MyClinic.com Ltd

MyClinic

MyClinic provides a way for healthcare professionals to remotely consult with their patients. Comprising of Clinics created by the healthcare professional, patients can join a clinic waiting room online, and be seen remotely by the healthcare professional, using a web-based video consultation and other online tools.

Features

  • Remote video consultation with patients
  • File Sharing
  • email/SMS invitations
  • Doctor-Doctor messaging
  • Patient Questionnaires
  • Fully web-based interface

Benefits

  • Reduce travel time & infection risk for patients
  • Greater information availability to patients
  • Reduce DNA Rate - better utilisation of resources
  • Quickly consult a colleague during a consultation
  • Pre/Post appointment information streamlining consultations
  • Available anywhere, no software client to install

Pricing

£399.00 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at abdullah@medicalchain.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 9 3 0 3 6 2 5 4 5 8 7 2 4 5

Contact

MyClinic.com Ltd Dr Abdullah Albeyatti
Telephone: 07595759612
Email: abdullah@medicalchain.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Monthly planned maintenance schedule up to once per month, service may be unavailable for up to 6 hours outside of normal working hours 9am-5pm Monday to Friday, excluding public holidays (UK)
System requirements
  • Internet Browser (Microsoft Edge Firefox Chrome Safari 9+ Opera)
  • Internet connectivity
  • Webcam or camera to enable video consultations
  • Microphone or phone

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within working day (Monday-Friday 9am to 5pm)
Weekend questions will be responded to on the following Monday
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Via embedded chat function on the MyClinic system
Web chat accessibility testing
None
Onsite support
No
Support levels
Support for MyClinic.com is provided by our online interface and training guides. Users may raise service and support requests via our Service Desk, and these will be triaged by our Service Teams.
We endeavour to respond to service and support tickets raised within 24 hours, and responses will be made via the online interface/service desk system within the MyClinic.com product itself.
Technical Account managers are not provided as standard, however for an additional fee, Technical Account Managers, Project Managers, Programme Managers and other supporting teams may be provided on a day-rate basis, as defined in our SFIA rate card, subject to availability.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Upon contract execution, our deployment team will create a Management level user for the customer. This user's details will be securely relayed to the Management User.
This defines "Service Live". This management user has the capability to customise and administer the Enterprise instance of MyClinic.com for the Organisation.
User documentation and online training guides are available online upon Service Live
On-Site training can be requested, and would be delivered in a seminar style to multiple delegates simultaneously. These training days can be purchased at an additional cost, defined in our SFIA rate card.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
On request, a user organisation can request a one-off end-of-contract full database backup of all data held on Medicalchain servers regarding their application. This must occur upon full termination of services provided, and will be provided t o the customer up to 6 months following full termination of service, dependent upon the complexity of data extract, and volumes of data involved. The mechanism of transfer may be one of the following
S3 data transfer (push to customer managed S3, or dedicated "download" S3 bucket made available to customer)
SFTP data transfer (push to customer managed sftp)
End-of-contract process
Upon contract termination, the Organisation's instance of MyClinic.com will be deactivated by the MyClinic.com deployment team within one month of contract termination. All Management Users will have access revoked within 1 week of contract termination.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None - accessible via mobile web browsers
Service interface
Yes
Description of service interface
A service portal embedded within the application itself, whereby a customer can raise incidents to our service management team directly
(Jira Service Desk)
Accessibility standards
WCAG 2.1 A
Accessibility testing
In house testing to ensure meeting of WCAG 2.1 success criteria
API
No
Customisation available
No

Scaling

Independence of resources
Our web applications are built on AWS autoscaling EC2 instances to ensure scalable approach to meeting customer demand

Analytics

Service usage metrics
Yes
Metrics types
User activity reports
concurrent user reports
Activity reports (system utilisation)
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
All user generated data is accessible via the application, and can be downloaded/exported from within.
Data export formats
  • CSV
  • Other
Other data export formats
PDF
Data import formats
Other
Other data import formats
Direct to application via in-built forms

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
MyClinic.com (The Supplier) shall provide at least 95.5% or uptime service availability level during Support Hours. This availability refers to client software being able to connect to the software from the Supplier’s Hosted Servers. It does not include the external Internet network as the Customer is responsible for its own Internet access.
Service availability shall be represented as a percentage, calculated as follows:
Number of hours in the month - (Severity 1 failure time in Support Hours x 100)/Number of hours in the month

Availability measurement begins on the first day of each calendar month.
Availability does not include Force Majeure or Maintenance Events.
Further details can be found in our SLA document
Approach to resilience
Available on Request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
All Enterprise management users must be created by the MyClinic.com deployment team. These users have unique access levels to the service. No other "publicly available" user type can access management/admin functions
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
In line with ISO27001, which we are in process of achieving certification (delayed due to COVID)
Information security policies and processes
We follow NHS IG policies. Our IG team perform regular IG Training with our staff, and report to our IG Officer. All staff have completed the NHS IG Toolkit, and we have a robust SIRI reporting process in place.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
ITIL aligned CSI and change management processes.
Pre-release and Post-integration unit tests, and regression testing on a per-release basis
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Monthly Vulnerability assessment carried out by CTO and Senior development team and CVSS (Common Vulnerability Scoring System) used to triage security vulnerabilities.
Patches can be released in-live on an ad-hoc basis, though regularly conform to our 2 weekly release cycle.
Information is gathered using assorted vulnerability assessment tools.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use a wide array of logging and monitoring tools to identify potential compromises. Once detected, we will treat these as highest severity incidents which are managed via our incident management processes. For high severity incidents, resolution is expected within 24 hours, although we endeavour to resolve much quicker.
Incident management type
Supplier-defined controls
Incident management approach
ITIL aligned service management and incident resolution processes
Users report events via our Service desk
Incident reports available to customers on request and at regular contract reviews (annually)

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£399.00 a licence a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Per user free plan (base version free to use in perpetuity).

Features included

Number of Clinics 1
Max Duration 20 mins
Unlimited Video Calls
Doctor to patient messaging
Screen sharing
File and Photo sharing
Email Invitations
Scheduling
2FA Security
Full list of included features is available in Pricing document
Link to free trial
https://myclinic.com/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at abdullah@medicalchain.com. Tell them what format you need. It will help if you say what assistive technology you use.