SUPPORT

Our hosted solutions are monitored 24 x 7 x 365 by our Security Operations (SOC) team who have unrivalled Healthcare cybersecurity expertise. The UK Healthcare Account Security Team has specific healthcare application, infrastructure, account relationships and Healthcare business knowledge to add the context to Security Operations.

They have instigated a set of systems and systematic controls that together proactively monitor all environments under our control for suspicious behaviour and initiate remedial response where required. We work closely with colleagues in the National Cyber Security Centre and NHS Digital’s SOC to ensure that appropriate actions are taken as new threat vectors are identified.

Our Care Suite solution is ISO 27001 compliant. This compliance extends to our sites and healthcare data centres. We have a named SIRO and Caldicott Guardian to ensure compliance with the NHS Data Security and Protection Toolkit (ODS Code: LSP02). All our healthcare staff undertake annual mandatory cybersecurity and Information Governance training.

We operate a Continuous Service Improvement (CSI) program where any issues that cannot be resolved at source in the first instance are continually reviewed in order to minimise the impact on the Trust until a full and final resolution can be implemented. In addition, any resolution for issues which have been identified at other locations are proactively deployed in order to prevent the issue occurring elsewhere.

All Severity 1 incidents are managed via our Major Incident Management (MIM) Process where a Major Incident Manager is assigned to co-ordinate the service restoration activities. The MIM process engages the service restoration team, which is a collection of appropriate technical and delivery specialists, and 3rd parties (where appropriate) onto Technical bridges to investigate and resolve the issue.

All restoration activities are fully controlled and documented within the MIM process and Change Management control procedures are maintained throughout.

Each incident is subject to a Root Cause Analysis (RCA) process to fully understand the cause of the interruption of service and to prevent future reoccurrence and impact. Root Cause Analysis reports are provided to the Trusts for review and comment. Our team works in collaboration with the end users and Trusts to complete any residual actions and activities identified as part of the RCA to ensure completion.

Finally, we operate robust Business Continuity (BC) and IT Disaster Recovery (DR) plans with each of its clients.

Our Business Continuity Manager is engaged with the Trust and NHS Digital, where appropriate, to review and update the BC and IT DR plans, as needed, which include the following:

• Business Continuity Management Framework
• Business Continuity Plan
• Crisis Management Plan
• IT DR Plan – Client Disaster Recovery Plan (CDRP)
• Technical Recovery Action Plan(s) (TRAP)

The CDRP and the TRAP are interlinked to ensure there is a complete plan for ensuring continuity of service provision for the Trust and to provide executable action plans that underpin the overall BC and DR Plans.

A desire for excellence in our service delivery lies at the heart of everything we do. We understand that, as a minimum, Dedalus is expected to be compliant with industry standards, models, and regulations. We aim to go beyond this by ensuring that our clients can rely on us to deliver high quality services, to learn from our experience in delivering healthcare-centered services and to continually improve our services to customers.