Strata Pathways - Pathfinder
A flow and eReferral platform that integrates Health and Social Care IT systems to provide a single view of a patient and then matches this need to a live dynamic directory of service, It is aimed at organisations that wish to examine defined projects rather than a population-wide approach.
- Whole system patient flow across regions - ICO ICS STP
- electronic referrals - any to any eReferrals
- ED Admissions & Attendance Avoidance
- Resource Matching - reducing DTOC Delayed discharges, ALOS
- Live dynamic directory of services- all Health and social resources
- Single view of a patient/ citizen for placement and transition
- Pathway redesign - Clinical, social, financial, funding
- Social Care placement & Social Prescribing- Care homes, Domiciliary care
- Decision Support Tools - Clinical and funding finance CHC FNC
- Bi-directional Single Assessments for Health and Social Care
- Reduce DTOC Delayed Discharges. Reduce Length of stay ALOS
- Collaboration across organisations / stakeholders in one system
- Manage Capacity, transitions and placements across populations
- Patient Flow- Assess, Discharge withdraw ADW
- Integration engine - open source and open standards, MESH eRS
- Resource availability and characteristics matched to patient need
- Reduce ED admissions and ED attendance
- Improve data quality and enforce data capture
- Simple to use - Works within existing systems. Existing Pathways
- Management reports and BI tools included - Service redesign
£150000 per instance per year
8 7 7 7 3 1 1 1 8 1 4 4 7 7 6
Strata Health LTD
+44 (0) 7909863342
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||No - however additional costs will apply for integration with IT systems|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Strata Pathways is a cloud solutions that is available and supported 24x7x365. All parts of the system are available at all times and scheduled upgrades and maintenance are planned and communicated in advance and only take place out of normal business hours. We operate a global round the clock approach to support and maintenance which allows us to accommodate full availability of support services at all times.
• We provide Software uptime of 99.5% with planned maintenance authorised in advance.
• Support is 24/7 with immediate support during business hours and call back within 60 mins outside of business hours.
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
Strata Support is delivered to the highest standard at all times and this is included in the cost to clients. All NHS clients are treated equally and as Strata Pathways is a cloud solutions support is available and supported 24x7x365. All parts of the system are available at all times provided that clients have access to the internet. Scheduled upgrades and maintenance are planned and communicated in advance and only take place out of normal business hours. We operate a global round the clock approach to support and maintenance which allows us to accommodate full availability of support services at all times.
• We provide a Software uptime of 99.5% with planned maintenance authorised in advance.
• Call support is 24/7 with immediate support during business hours and call back within 60 mins outside of business hours.
|Support available to third parties||Yes|
Onboarding and offboarding
A full and structured training programme will be provided to admin and users at the start of the project but also on an ongoing basis if requested. Training can be provided on site or via webex sessions. The Strata Account Manager will worm with the client lead determine the frequency and when and where they should take place. It is expected that training would take place on client premises and that users will have access to a PC or mobile device with internet access.
This is delivered as part of the ongoing sessions where users are invited to attend training sessions to learn how to get the best from the solution and also how to build specific requirements that may be outside the normal requirements.
Full documentation tailored to the solution will also be provided.
|End-of-contract data extraction||The users can either request Strata to extract data and return to them or they have the ability to do this themselves with the management console. Strata will be happy to supply destruction certificates etc if requested to do so.|
Towards the end of a contract when a client does not wish to continue with the service, the Strata Account team will work with the client well in advance of the termination date in order to smoothly switch of the service,
At the end of the contract a client can either download their data themselves and Strata will then carry out a full destruction and data removal process if requested to do so, This is a chargeable service and will be scoped and agreed with the client in advance. Strata will also switch off all links and APIs to any client system as soon as requested to do so.
Should a client need to extend the services in line with approved regulations, we will be happy assist but will charge at the normal monthly rate for any part of each monthly period after the contract termination date.
Additional charges will be incurred for any services involved in Strata being requested to download the data on behalf of the client, Again this will be scoped and agreed in Advance.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None|
|Independence of resources||
The Strata Software as a service is delivered within UK Data centres within HSCN and with the ability to scale up and down our service requirements based on service usage and demands on the platform. The service is fully resilient over a number of sites and fully managed by our ISO processes.
The Strata services is a stand alone service which is not co-located with any other services. It operates with virtual servers and can be quickly expanded as needed.
|Service usage metrics||Yes|
The Strata Pathways application layer and cloud infrastructure system as well as activity and usage is measured using a service called New Relic APM which lets us know what’s happening in platform application environment and shows full usage and access stats
This provides a complete picture by combining key metrics from mobile and browser apps with supporting services, datastores, and hosts, so we can optimize performance holistically and ensure the system is up and running as peak performance based on the level of user and service usage.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Data Export can be carried out directly by the client using bulk export via the Strata Pathways management console. Strata will be happy to work with clients to assist them in doing this.|
|Data export formats||CSV|
|Data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||We provide 99.5 availability of the service under our standard SLA. Our Service Level Agreement is include with the Terms and Conditions and in the event of an outage Strata will work with the clients to agree any monetary compensation based on lost whole service days.|
|Approach to resilience||This information can be provided on request. The Data centre is managed with HSCN and is bound by the SLA in place for that service.|
|Outage reporting||Outage reports are extremely rare but if they do occur clients will be notified by email and through a notification in the log-in page|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||The Strata Platform used Role Based Access Control to determine which individuals or groups of individuals can access any part of the system. The ability to restrict access can be controlled by client leadership and the Strata system will only provide access to the features and parts of the system that their role and level dictates. This can also be applied to the users ability to access support and management consoles features,|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||QAS International|
|ISO/IEC 27001 accreditation date||30 June 2014 and annually since|
|What the ISO/IEC 27001 doesn’t cover||Not Applicable|
|ISO 28000:2007 certification||Yes|
|Who accredited the ISO 28000:2007||QAS International|
|ISO 28000:2007 accreditation date||30June 2018|
|What the ISO 28000:2007 doesn’t cover||Not Applicable|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
To ensure all Patient Health Information is secure and safe, Strata Health Solutions has created in depth policies and procedures around the handling of PHI or PID. Strata Health defines confidential data into two categories, client confidential and business confidential as defined in ISF03 Information Security Document Classification. Confidential information is any data stored on our systems as pertains to our clients or business. This includes but is not limited to:
• Personal Health Information (PHI) as defined by the privacy acts of the regions we operate in.
• Information regarding the services provided by any of our customers or client sites.
• Information regarding clinicians and any other customer contacts.
• Any other Personally Identifiable Information (PII) that falls outside of the health care privacy acts.
All staff share a responsibility to safeguard any and all confidential and client confidential information and to ensure it is used appropriately and must agree to a stringent set of security criteria linked to how all information in handled and secured. The CEO is ultimately responsible for ensuring that all policies are adhered to and the Security office is responsible for ensuring that the service is fit for purpose.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||All aspect of configuration and change management are managed under our ISO 27001 guidelines, processes and principles. Strata use various system to track and manage all config and change programme and follows industry best practices and guidelines at all times.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||All aspect of vulnerability management are managed under our ISO 27001 guidelines, processes and principles. Strata use various system to track and manage all potential threats and can mobilise quickly to address threats and apply patches. Strata follows industry best practices and guidelines at all times and work with industry leading partners to keep ahead of all information relevant to threat management.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||All aspect of protective monitoring are managed under our ISO 27001 guidelines, processes and principles. Strata use various systems to track and manage all potential threats and can mobilise quickly to address threats and apply patches. Strata follows industry best practices and guidelines at all times and work with industry leading partners to keep ahead of all information relevant to threat management.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||All aspect of incident management are managed under our ISO 27001 guidelines, processes and principles. Strata use an incident management system called JIRA and follows industry best practices and guidelines including ITIL for service desk management. Users can reports incidents by email or using our 24/7 support numbers. Using our support processes we will track and monitor progress and report back to users as necessary.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Price||£150000 per instance per year|
|Discount for educational organisations||No|
|Free trial available||No|