[PDR13] NEW PRODUCT REQUEST & CUSTOMER SET-UP TEMPLATE

Transcription

1 SURGICAL & PROSTHETIC DESIGN [PDR13] NEW PRODUCT REQUEST & CUSTOMER SET-UP TEMPLATE FORM NEW PRODUCT REQUEST [PDR13_V3]: LIVE 1

2 CUSTOM DEVICE DESIGN REQUEST SENDING SCAN DATA Send your scan data via secure DICOM upload using the IEP service, and communicate the relevant information requested in this form to the fullest possible degree to or Recommended scan-data protocols are available at Instructions for connecting your IEP-equipped institution to PDR begin on page 5 of this document. Alternatively, copy your DICOM data to CD / DVD and post to the following address. this form with the relevant sections completed to the fullest possible degree to the addresses highlighted above. SURGICAL & PROSTHETIC DESIGN, PDR CARDIFF METROPOLITAN UNIVERSITY, LLANDAFF CAMPUS, 200 WESTERN AVENUE, CARDIFF, CF5 2YB. Remember to include the password for encrypted data via separate cover or . Additionally, please inform us by of the date the data was posted, the courier service used, and the expected arrival date. CASE DETAILS YOUR NAME: YOUR ROLE: HOSPITAL / INSTITUTION: ADDRESS(ES): PHONE NUMBER(S): PATIENT / PROJECT NAME / IDENTIFIER: DEVICES REQUIRED ON OR BEFORE: FULL DELIVERY ADDRESS / RESTRICTIONS: NEW PRODUCT REQUEST [PDR13_V3]: LIVE 1

3 (FOR NEW CUSTOMERS) BILLING ADDRESS: SERVICE(S) REQUIRED: CUSTOM IMPLANT DESIGN MEDICAL MODEL DESIGN CUSTOM GUIDE DESIGN RECONSTRUCTION AID DESIGN (E.g. DEFECT-FILLED MODELS) LABORATORY-USE MEDICAL MODEL FABRICATION (FOR MODEL-ONLY ENQUIRIES, SKIP TO DEVICE(S) EXTENTS BOX ONLY) TYPICAL AVAILABILITY FOR DISCUSSION / ONLINE PLANNING MEETINGS: PATIENT CONDITION / PROCEDURE / BACKGROUND / FUTURE: (INCLUDING RADIOTHERAPY IMPLICATIONS) IDEAL CUSTOM DEVICE(S): IDEAL CLINICAL OUTCOME: BRIEFLY, HOW WOULD THIS PROCEDURE OCCUR WITHOUT USING THE DIGITAL PLANNING APPROACH? FOR INTERNAL PDR USE ONLY: PDR APPROVAL 1 (TIMEFRAME / CAPACITY / TECHNICAL CAPABILITY) PDR APPROVAL 2 (TIMEFRAME / CAPACITY / TECHNICAL CAPABILITY) NEW PRODUCT REQUEST [PDR13_V3]: LIVE 2

4 CUSTOM IMPLANT / GUIDE REQUIREMENTS DESIGN CONSIDERATION: REQUIREMENTS V1 (CUSTOMER STATED): REFINED / CONSOLIDATED REQUIREMENTS (FOR PDR USE AFTER INITIAL PROCESSING): DEVICE(S) EXTENTS: DEVICE(S) THICKNESS: DEVICE(S) SHAPE: DEVICE(S) MATERIALS: DEVICE(S) SURFACE FINISHE(S): (INCLUDING DESIRABILITY OF OSSEOINTEGRATION) DEVICE(S) INSERTION PATHS: DEVICE(S) SOFT-TISSUE CONSIDERATIONS: DEVICE(S) FIXATION: (INCLUDING SCREW DIAMETER AND QUANTITY) NEW PRODUCT REQUEST [PDR13_V3]: LIVE 3

5 DRILL DETAILS: (INCLUDING SHANK DIAMETER / LENGTH AND TIP DIAMETER / LENGTH) DEVICE(S) FIT: (INCLUDING INLAY Vs. ONLAY) ANATOMICAL ENGAGEMENT / KEY LANDMARKS: NUMBER OF COMPONENTS / THEIR INTERFACE(S): DEFECT CHANGES BETWEEN SCAN AND SURGERY? SCAN-DATA MODIFICATIONS REQUIRED? (e.g. REMOVE EXISTING DEVICES?) KEY FEATURES TO INCLUDE FROM ANALOGOUS DEVICES YOU HAVE PREVIOUSLY USED: ANY SPECIAL CONSIDERATIONS FOR THE INDIVIDUALS IN THE SURGICAL TEAM? (e.g. COLOUR BLINDNESS?) OTHER DESIGN CONSIDERATION(S) PLEASE STATE: Thank you for the details. On receipt of your data, we will process your enquiry and be in touch to confirm the viability of your project; based on data quality, deadline, and product requirements. NEW PRODUCT REQUEST [PDR13_V3]: LIVE 4

6 INTERNET DATA TRANSFER SET-UP Image Exchange Portal (IEP) is a web-based application which allows secure transfer of patient images from your hospital PACS to PDR's specialist design engineers (amongst other NHS and independent locations). It does not require new, specialist hardware or software. Please ask your PACS team whether your organisation is connected to IEP. Assuming the answer is yes, setup a secure VPN tunnel with PDR by following these steps. AGREEMENT Complete the Internet/Offshore Addendum (starts on the next page of this document). This is an addendum to your hospital's existing IEP data sharing agreement which consents to sending data to PDR as a trusted site who will manage the data appropriately. RETURN Return the completed form to: SECTRA 17 STERLING COMPLEX FARTHING ROAD IPSWICH SUFFOLK IP1 5AP UNITED KINGDOM NEW PRODUCT REQUEST [PDR13_V3]: LIVE 5

7 Sectra Quality and Information Security Management System Image Exchange Portal Offshore and Internet Connection DSA Addendum Commercial in Confidence

8 Sectra Quality and Information Security Management System Document Control Owners Sectra UK Advisory Board Author Sally Jasper Document Preparation Date Version Author Comment 11/01/ IEP User Group Exec Initial Draft 21/03/ IEP User Group Exec First Issue 17/04/ Sally Jasper Updated to include Internet Connectivity 12/06/ Stephen Jessop Updated to reflect Burnbank s role as data processor following feedback from IEP UEG 14/04/ Stephen Jessop Added transferring organisation signature field 01/05/ Sally Jasper Updated Ownership to Sectra UK Advisory Board 11/01/ Sally Jasper Updated Signatory Table on Page 4. Required Signatories amended to Caldicott Guardian and Radiology Department Manager. Updated HSCIC references to NHS Digital. Documents Approval Date Version Approver Status 14/03/ Draft for Review 21/03/ IEP User Group Executive Obsolete 17/04/ IEP User Group Executive Obsolete 12/06/ IEP User Group Executive Obsolete 14/03/ IEP User Group Executive Obsolete 01/05/ Sectra UK Issued 11/1/ Sectra UK Under Review Related Documents Document Document Title Approved Version Reference IEPUGDSA1 IEP Data Sharing Agreement Current Data Sharing Agreement Guidance Current Glossary of Terms/Acronyms Term Acronym Definition Offshore A location outside of the borders of England without access to the NHS N3 network 2 P a g e

9 Sectra Quality and Information Security Management System Contents 1. Introduction: Audience Review and monitoring of this Offshore Addendum to the Data Sharing Agreement Offshore Organisation Contact Details N3 Organisation Contact Details... 6 (Site sending to Organisations connected over the Internet) N3 Organisation Signatories Signatory Organisations utilising the IEP for sending data offshore Responsibilities of Signatory Organisations Technical Solution Service Levels and Performance P a g e

10 Sectra Quality and Information Security Management System 1. Introduction: This document must be read in conjunction with The IEP Data Sharing Protocol (IEPDSA) (ref IEPUGDSA1) and outlines the approach followed by the signatory organisations engaged in utilising the Image Exchange Portal for sending data offshore or outside of the N3 network. The Offshore Addendum to the Data Sharing Agreement aims to ensure that the signatory organisations are aware of their responsibility for protection of Patient Identifiable Data (PID) when transferring data offshore or outside of the N3 network. All existing members of the IEP Healthcare Community will be made aware of all connections permitted to the IEP for organisations operating from or sending to countries outside of England via (nww.iepservice.nhs.uk) or outside of the N3 network so that if required their own end to end risk assessments can be carried out. Organisations within the existing IEP Healthcare Community will not automatically have access (send or receive) to offshore organisations or organisations outside of the N3 network. Access to the specific offshore organisation/organisation outside of the N3 network named in this Addendum will be restricted to the signatory organisation. The NHS CFH Information Assurance Working Group (IAWG) having reviewed the design of the additional architecture required within the IEP to enable offshore connectivity and have confirmed that there were no implications that they need to investigate from a governance perspective. The IEP is designed to ensure the data is secure and in compliance with the Data Protection Act 1998 only during the data transfer. It is the responsibility of the referring organisation to ensure that it has obtained the relevant patient consent and to ensure that the recipient organisation complies with the Data Protection Act Audience This Addendum to the Data Sharing Agreement should be made available to all personnel across the IEP Healthcare Community who are stakeholders in the data-sharing mechanisms and processes defined within this document. It is recommended that as a minimum this should include: - Chief Executives - Senior Responsible Officer (SRO) - Senior Information Risk Owners (SIRO) - Caldicott Guardian - NHS Information Governance Leads - PACS Clinical Leads - IM&T Manager/Director - PACS Project Manager - PACS/RIS Manager - PACS Technical Lead - Systems Providers - System Users 4 P a g e

11

12 Sectra Quality and Information Security Management System 3. N3 Organisation Contact Details (Site sending to Organisations connected over the Internet) NHS Hospital - Please complete this section & return to: SECTRA 17 STERLING COMPLEX FARTHING ROAD IPSWICH SUFFOLK IP1 5AP Required to be completed by the organisation who are sending data via the IEP to an external organisation who are connected to the IEP over the Internet. Key Roles Role Contact Telephone Chief Executive Radiology Contact IEP Administrator Caldicott Guardian Information Governance Risk Management PACS Manager / Administrator PACS Manager / Administrator Out of Hours 3.1. N3 Organisation Signatories By signing this IEPDSA offshore addendum you confirm that you have read and understand its contents and that your organisation has implemented and will maintain the controls and countermeasures outlined within the document. Authorised Signatories Name Signature Title / Responsibility Radiology Dept. Manager Date Caldicott Guardian The contents of the above tables are available from Sectra for use by any participating organisation in order to evidence that the organisations they are sharing data with via the IEP have signed up to this IEPDSA. This is to be reviewed by the Sectra UK Advisory Board on a 12 Monthly basis from the date of approval of this document. 6 P a g e

13 Sectra Quality and Information Security Management System 4. Signatory Organisations utilising the IEP for sending data offshore. Details of the organisations utilising the IEP for sending data offshore or outside of the N3 will be made available upon request. 5. Responsibilities of Signatory Organisations. Prior to an organisation utilising the IEP for sending images and/or reports containing Patient Identifiable Data offshore or outside of the N3 network, they must: Undertake a full risk assessment ensuring mitigating controls are put in place. The risk assessment must include verifying that the offshore organisation has appropriate security arrangements in place (it is recommended that these are independently verified). The clinical requirement to share images and/or reports with an offshore organisation must be authorised on an individual user and user case basis by the Caldicott Guardian or a delegated representative of the Signatory Organisation Ensure the Data Protection Act and relevant DH guidance is adhered to. Complete Section 2 (Offshore Organisation Contact Details) of this Document and ensure a process is in place to notify Sectra of any changes to the contact details within this section. Put processes in place to ensure that any changes undertaken by the offshore organisation/organisation outside of the N3 network which may alter any of the above are notified to the Signatory Organisation for action as appropriate. 7 P a g e

14 Sectra Quality and Information Security Management System 6. Technical Solution The NHS CFH Information Assurance Working Group (IAWG) technical specialists reviewed the design of the additional technical architecture required to add an Internet connection to the Image Exchange Portal (required for offshore connectivity and organisations to connect outside of N3) and found it acceptable. In addition IAWG confirmed that there were no implications regarding offshore connectivity/connections outside of the N3 network that they needed to investigate from a governance perspective. 7. Service Levels and Performance By signing up to this protocol each organisation recognises that the transfer times to and from IEP are dependent upon the bandwidth availability on the Internet. As a consequence, and in line with all image transfer solutions using the Internet, although the performance of the IEP will be monitored by the service provider (Sectra), and Sectra s Internet connection capacity reviewed accordingly, the response and delivery times cannot be guaranteed. 8 P a g e