Digital & Innovation Services (D&I)

About Us

University Hospitals Plymouth NHS Trust’s Digital & Innovation department (D&I) provides ICT support and services to approximately 11,000 users across multiple organisations in the Plymouth Health Community, including:

Our service is designed using ITIL® methodologies and projects are managed in accordance with PRINCE2. D&I is a multi-discipline department consisting of over 150 employees with a range of teams.

UHP Digital Strategy

UHP Digital Strategy.pdf [pdf] 3MB

The Trust does not yet have a trust wide EPR solution but is building a business case to obtain one

Senior Management Team

Lee Pester –Chief Information Officer
Mandy Stewart – Chief D&I Business & Governance Officer
Katie Greenhill – Chief D&I Support Officer
Jason Scott – Chief D&I Technology Officer
Paul Denton – D&I Programme Manager
Mac Armstrong – Chief Clinical Information Officer (CCIO)
Sarah Dormor – Chief Nursing Information Officer (CNIO)
Nanette Bothma – Chief Medical Information Officer (CMIO)
Duncan Cripps – Chief Clinical Support Services Information Officer (CCSSIO)
Sally King – Chief Clinical Support Services Information Officer (CCSSIO)

IM&T Organisational Chart Aug 2023.pdf [pptx] 48KB

Hardware Estate

The following data is a list of key classes of IT equipment and is extracted from our Configuration Management Database. In the case of PCs & Laptops, the list is further filtered for those items that have been active on our network in the last twelve months.

PC’s	4544
Laptops	3413
Handhelds (various) –iPads at 325	1481
Print servers (managed print service)	404
Printers (Non managed printers – excluding Zebra & Brother)	407
Printers (Non managed printers including Brother)	465
Barcode Printers (Zebra)	502
Mobile phones	1440
Telephones	4500
Softphones	1000
Wireless Access Points	800
Network points	13500
Datacentre	2
Pagers (pageone)	993
Bleeps	629

Financial Data

The below data provides a high level overview of D&I revenue and capital budgets for the 2021/2022 year.

Revenue

Revenue and capital budgets for 2021/22
Cost Centre Code Desc	Class	Funded	Budget (£)
D&I Service Desk	INCOME	-	£0.00
D&I Service Desk	PAY	12.51	£180,217.00
D&I Service Desk	NON-PAY	-	£120,820.00
D&I Service Desk	TOTAL	12.51
Bush Park Medical Records	INCOME	-	£14,369.00
Bush Park Medical Records	PAY	99.33	£2,439,568.00
Bush Park Medical Records	NON-PAY	-	£190,293.00
Bush Park Medical Records	TOTAL	99.33
Information Services - Second line support and Operational Management	INCOME	-	£0.00
Information Services - Second line support and Operational Management	PAY	24.73	£766,636.00
Information Services - Second line support and Operational Management	NON-PAY	-	£1,169,088.00
Information Services	TOTAL	24.73
Telecommunications	INCOME	-	£34,506.00
Telecommunications	PAY	4.6	£138,119.00
Telecommunications	NON-PAY	-	£51,035.00
Telecommunications	TOTAL	4.6
Information Management and Technology Training Team	INCOME	-	£0.00
Information Management and Technology Training Team	PAY	3.4	£115,552.00
Information Management and Technology Training Team	NON-PAY	-	£4,925.00
Information Management and Technology Training Team	TOTAL	3.4
IT project team	INCOME	-	£0.00
IT project team	PAY	6.64	£260,791.00
IT project team	NON-PAY	-	£12,250.00
IT project team	TOTAL	6.64
Software Development	INCOME	-	£0.00
Software Development	PAY	16.19	£558,335.00
Software Development	NON-PAY	-	£29,569.00
Software Development	TOTAL	16.19
Technology	INCOME	-	£1,542,803.00
Technology	PAY	13.13	£523,134.00
Technology	NON-PAY	-	£150,618.00
Technology	TOTAL	13.13
Telecoms Recharges	INCOME	-	£169,065.00
Telecoms Recharges	PAY	0	£0.00
Telecoms Recharges	NON-PAY	-	£25,136.00
Telecoms Recharges	TOTAL	-
Clinical Systems	INCOME	-	£0.00
Clinical Systems	PAY	14.52	£416,386.00
Clinical Systems	NON-PAY	-	£681,021.00
Clinical Systems	TOTAL	14.52
PACS / CRIS	INCOME	-	£0.00
PACS / CRIS	PAY	10	£319,855.00
PACS / CRIS	NON-PAY	-	£266,046.00
PACS / CRIS	TOTAL	10
ICT Infrastructure	INCOME	-	£113,264.00
ICT Infrastructure	PAY	20.85	£896,178.00
ICT Infrastructure	NON-PAY	-	£1,006,462.00
ICT Infrastructure	TOTAL	20.85
Print Room	INCOME	-	£0.00
Print Room	PAY	1.47	£34,079.00
Print Room	NON-PAY	-	£40,039.00
Print Room	TOTAL	1.47

Capital

Category	2021/2022 Budget
Hardware - New Equipment	£ 50,000.00
Hardware Rolling Replacement - Imaging Devices	£ -
Hardware Rolling Replacement – Networking	£ 16,000.00
Hardware Rolling Replacement - PCs/Laptops	£ -
Hardware Rolling Replacement – Telephony	£ 56,000.00
D&I Strategic (Electronic Observations, Theatres Information Management, Electronic prescribing)	£ 2,052,659.00
Infrastructure	£ -
New Systems	£ 583,371.00
Software Development	£ 280,000.00
System Upgrades	£ 30,000.00
Grand Total	£ 3,068,030.00

Contract Details

The Purchasing activity for University Hospitals Plymouth NHS Trust, D&I department will be undertaken in accordance with UK law, regulations and directives, and the Trust's Standing Financial Instructions with purchase orders being based on achieving value for money.

All contracts above the currently applicable threshold are legally required to be advertised in the Official Journal of the European Journal (OJEU), in accordance with EC and GATT rules on public procurement, and to comply with the White Paper on Standards, Quality and International Competitiveness (CMND 8621).

In support of the Trust's requirement to offer an open and transparent process within D&I procurement, the below list provides a description of key contracts along with anticipated expiry dates.

For any current tender opportunities please see https://plymouthhospitals.bravosolution.co.uk/nhs_collaborative/web/login.html

Some of the software systems that the Trust uses will store person identifiable data in accordance with UK GDPR rules. Where suppliers are contracted to provide such systems they are required to act responsibly on behalf of the Trust (Data Controller) as a nominated Data Processor. The Trust has a team who are are responsible for Information Governance, all new and existing suppliers should visit their web pages (https://www.plymouthhospitals.nhs.uk/information-governance) to make themselves aware of the duties they have, which will also be included in contractual agreements.

Managed Print Service

Our Managed Print Service (MPS) is managed by Ricoh UK and the current contract officially expires at the end of March 2022 however we are working with Ricoh to extend this to last for five years.

Toner logistics are managed centrally; this central store then delivers toner to the individual printers.

Except in a very few situations, printers are set up to pull print via “follow me printing”. This requires the user to log in to a printer and collect their prints as required. Colour printing is restricted

• MPS (Ricoh) devices – 404

• Non-MPS printers (excluding Zebra and Brother) – 407

• Non-MPS printer (including Brother as these tend to be label rather than barcode printers) – 465

• Barcode printers (Zebra) – 502

IT Disposal

D&I are fully Weee compliant and ensure that all IT items are disposed of safely and in-line with Trust policies. PCs, Monitors, Laptops, Docking Units, Servers, Scanners, IP Phones, Mobile Phones, Projector Cables, Phones, Keyboards and Mice are all disposable and all Hard Drives and Digital storage devices are incinerated on site.

Some PCs and laptops may be recycled internally dependant on specification and age however please note, D&I do not dispose of any clinical equipment, this is support by Mems.

D&Is preferred disposal company can be found using the following link: https://www.conceptmanagement.co.uk/ and deployment stats for 2020/2021 can be found below:

	UHP
PC	718
Monitor	425
Laptop	268
Printer	50
Docking unit	80
Scanner	14
Server	42
IP Phone	82
Projectors	1
Mobile Phones	62

Cyber security and the Freedom of Information Act 2000

University Hospitals Plymouth NHS Trust has following careful consideration of its experts concluded that it will refuse requests that ask about cybercrime events or ask for information that assists criminals.

The Trust, following a public interest test considers such information exempt from supply in compliance with both:

· section 31.-(1)(a) the Law enforcement exemption about the prevention and detection of crime

· section 38-(1) (a) and (b) the Health and Safety exemption

Additionally; the Trust will neither confirm nor deny it holds information in compliance with sections 31.(3) and 38(2). This is because the revealing of facts enables others to utilise such data to identify weaknesses or strengths. Please refer to our rationale.

All future requests for similar information will be referred to this statement and considered exempt from supply in accordance with section 21.-(1) - information accessible by other means. This avoids the need for repeated responses that are substantially the same.

Our rationale

The Trust seeks to be an open organisation and makes much non personal information available to the public as possible, however it will not jeopardise the care of its patients and staff if making information public put them in danger.

These exemptions apply because disclosing details of our security arrangements could prejudice the security and integrity of the Trust’s network and increase the risk of unauthorised access to information held by the Trust, much of which is confidential and sensitive. The level of detail that would be released would enable external parties, who are not privy to the confidential aspects of Trust’s IT systems, knowledge of our security equipment and by association its integrated network security. The Trust employs a range of security tools to mitigate the risk from different types of security threats. Firewalls, Intruder Detection Devices Antivirus and other products form a mesh of security that protects the Plymouth NHS Network and data, the more of these vectors that are known, the weaker the security of the network protection. There is a real risk that this knowledge could assist external parties in attempting a cyber-attack/hack into the Plymouth NHS Network. The anticipated harm from this is a breach of data protection (failure to adequately protect information resulting in an unauthorised disclosure), data loss, and disruption to patient care through a loss of IT services. The severity of harm is extensive with millions of patient records put at risk of unauthorised disclosure.

Systems failure endangers the physical or mental health and safety of patients and staff. Examples were frequently reported throughout the media following the WannaCry attack on various parts of the NHS and other organisations. The impact on the NHS has since been the subject of further investigations by both the press and educational institutions and their findings validate the approach we have taken.

Future requests

The Trust has consistently applied both section 31 and 38 to all “Right to know” requests received this financial year and will do so in the future. The responses to such questions are displayed within the Trust’s disclosure log. To avoid processing substantially similar requests, we will refer any new applicants to this standard explanation, when applicable.

Those with legitimate business enquiries should contact the ICT’s Procurement team using this email address:plh-tr.dibusinessservices@nhs.net rather than make Freedom of Information Act requests.

If you are unhappy with this approach, you have the right to complain. This should be in writing to the address below or preferably by email to plh-tr.foi-requests@nhs.net. We will then arrange for an independent appeal.

University Hospitals Plymouth NHS Trust
Freedom of Information Manager
Information Governance Team
Ground Floor, Brittany House
Brest Road
Plymouth
PL6 5YE

If you remain dissatisfied with the outcome of the appeal, then you have the right to appeal again to the Information Commissioner at:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

http://www.ico.org.uk

Tel: 0303 123 1113

Home Page

Search the University Hospitals Plymouth NHS Trust website