TANGO3 LTD

VDT: Clinic Booking Platform

VDT from Tango3 is a cloud based platform for appointment booking and clinic management. User focused, it enables self booking of appointments, as well as rescheduling, and cancellation. With simple management of:

Multi-stage vaccinations, eg. Coronavirus,
Booster vaccinations,
Staff vaccination,
Home visits,
Multi-site.

Features

• Automated SMS/emails to invite and remind patients to book
• Easy to use Admin system to support patients with booking.
• Build complex vaccination programmes using simple, clear rules system.
• Supports cohort based exceptions to rules to meet operational needs.
• Real time performance reporting and analytics dashboards with email reports
• Automated route planning tools for efficient management of home visits.
• Supports multiple sites and clinic types within a single system.
• Automated auto-scaling to meet patient demands.
• Co-developed with NHS and Local Authorities for mass-testing and vaccination
• Fully hosted with no software installation requirements - quick implementation

Benefits

• Allows users to easily manage and reschedule appointments reducing DNA's.
• Reduces errors managing the complex tracking of high volume activities
• Reduces admin costs by allowing patients to self book.
• Allow admin teams to focus on hard to reach patients.
• Data insights to monitor engagement, experience and operational performance.

£500 to £10,000 a licence a month

• Free trial available

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@tango3.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

183485133162672

Contact

Mike Trebilcock
07542819036
hello@tango3.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Modern Web Browser (Chrome / Edge / Firefox)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response within one working day, between 9am and 5pm, excluding weekends and UK bank holidays.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: In addition to standard support, a dedicated technical point of contact will be provided and available Monday to Friday 9am - 5pm.; ; Higher levels of support can be arranged at extra cost to support significant activity or vaccination programme changes as required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding process is flexible to support users needs. Onsite training is subject to additional costs.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extracts of all user records is provided free-of-charge at the end of the contract
• End-of-contract process: Extraction of user appointment records; Deletion of user data

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Patient booking app is a responsive web app, focused on users accessing the system from a link in an email or sms.; ; Admin app targets a browser on a desktop.; ; In both cases, all features are built with responsive technologies in place meaning that the information will recognise the nature of the device it is being run on, its resolution and will scale automatically
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Admin and Booking apps are accessed as a normal website via browser.
• Accessibility standards: None or don’t know
• Description of accessibility: Admin and Booking apps are accessed as a normal website via browser.
• Accessibility testing: We have not performed any testing with users of assistive technology.
• API: No
• Customisation available: Yes
• Description of customisation: All customer facing apps can be customised with logos, brand colours, questions and text. Additionally, Domain URL's and message from Email addresses can be customised.; ; Administration app configuration options include:; • Vaccination programmes; • Data retention period; • Email and SMS message content; • User access and permissions

Scaling

• Independence of resources: System is architected to auto-scale as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of users at each stage of booking and attendance process.; Number of SMS and emails sent; Users with invalid contact details
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: CSV export of data available on request.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS
  • XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: If service availability falls below 95% over a one month period then users will be refunded for this period. Availability excludes agreed deployment and maintenance.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts are provided to users.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Other
• Other user authentication: Email based authentication with single use links
• Access restrictions in management interfaces and support channels: Access is restricted by integration with third party systems or username and password.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Internal Policy
• Information security policies and processes: Staff receive regular training on security policies. Automated code analysis is performed as part of software build process. Policies include reporting to board level.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Requirements/defects and software development are tracked in a single unified system. Changes go through an approval and peer-review process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All changes are assessed against the OWASP Top Ten at the development stage.; High priority changes are deployed rapidly after the approval and review process.; Static code analysis for vulnerabilities.; Automated monitoring of open-source dependancies for updates and security issues.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: System administrators are notified automatically of potential security compromises. Incidents are triaged and resolved along standard support procedures.
• Incident management type: Supplier-defined controls
• Incident management approach: We have automated monitoring and alerting that alerts us to most incidents and allows us to react as quickly as possible.; ; Incidents can be reported by the customer through email or phone support.; ; The goal of incident management is to restore normal service as soon as possible. The following incident management process outlines the steps to restore operation to normal:; • Incident identification; • Incident logging; • Incident prioritisation & categorisation; • Investigation to identify issue or cause; • Fix and close identified issue; • Provide reports incident reports where required

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Wellbeing:

  Wellbeing

  Make participation in vaccination and testing programmes easily accessible to staff groups and citizens.

Pricing

• Price: £500 to £10,000 a licence a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full system use for 1 month. SMS charges will apply.

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@tango3.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.