IMImobile Europe Ltd

Envoy Post - Digital & Hybridmail

Healthcare Communications' HybridMail removes the need to print and envelope communications. Our direct print2mail solution provides fulfilment and postage, full auditing and reporting of all mail. Configurability allows for simplex/duplex/mono/colour production per user. An offsite, secure print and mail solution is essential to allow customers to focus on core business.

Features

• Streamline your outbound mail processes
• Secure connection to print-production site with immediate cost savings.
• Track mail items through to RoyalMail for final mile delivery
• Agile and scalable to allow for unforecasted, high volume mailings
• No hidden costs, prices include; print, fulfilment, consumables and postage
• Quicker and cheaper mail production and postage
• Portal collect - injecting documents for delivery via portal

Benefits

• Track mail items through to RoyalMail for final mile delivery
• Agile and scalable to allow for unforecasted high-volume mailings
• No hidden costs, prices include; print, fulfilment, consumables and postage
• Flexible service with no minimum volumes
• Save time and space with printing/fulfilment equipment
• Environmentally friendly

£0.85 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at natasha2@cisco.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

140594026100870

Contact

Natasha Deaffern
020 4557 4108
natasha2@cisco.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Envoy - Patient Engagement, Envoy - Patient ExperienceFFT, Connect for Health
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements: None Required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support response times email tickets are acknowledged and receipted immediately 24/7 and assigned to a member of the support team. Responses times are inline with our standard SLA. Technical support immediately available during office hours Monday to Friday (08:30 - 17:30) receipting and assigned service available outside of office hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provided our NHS clients with 24/7 telephone and email support provided by our Support Desk. Training and onsite transformation &/or project support can be provided if and when required (scoped and costed to individual requirements).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite, remote and online training available within the service provision. User Documentation also available to download from the system. Dedicated PM assigned throughout the life of the onboarding.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Online Tutorials/Tour guides
  • Video
  • PDF
  • Word
  • Excel
  • Powerpoint
• End-of-contract data extraction: Standard operating practice is that all data is downloaded from the system and returned to the client via HSCN connection to a local server within the Trust within 30 days of the contract end date. Users can also manually download all data from the web interface.
• End-of-contract process: All data is returned to the client, with all user accounts disabled within an agreed period following contract end date. All data is systematically deleted from HC systems.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All functionality is still available, with lay out different to support device variance.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: A local application is installed within the Trust network to receive, encrypt and transfer data securely to the hosted platform. Direct printing available via print driver which can be deployed as a network printer, application printer or by named user.
• Accessibility standards: None or don’t know
• Description of accessibility: All public facing web tools are supported through the use of browser embedded technologies, enabling translation, reading tools and audio Accessibility testing.
• Accessibility testing: Services deployed in over 100 NHS Trusts.
• API: Yes
• What users can and can't do using the API: They can connect to the service.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: In line with data held and client specified requirements. Hierarchy, templates, placeholders and modes of communication. Service configuration and engagement based upon demographic rules. All provided as a managed service. Changes will be made via the Service Desk.

Scaling

• Independence of resources: We invest in the platform to ensure capacity is sufficient for demand. Platform is hosted in Azure with an elastic resource management application to allow for an increase in processing during peaks.

Analytics

• Service usage metrics: Yes
• Metrics types: Real-time reporting available via a secure web dashboard. Details all communication activity and digital interactions. Supported by a monthly statement of account detailing billable units.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Excel and CSV currently. Users can either access for manual downloads via the dashboard, or via scheduled downloads via the Data Transport Server application.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • REST API
  • Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee a service availability of 99.9% with our historical performance exceeding this guarantee. As such no service credit or refund process has been necessary or is offered.
• Approach to resilience: Available upon request.
• Outage reporting: Email and SMS alerts to key workers.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: User accounts are configured separately for management and support purposes.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI, Holds Certificate Number: IS 736923
• ISO/IEC 27001 accreditation date: 27/02/2024
• What the ISO/IEC 27001 doesn’t cover: Not Applicable
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Data Security and Protection Toolkit
  • ISO 9001:2015

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: NHS Cyber Essentials, Data Security and Protection Toolkit
• Information security policies and processes: We have worked to ISO 27001 standards since accreditation in 2001 and relevant NHS Information Governance Toolkit ( Data Security and Protection Toolkit) requirements and NHS Cyber Essentials. We are registered with the UK Data Protection/Information Commission registrar. We are compliant to GDPR regulation. We operate a comprehensive IMS (Information Management System) to ensure that all customer data is protected by strong controls against unauthorised access, theft, interception or compromise. This system is implemented as part of our ISO/IEC 27001:2013 processes and operated in-line with PCI-DSS requirements and UK data protection requirements. We confirm that we will comply with Local and other territorial legislation and regulatory controls as required. We understand the risks of storing and processing data in territories with extra-territorial reach (such as the US Patriot Act) and take all measures to ensure the security, availability and integrity of all customer data. Clear controls, roles and responsibilities are defined with respect to storage, processing, encryption and transmission of customer data.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are implemented only after review and authorisation from relevant team members. Assessment is made for security and performance impacts. We provide services to clients with scheduled quarterly upgrade cycles. All upgrades go through a defined change management process including a Change Advisory Board (CAB) that comprises technical and business stakeholders. The CAB assesses proposed changes to the service platform which includes the impact on service availability, performance and security. The lifetime tracking of changes to the components of our service is managed and documented within our ISO9001 accredited process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process assesses potential threats to our service based the following test schedule: monthly internal vulnerability scans, quarterly internal penetration tests and annual external penetration tests carried out by certified third party. Identified threats are impact assessed and prioritised based on severity with patches applied appropriately which could be immediately for severe threats. Information about potential threats comes directly from our testing activity, from our customers and suppliers and our security team who are trained and supported by SANS Cyber Security.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We identify potential compromises using high industry standards such as ASVS and CIS. We utilise a continuous monitoring and analysing Security Operations Centre (SOC) team. Along with this we regularly orchestrate up to date CREST approved penetrations tests and run regular vulnerability scans across our platforms to ensure we have no known exploitable areas. We have an defined incident management process compliant with ISO 27001 requirements. Responsibilities and procedures are in place to handle information security events and weaknesses effectively once they have been reported. Logs and security events are monitored and acted upon by our 24 hour SOC team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an established incident management process compliant with ISO 27001. Responsibilities and procedures are in place to handle incidents effectively once they have been identified. A process of continual improvement is applied to the response, monitoring, evaluation, and overall management of information security incidents. In case of a failure of our services, it is communicated to the relevant stakeholders with appropriate information. All logs and security events are configured to centralised SIEM solutions and monitored by our 24 hour Security Operations Centre team. Incidents are logged and tracked until closure with full incident reporting and analysis provided.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  IMImobile was acquired by Cisco in 2021. For over 15 years, Cisco has been a leader in environmental sustainability, working to cut emissions, reduce waste, and create efficient products. Its sustainable design ethos is evident in its products, such as smart technologies and telecommuting tools, which help to decrease energy use and travel, thus reducing carbon emissions.; ; The Cisco Foundation has committed a substantial $100 million over ten years to fight climate change by funding technological solutions, carbon and GHG reduction efforts, climate resilience, and green job initiatives, as well as educational programs for communities. Cisco is also refining its supply chain and technology production processes for better ecological outcomes.; ; Globally, Cisco has transitioned to 100% renewable energy in multiple countries, including the UK. The company is close to its goal of using renewable electricity for at least 85% of its energy needs worldwide in 2022 and is set to achieve a 60% reduction in Scope 1 and 2 GHG emissions. Collaborative efforts with suppliers aim to minimise emissions throughout the supply chain.; ; Embracing circular economy ideals, Cisco is on course to design all new products and packaging by 2025 to be circular, with a focus on reuse, repair, and efficiency. Moreover, Cisco is enhancing its product services and take-back programmes, maintaining its pledge for 100% product returnability.; ; Cisco's environmental strategy aligns with its vision for an inclusive future, leveraging innovation for the benefit of communities and the environment. The company transparently sets and reports on its environmental targets, in line with the Science Based Target initiative.; ; Cisco has set a target to achieve net-zero GHG emissions across all scopes by 2040, ten years earlier than the global recommendation. This includes a plan to reach net-zero for Scope 1/2 emissions by 2025, demonstrating its dedication to a sustainable future.

  Covid-19 recovery

  IMImobile was acquired by Cisco in 2021. As the pandemic led to unprecedented shutdowns, Cisco swiftly took action to support the vulnerable, aiding nonprofits that delivered assistance to first responders and those needing food, housing aid, or financial relief due to lost wages.; ; Cisco and its collaborators focused on deploying networking, security, and IoT solutions to facilitate vaccine logistics from manufacturing and delivery to patient care. Quality control is bolstered by AI-driven sensors and cameras that monitor critical variables such as temperature and efficiency, while comprehensive security measures safeguard access to vaccines and sensitive information.; ; Cisco and Meraki extended support to entities of various sizes through technology contributions and adaptable pricing options. Post-pandemic, the working landscape is set to change, potentially leading to reduced traffic, lower environmental impact, and job growth outside urban centers due to fewer people returning to offices full-time.; ; Webex is at the forefront of enhancing remote work, integrating AI and cutting-edge technologies to enable seamless collaboration, including data sharing and large meetings, on a single, unified platform.; ; In partnership with government bodies, Cisco has facilitated secure remote work infrastructures, bolstered public participation, and ensured the continuity of essential services in tough situations.; ; Cisco's efforts have also eased the shift to online learning, supported by its social responsibility initiatives such as the Cisco Networking Academy and collaborations with nonprofits like Talking Points and the MIND Research Institute.; ; Understanding the significance of collaborative efforts, Cisco teams up with organisations like MuralNet, where it contributes financial aid and shares its technical and market acumen to promote the Sustainable Tribal Networks program, emphasising the importance of partnerships in driving substantial progress.

  Tackling economic inequality

  IMImobile was acquired by Cisco in 2021. Cisco's Conscious Culture is a beacon of inclusivity, driving support for diversity, team collaboration, and community outreach. This philosophy is integral to Cisco's mission to empower an inclusive future, particularly for the underserved, using technology to address societal issues such as disaster response, economic inequality, digital access, and the education gap. Cisco's ambitious target, set in 2016, is to impact one billion people by 2025 through grants and CSR efforts, focused on seeding tech solutions via nonprofit partnerships.; ; Cisco prioritises equitable access to technology, nurturing opportunities that foster community development and economic progress. This commitment is evident in support for skill development, inclusive entrepreneurship, and financial services for the unbanked, promoting both local and global economic growth.; ; The Cisco Crisis Response (CCR) team, combining the Critical Human Needs and Tactical Operations teams, provides robust humanitarian support. With a network of over 300 volunteer Cisco employees, CCR extends assistance through grants, technical advice, and emergency network services.; ; Notable achievements of CCR include guidance on tech grant usage, supporting COVID-19 relief with equipment and remote help, building partner capacity, engaging in strategic alliances like the Emergency Telecommunications Cluster (ETC), and empowering Cisco volunteers to make a difference.; ; Cisco's Networking Academy has helped over three million individuals in 2021, and the Pathways Programme offers workshops and work experience to inspire future IT professionals.

  Equal opportunity

  IMImobile was acquired by Cisco in 2021. At Cisco, inclusion acts as a bridge, connecting diverse perspectives and fostering innovation through digital transformation. By investing in our people, we're developing innovative solutions to critical business challenges and reinforcing our commitment to equity and diverse talent development. We’re cultivating emerging leaders and embracing technology to create inclusive spaces while advocating for social justice globally.; ; Cisco is committed to diversity, equity, and inclusion, starting with leadership. Our executive leadership team is one of the most diverse in the industry, with 46% women and 54% representing a mix of genders and ethnicities. Our Board of Directors is also diverse, with 36% women, and ethnic representation including 9% Asian, 9% African American or Black, and 18% identifying with diverse sexual orientations.; ; Reflecting on our fiscal 2020 data, our global workforce was 27% women, while in the U.S., ethnicities included 51.8% White, 36.5% Asian, 5.8% Hispanic/Latinx, and 4.1% African American/Black. We continue to see growth in workforce diversity, notably in the recruitment of African American/Black talent across various levels.; ; Cisco's new strategies for enhancing diversity involve innovative talent acquisition frameworks, such as advanced tools for talent market analysis, crafting job postings to attract diverse applicants, and ensuring diverse interview panels.; ; We stand firm in driving social change for all communities, regardless of color, ethnicity, gender identity, military service, ability, age, sexual orientation, social class, faith, nationality, or family status. Cisco has pledged to CEO Action for Diversity and Inclusion and outlined our Social Justice Beliefs, including addressing systemic racism with an antiracist stance.; ; We uphold fair compensation as a founding signatory of the White House Equal Pay Pledge and through our leadership in the Employers for Pay Equity Consortium. Cisco also employs a comprehensive framework for analysing our compensation system to promote pay equity.

  Wellbeing

  IMImobile was acquired by Cisco in 2021. At Cisco, we prioritise our employees' well-being, advocating for a safe and supportive work-life balance. We believe that recognising individuals for their uniqueness and promoting harmony between professional and personal life leads to greater productivity and community contribution. Our goal for 80% employee involvement in community outreach was reached in 2020 and maintained in 2021, with over 85% of UK & Ireland employees participating.; ; As a Responsible Business Alliance (RBA) founding member, Cisco enforces the RBA Code of Conduct with our suppliers, ensuring they uphold human rights, health, well-being, and economic opportunities. Suppliers' compliance with our standards is rigorously evaluated.; ; Cisco supports employee well-being through various initiatives:; • Regular company-wide meetings for check-ins; • Team Space for weekly leadership updates; • Functional and regional all-hands gatherings; • Quarterly leadership and dedicated Leader Days; • 'We are Cisco' digital community platform; • 'A Day for Me' providing paid leave for employees to rest; • 29 Inclusive Communities with a range of resource groups and networks; ; Our commitment to a supportive work environment has earned Cisco top accolades. In 2022, Fortune's 100 Best Companies ranked us as the number one Best Place to Work across multiple countries and second-best in the UK and Ireland. Our inclusive culture empowers employees to focus on their well-being, navigating through times of change.; ; For the second year in a row, in 2023, Cisco UK was honoured as the best workplace for well-being in the super large category (https://www.greatplacetowork.co.uk/awards/uks-best-workplaces-for-wellbeing-2022/), reaffirming our dedication to fostering employee health and happiness.

Pricing

• Price: £0.85 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at natasha2@cisco.com. Tell them what format you need. It will help if you say what assistive technology you use.