Healthcare Clinical Informatics Ltd

HCi - Telehealth

TeleHealth solution for remote monitoring and management of patients and Clinician. With gateways interfaces with various categories of medical devices, It has features like Video consult, Medication Reminder, Record sharing, Physician locator, Social collaboration, Symptom checker, Vitals Monitoring

Features

  • Vitals Monitoring, Wellness Tracking,Complete Health Data Mgmt
  • Custom dashboard for next generation health management, analytics
  • EWS detection and prioritization
  • Care plan management
  • Medication Reminders
  • Remote video consultation
  • Online record sharing
  • Data exchange with independent healthcare service provider platforms
  • Custom Universal gateway solutions – custom health hubs and apps
  • Structured Data for easier integration with Healthcare Enterprise platforms

Benefits

  • Chronic care management, post discharge care monitoring, recovery
  • Anytime, anywhere monitoring
  • Video consultation, automatic notifications
  • Works with existing devices
  • Integrates wearable gateways and monitors
  • Open and scalable architecture
  • Reduces burden on existing IT infrastructure
  • Provides affordability and accessibility of health care
  • New revenue model for hospitals through care packages

Pricing

£0.5 to £1 per person per day

  • Free trial available

Service documents

G-Cloud 9

889690642795816

Healthcare Clinical Informatics Ltd

Robert Davies

07801 289128

robert.davies@thehcigroup.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints The solution has a dependency on Medical Device vendors as the OEM's need to share the device communication protocol in order to integrate the devices.
System requirements
  • Android/IoS/Window platform for mobile application
  • Cloud services for hosting the solution(AWS/Azure/google app /engine)
  • Need Wi-Fi / Cellular network for data transmission
  • Security group between AWS EC2 instance

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24X7
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels For onsite support, we create local role players to understand the entire workflow.We also provide documents for various workflows to understand the process.There is a provisioning for L1/L2 and L3 support as well.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We send our team for initial set up and training.As a part of which we create local role players to understand the entire workflow.We also provide documents for various workflows to understand the process.There is a provisioning for L1/L2 and L3 support as well.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction All Medical records will reside in Clients Cloud ecosystem. We do not retain any confidential data for storage purposes.
End-of-contract process In the event of termination or expiration of the agreement, we will de-activate the platform services as well as access to the end user applications. The client shall pay any outstanding balance to HCi upon termination. Any invoices that are sixty (60) days delinquent will result in service termination.
Terminating the entire platform services usually takes 10 working days.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems Android
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Critical functionalities are provided both in Mobile and Desktop application, having said that mobile service is primarily patient-centric and desktop services are clinician-centric
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing __
API No
Customisation available Yes
Description of customisation Customization can be done by us on the client's request. User does not have any access to customise the interface.

Scaling

Scaling
Independence of resources Telehealth is designed to be horizontally scalable. It can be run across multiple servers in parallel mode to ensure high scalability and availability.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach As of now the data cannot be exported by the user
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability SLA management and escalation management will be designed in agreement with the client during pre-engagement stage
Approach to resilience Data will be stored in private infrastructure with a host key management which is either managed by us or the customer
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels We implement role-based access to management interfaces and support channels
Access restriction testing frequency At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Visit isg.techmahindra.com for info
ISO/IEC 27001 accreditation date Visit isg.techmahindra.com for info
What the ISO/IEC 27001 doesn’t cover Visit isg.techmahindra.com for info
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 2016
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover __
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Layered security controls are driven by ISO 27001 certified framework
Business Continuity - Resources to deal with the impact of emergency situations, Identified potential business disruptions (project BCP/DR plan)
Physical Security- Positive identification and controlled access to facilities, systems, and borders. Permissions and access rule can be changed in real-time
Data Transfers- Secure exchange information with customers on as required basis. Comply with international standards and best practices (ISO, CMM)
Data Privacy- Can protect the confidential data of employees or constituents. Familiar with legislation that requires safeguarding of customers personal data
Network Security- Logical and physical separation of individual projects (logical proposed). Offshore replication of customer security norms, if mandatory

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Our change management will ensure all the changes are assessed, approved, implemented and reviewed in a controlled manner. For this, all the changes will be recorded in the service management tool. The change management process includes:

 Recording of all changes
 Classification
 Assessment for their risk, impact and business benefit
 Approval and authorization process
 Coordination for implementation of changes
 Post implementation review
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Our vulnerability management process consists of five phases:
• Preparation
• Vulnerability scan
• Define remediating actions
• Implement remediating actions
• Rescan
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach It also comprises two further subsidiary processes: Management Reporting which provides feedback on the performance of Protective Monitoring status to senior management and Supports improvement reviews and Retention and
The archive will maintain the accounting database. This also corresponds with the “Plan-Do-Check-Act” (P-D-C-A) cycle that is empirical to ISO27001.
For Protective Monitoring this cycle operates at several levels:
Long term reporting cycle, Operational audit cycle measured at frequent intervals, Regular monitoring of accounting output. A real-time incident response in the event of significant alerts or security breaches.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident Management activities include:
Spot and Log incident details
Prioritizing incidents in terms of impact and urgency
Assign to appropriate Client
Match incidents against previously known problems
Resolve incidents as quickly as possible
Escalating incidents to other teams as appropriate to ensure timely resolution
Escalating incidents to other teams as appropriate to ensure timely resolution
The approach supports Incident Management by:
Gathering historical and real-time data
Identification of performance bottlenecks
Root cause analysis to pinpoint the causes of incidents
Minimize the number of incidents by vigilant approach

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £0.5 to £1 per person per day
Discount for educational organisations No
Free trial available Yes
Description of free trial Basic Module of Remote monitoring and care management. Demo in controlled environment.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑