D+R Medical

D+R Therapy

Remote Physiotherapy Analysis.
D+R Therapy allows physiotherapist to remotely supervise as monitor patients during physiotherapy.
The platform allows customised treatments per patient with video and text description.

Features

  • Real-time Analysis
  • Remote Monitoring
  • Personalised Treatments
  • Patient Feedback
  • Secure Messaging
  • Notes
  • Custom Exercises

Benefits

  • Real-Time Analytics
  • Early Intervention
  • Exercises Videos and Descriptions
  • Remote Patient Analysis

Pricing

£0 to £20 per person per month

Service documents

Framework

G-Cloud 11

Service ID

9 4 5 6 6 4 8 4 6 4 4 4 2 2 0

Contact

D+R Medical

Viv Austin

+447801191721

viv@dplusr.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Requires modern browsers (Chrome, Safari, IE11, Edge).
System requirements
  • Mobile app requires iOS or Android
  • Custom videos best hosted on Youtube or Vimeo

User support

Email or online ticketing support
Email or online ticketing
Support response times
24 hour response time weekdays.
48 hours response time at weekends.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
Free online support via website.
Premium support with customer rep - 1000GBP per month.
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide onsite training, email support, and web documentation.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
All patient content is available to extract via CSV.
End-of-contract process
Once patient treatments are inactive, there are no further charges.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Desktop website for physiotherapist to manage patient treatments and analysis exercises.

Mobile app for patients to access treatment and record exercises.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Users can add custom private exercises and treatments.
Users can create an organisational structures.

Scaling

Independence of resources
Azure based site with auto-scaling services.
Separation of therapist site and patient mobile app service.

Analytics

Service usage metrics
Yes
Metrics types
All patient exercise records are available via web dashboard.
Reporting types
Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Treatment data can be exported via a CSV.
Data export formats
CSV
Data import formats
Other
Other data import formats
  • MP4
  • JPG
  • PNG

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.7% availability target.
10% refund if service drops below 99.5% in any calendar month.
Approach to resilience
Service hosted on Azure servers with multiple instances in both web server and mobile web service.
Outage reporting
Service outages will be communicated via email.

Identity and authentication

User authentication needed
Yes
User authentication
Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels
All users authenticated through Windows Azure Active Directory.
Access restriction testing frequency
At least every 6 months
Management access authentication
Identity federation with existing provider (for example Google Apps)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
User access managed through Windows Azure Active Directory.
Server patching managed through Azure automatic updates.
Malware protection and firewall handled through Azure.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
3 tier development process ensures that code is managed through dev, UAT, then production.

Security library is isolated and assessed with full regression test when being modified.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Database threat detection is part of the service offered by Microsoft Azure, with firewall rules and access notification.

Servers are auto-patched by Microsoft Azure.

Site access managed via Windows Azure Active Directory.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Database threat detection is part of the Microsoft Azure service.
Notification emails are sent to security staff when the encrypted SQL server is accessed.
Incident management type
Supplier-defined controls
Incident management approach
Incident reporting available via website and email.
Severe incidents reported to users via email.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0 to £20 per person per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full platform access for 1 month.
Link to free trial
https://www.drtherapy.co.uk/

Service documents

Return to top ↑