SAS Software Limited

SAS® Customer Intelligence 360 for Healthcare

SAS® CI360 for Healthcare empowers healthcare professionals by connecting siloed patient data in a federated model facilitating orchestrated patient communication journeys across different treatment needs and service availability. An ecosystem platform allowing automation of communication needs based on analytical insights and content generation through generative AI optimizing performance and cost.

Features

• Comprehensive patient communication platform with multi-channel support.
• Composable CDP with integrated insights and no data charges.
• Embedded analytics with SAS, Python, R support providing advanced insights.
• Supports major cloud database providers (Snowflake, Google, Redshift, Azure).
• Full communication orchestration tool with easy drag-and-drop features.
• Supports native and connected channels with user-friendly interface.
• Includes Generative AI for content creation and user support.
• Built-in advanced reporting with customizable KPIs.
• Advanced Decisioning for automating complex processes.
• Comprehensive planning and workflow management for communication programs.

Benefits

• Supports ‘Living Well for Longer’ through personalized content.
• Automates repetitive tasks, freeing resources for complex tasks.
• Advanced modelling capabilities for fast, effective patient care.
• Hybrid data model and CDP minimizes data movement reducing errors.
• Captures and interprets real-time data for dynamic communication.
• Allows defining unique goals for clearer insights.
• Always-on SaaS solution with regular updates.
• Uses Generative AI for responsible and ethical content generation.
• Selects audience from multiple data sources without data movement.
• Comprehensive API framework for easy integration with other tools.

£150,000 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukframeworks@sas.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

205060959787957

Contact

Neil Cruden
01628 486933
ukframeworks@sas.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: For system maintenance SAS carries out third weekend maintenance. SAS will initiate this process and provide customers with advance notice of any planned maintenance.
• System requirements:
  • Client computers that run SAS interfaces require modern operating systems
  • SAS recommends 64-bit web browsers run on 64-bit operating systems
  • SAS supports 32-bit web browsers run on 32-bit operating systems
  • SAS requires Google Chrome 61.0 and later
  • SAS requires Mozilla Firefox52.0 and later
  • SAS requires Microsoft Edge 40.1 and later
  • SAS requires Apple Safari 10.0 and later

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Level 1 (Blocker). Critical SAS production system down or does not function at all. Initial follow-up 30 minutes.; ; Level 2 (Critical). Issue relates to loss of data, the inability of a User to access the System, or potential impact to key deliverable or deadline. Initial follow-up 4 hours of a SAS Business Day.; ; Level 3 (Major). Incident impacting a User's ability to perform a task without a critical deadline. Initial follow-up 1 SAS Business Day.; ; Level 4 (Minor). Usage questions. Initial follow-up within 1 SAS Business Week.; ; Level 5 (Trivial). Cosmetic problems. Initial follow-up within the next SAS Business Week.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: SAS is committed to providing accessible software, documentation, training and support materials through the ongoing evolution of our products and internal processes. Our goal is to enable users of all abilities to access the power of analytics. SAS strives to be the vendor of choice for organisations that need to deploy analytics in an inclusive manner. ; ; SAS has adopted WCAG 2.0 AA as our internal accessibility standard for all software, documentation, training and support materials. SAS has appointed a Director of Accessibility and established a centralised Accessibility Team that is charged with implementing the internal accessibility standard. Several members of the team have disabilities. ; ; The Accessibility Team:; ; - is familiar with the WCAG 2.0 principles, guidelines, success criteria and common failures. ; - are resident experts on assistive technologies that are used by people with disabilities. ; - provide 3rd level customer support for SAS users with disabilities and recruit those users for usability tests in the SAS Usability Lab. ; - delivers accessibility training for R&D staff. To date, training classes have been created for WCAG 2.0, the Accessible Rich Internet Application (ARIA) specification, the JAWS screen reader for Microsoft Windows, and the VoiceOver screen reader for Apple iOS. ; ; Further information: www.sas.com/accessibility
• Onsite support: Yes, at extra cost
• Support levels: Level 1 (Blocker). A critical SAS production system is down or does not function at all, ; ; Level 2 (Critical). The issue relates to a loss of data, the inability of an individual User to access the System, or potential impact to a key deliverable or deadline.; ; Level 3 (Major). The incident is impacting a User's ability to perform a task without a critical deadline.; ; Level 4 (Minor). Usage questions; clarification of documentation.; ; Level 5 (Trivial) . Cosmetic problems in a document or interface.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Documentation is made available as part of the onboarding process - a presentation is provided to walk through the service elements including raising tickets, SLAs, escalation, data transfers etc.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: EPUB
• End-of-contract data extraction: Users can extract their data when the contract ends through SFTP. The data can be also be supplied on customer supplied media.
• End-of-contract process: Upon receipt of confirmation of notification to end the contract, a ticket is raised with a request to decommission the environment, including the terms for data handling. Instances specific to that customer are terminated. Backup data may be overwritten with future backups or sanitized based on an agreed upon timeframe. Data is returned to the customer via the agreed route.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A mobile application is available to access reports and dashboards from iOS or Android mobile devices tailored to mobile use. Core usage, including content creation, is via a desktop device web browsers.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interfaces act as both a provider (inbound) and consumer (outbound). For example, when acting as a provider; analytic models that are deployed within the Cloud Analytics Service are made available to external applications through the RestAPI. When acting as a consumer; the service interface takes the form of the SAS Job Execution Web application which can be used for web reporting, performing analytics, building web application and delivering content to clients. The REST API documentation can be found here: https://developer.sas.com/guides/rest.html The Job Execution Web application documentation can be found here : https://go.documentation.sas.com/api/docsets/jobexecug/2.0/content/jobexecug.pdf
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: SAS is committed to providing accessible software, documentation, training and support materials through the ongoing evolution of our products and internal processes. Our goal is to enable users of all abilities to access the power of analytics. SAS strives to be the vendor of choice for organisations that need to deploy analytics in an inclusive manner. ; ; SAS has adopted WCAG 2.0 AA as our internal accessibility standard for all software, documentation, training and support materials. SAS has appointed a Director of Accessibility and established a centralised Accessibility Team that is charged with implementing the internal accessibility standard. Several members of the team have disabilities. ; ; The Accessibility Team:; - is familiar with the WCAG 2.0 principles, guidelines, success criteria and common failures. ; - are resident experts on assistive technologies that are used by people with disabilities. ; - provide 3rd level customer support for SAS users with disabilities and recruit those users for usability tests in the SAS Usability Lab. ; - delivers accessibility training for R&D staff. To date, training classes have been created for WCAG 2.0, the Accessible Rich Internet Application (ARIA) specification, the JAWS screen reader for Microsoft Windows, and the VoiceOver screen reader for Apple iOS. ; ; Further information: www.sas.com/accessibility
• API: Yes
• What users can and can't do using the API: SAS REST APIs support application developers, who intend to build on the work of model builders and data scientists, to deliver apps based on SAS. Users can create and access SAS resources using any client technology, eg Java, Python, JavaScript, C, C#, Perl, or other programming languages. All that is required is a standard library for executing HTTP requests and parsing/generating JSON data. Users can integrate the capabilities of SAS into business processes or to extend and customise SAS to meet specific requirements, including Visualisation. Provide access to reports and report images Compute. Act on SAS compute and analytic servers, including Cloud Analytic Services (CAS) Text Analytics. Provide analysis and categorisation of text documents Data Management. Enable data manipulation and data quality operations Decision Management. Provide access to machine scoring and business rules Core Services. Provide operations for shared resources eg files and folders Cloud Analytics Services (CAS) REST APIs primarily supports data scientists, programmers and administrators, who interact with CAS directly and are knowledgeable about CAS actions. The API provides REST access to CAS server and the CAS grid. There are API operations for executing CAS actions, managing the CAS sessions, monitoring the system, and inspecting the CAS grid.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The technical capabilities offered by the service are fixed. Those capabilities can be used by customers to populate the environment with their own data, and to create reports, dashboard, analytical models and data processing routines to suit their specific requirements.

Scaling

• Independence of resources: SAS does not offer a multi tenanted environment. The environment is sized appropriate for the user numbers that will be accessing the system.

Analytics

• Service usage metrics: Yes
• Metrics types: SAS can provide reports, as appropriate, that display server health and solution availability, such as the following: - Server up-time - Disk usage per file system - Database operational/listener status - List of user IDs that are currently logged onto the server - Network interface status - Total disk usage - CPU specifications - Memory utilization SAS also performs enhanced monitoring, as appropriate, to confirm the effective operation of hosted applications. Checks, which must be non-intrusive, involve navigation and key functionality according to role for each applicable environment. Monthly service reports are provided and discussed during the monthly service meeting.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The Service encompasses comprehensive data processing capabilities, that allow users to create data export processes to a wide variety of formats. These capabilities are accessed using the normal user interfaces of the Service.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • JSON
  • Customisable structured file formats
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Microsoft Office
  • XML
  • Customisable structured file formats

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As part of the service SAS offers a 99.5% up-time warranty . SAS can offer service credits if you are effected by any outage.
• Approach to resilience: SAS Customer Intelligence 360 software follows a practice of Design for Resiliency and where possible, services and data stores are designed and hosted in HA configurations to provide redundancy and resiliency. Most CI360 services in AWS are hosted on multiple nodes behind Load Balancers or in containers to automatically distribute application traffic across multiple Availability Zones.
• Outage reporting: Customers can subscribe to notifications from https://status.360.sas.com/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: SAS restricts access in management interfaces via the use of privileged accounts. All privileged access requests for users in roles required to support all project must be tracked and include review and approval by requester’s manager, SAS IT Hosting Services, and SAS Global Information Security (GIS) management based on the role the employee is requesting. Employees are prompted with rules for being granted privileged access to acknowledge their acceptance thereof. Privileged access requests for project resources for privileged access to customer-specific hosting environments must also be requested and approved by the project owner or the SAS resource’s manager.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable Certification Limited - www.approachable.uk.com
• ISO/IEC 27001 accreditation date: 17/02/2012 (14/11/2021-23/11/2024)
• What the ISO/IEC 27001 doesn’t cover: Scope of Activities included:; The provision of SAS software and associated services based at and ; operating from Marlow HQ in accordance with Statement of ; Applicability version 2.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials (CE)
  • Cyber Essentials Plus (CE+)
  • The infrastructure security certificates including ISO 27001, 27017 and 27018
  • The infrastructure security certificates including SOC2 and 3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC 2 Report – Report on Controls at a Service Organisation Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy (Type 2); ; SOC 3 Report – Trust Services Report for Service Organisations.; ; SAS monitors external standards, best practices, industry and regulatory requirements that may be applicable to customers.
• Information security policies and processes: SAS’ strategic business plan and risk management framework provide the context for identifying, assessing, evaluating and controlling information-related risks through the establishment and maintenance of an Information Security Management System (ISMS) Policy. The risk assessment, Statement of Applicability and risk treatment plan identify how information-related risks are controlled. The Information Security Manager is responsible for the management and maintenance of the risk treatment plan. Additional risk assessments may be carried out to determine appropriate controls for specific risks. Fundamental to this policy are business continuity and contingency plans, data back-up procedures, avoidance of viruses and hackers, access control to systems and information security incident reporting. Control objectives are contained in specific, documented policies and procedures. All employees of SAS and certain external parties are expected to comply with this policy and will receive appropriate training. The ISMS is subject to continuous, systematic review and improvement. SAS has established a management information security committee, chaired by the General Council (Europe) and includes the Information Security Manager, Head of Information Technology, Head of Customer Success to periodically review the security policy. This policy is continuously reviewed to respond to any changes in risk assessment or risk treatment plan and at least annually.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: SAS' policy is to utilise standardised, effective methods and processes for requesting, implementing and communicating change practices. Respective owning departments manage change management and maintenance of systems. SAS adheres to defined change management processes and procedures based on hosting customer requirements. Customers or SAS can request changes based on required functionality or maintenance of the hosted environment, a Change Advisory Board (CAB) manages changes to the SAS environment. Changes are tracked using ticketing systems. After a change is completed, the security function of the solution is checked to verify that the functions are implemented correctly and operating as intended.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: SAS maintains subscriptions to vulnerability alerting services and monitors these lists for new vulnerabilities affecting SAS. An assessment of impact is performed for vulnerabilities with a criticality of Critical or higher. SAS Global Information Security reviews these vulnerabilities with appropriate, responsible parties focusing on risk, impact, and remediation, if applicable.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: It is SAS policy to monitor the availability and performance of each component within a hosted instance using enterprise monitoring applications. These applications provide for operational status and availability of applicable SAS solutions, database instances, networking, and infrastructure, including leveraged services.
• Incident management type: Supplier-defined controls
• Incident management approach: It is SAS policy to follow incident management best practices to ensure the rapid detection and restoration of services that can occur as a result of unplanned events that effect, or have the potential to effect, the hosting environment, third party data centres, or both.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  SAS recognises its most material environmental issues are the use of energy and related greenhouse gas emissions from site operations, datacentres, and the development of software solutions. ; ; In 2022, SAS received Science-based Targets initiative (SBTi) validation for its 2050 net-zero commitment and its 2030 interim reduction target which increased to a 52.6% reduction from its 2018 base year. These targets reflect a more ambitious path to net-zero by expanding GHG inventories to include fugitive refrigerant emissions from global offices, all scope 3 emissions from operational and capital spending with suppliers, energy-related transportation and distribution, well-to-tank emissions from direct and indirect energy sources, and more comprehensive methodologies to account for emissions across all scopes. SAS remains committed to the goals of the Paris Climate Accord and the Business Ambition for 1.5°C. ; ; To achieve its net-zero ambitions, SAS assigns top priority to minimising energy consumption and related emissions from its operations. Key energy and emissions mitigation initiatives include establishing aggressive energy and emission reduction goals; building and maintaining facilities to LEED® guidelines; installing electric vehicle charging stations; investing in renewable energy; pursuing smart energy-efficient technologies for office buildings and data centres; encouraging teleconferencing to limit travel; and developing analytic tools to help employees understand the environmental impacts of their business decisions. ; ; The SAS Environmental Management Programme applies best practice ISO 14001 Environmental Management System processes and structure to drive continual improvement across business operations, and in the development of solutions and services to address its environmental impacts. ; ; SAS uses its own technology to measure and analyse the performance of its sustainability initiatives. SAS software calculates the company’s global carbon footprint and the impacts of business processes and mitigation initiatives. SAS solutions support the application of global standards such as the Greenhouse Gas Protocol and the Global Reporting Initiative Enabling continual improvement.

  Covid-19 recovery

  In an increasingly data driven world, data literacy means new ambitions, ideas and possibilities. In 2021, the SAS STEP Programme was launched in the UK and Ireland, a free digital learning programme to aid post-pandemic economic recovery by training people in much sought-after data skills, with the aim of finding them employment. The free SAS STEP programme provided jobseekers with skills in data literacy, data analytics and data science and free access to SAS analytical software and a suite of digital learning resources. ; ; After three years and nearly three thousand participants, the UK and Ireland SAS STEP programme retired on 31 January 2024. However, SAS remains dedicated to assisting job seekers, students, and customers in acquiring new skills or enhancing existing ones and has updated the SAS STEP programme to offer foundational data literacy training and an introduction to SAS programming for all. ; ; The SAS STEP site https://sas.com/step provides access to free training, offers and resources to equip individuals with vital data and analytics skills for in-demand jobs. This includes our coveted Data Literacy courses, and SAS Programming training which is the entry point to learning SAS programming for data science, machine learning, and artificial intelligence. ; ; Additionally, to meet the needs of learners and professionals adapting to new daily routines brought on by COVID-19, SAS launched flexible, free options for learning SAS. This resulted in more than 44,000 activations of the SAS Academy for Data Science and SAS Learning Subscription trials. ; ; In additional to general policy issues, SAS will engage with governments to offer its assistance when society and the communities we operate in face significant issues such as the COVID-19 pandemic. Early in 2020, SAS developed specific analytics and software tools for our government partners around the globe as governments raced to understand the crises and how to respond.

  Tackling economic inequality

  There is widespread evidence that big data analytics helps achieve short- and long-term development goals around the world. As the global leader in analytics, SAS is passionate about applying its cutting-edge technology and expertise to help solve some of society’s biggest problems such as poverty, disease, hunger, and illiteracy. ; ; SAS has always been an organisation motivated by challenges to use its technology to build a better world. As the UN Sustainable Development Goals work to reduce inequalities and ensure healthy living, SAS seeks out opportunities where it can help create a brighter future for all. SAS’ social innovation initiative works to find creative ways to accelerate global progress and move the world toward a more sustainable future. One of the ways that SAS supports this goal is through the Data for Good movement, which encourages using data in meaningful ways to solve humanitarian issues around poverty, health, human rights, education, and the environment. From helping to boost healthy bee populations and combating deforestation to revealing racial disparities in homeownership and investing in patient wellness, SAS is contributing to building a better world for the people and the planet. ; ; SAS’ social impact programs rely on the curiosity and expertise of SAS employees who are passionate about using their skills for social good. Thanks to these efforts as well as the company’s partnerships with customers, industry groups, non-profits, governments and global organisations, SAS continues to discover new opportunities for analytics to serve the greater good.

  Equal opportunity

  At world headquarters and across all of its country offices, SAS is committed to providing an equal employment opportunity that treats all employees and applicants equally based on merit and experience – without regard to age, race, colour, sex, gender, gender identity, religion, creed, ancestry, national origin, citizenship status, marital status, sexual orientation, veteran status, disability, medical condition, pregnancy, or any other protected class as defined by government, regional or local law.

  Wellbeing

  SAS cultivates the optimal environment for creativity, encouraging employees to take risks and exceed expectations while helping them integrate work and life. SAS invests in employee career development, and employee health and well-being through several services, programmes, and benefits. As a workplace culture champion, SAS has always invested in keeping employees happy to help attract, retain and motivate top technology talent. SAS’ comprehensive support infrastructure ensures employees stay healthy – both physically and mentally – with such benefits as its Work/Life and Employee Assistance Program (EAP). SAS’ Work/Life ensures expert guidance for employees navigating difficult life events; it helps them lead balanced, healthy, and productive lives. ; ; SAS supports the idea that all employees have a natural desire to learn and grow. As part of its culture and benefits, SAS provides many development opportunities for employees, whether for specific job skills, business acumen or interpersonal competence. Training includes instructor-led classes, e-learning and live web training. SAS encourages employees at all levels to pursue training to hone their skills. Employees with sharp, updated, and relevant skills offer more value to SAS customers in the dynamic, evolving world of data and analytics.

Pricing

• Price: £150,000 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Access to an environment for Trial and demonstration purposes
• Link to free trial: https://www.sas.com/en_gb/trials.html

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukframeworks@sas.com. Tell them what format you need. It will help if you say what assistive technology you use.