are a GPSOC supplier and the SLAs are stringent on this basis. Our tools are available whenever EMIS web is available.
Approach to resilience Because our tools are embedded within native EMIS Web, the resilience of their product is relied upon.
Outage reporting EMIS has an email alerting system.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Limited access network (for example PSN)
Access restrictions in management interfaces and support channels Our tools are accessed by the standard way of using GPSOC systems - by use of NHS smartcard, using the N3 network. Support channels are restricted by 3 factor authorization, using finger prints as well as usernames and passwords to ensure security
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • HSCIC Level 2
  • Cyber Essentials Certificate

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards HSCIC Level 2
Cyber Essentials
Information security policies and processes We are guided by HSCIC Checklist Guidance for Reporting, Managing and
Investigating Information Governance and Cyber Security Serious Incidents Requiring Investigation. We ensure compliance with level 2 of the HSCIC information governance toolkit. Any issues are reported to our director responsible for information security.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Because our tools are embedded within EMIS web, their configuration and change management approach are our assurance. They are subject to GPSOC SLAs, which detail these.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Because our tools are embedded within EMIS web, their vulnerability management processes are our assurance. They are subject to GPSOC SLAs, which detail these.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Because our tools are embedded within EMIS web, their protective monitoring approaches are our assurance. They are subject to GPSOC SLAs, which detail these.
Incident management type Supplier-defined controls
Incident management approach Users can report incidents by using a webform, launched directly from our tools. These are received by our team and assigned to a member of the team to resolve. This member of the team identifies the issue and liaises with the user to resolve the issue.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)


Price £0.25 to £0.50 per person per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑