NECS Appointment Booking System
This adaptable web-based system enables patients to schedule appointments for various commissioned tests, including Covid antigen/antibody tests, flu vaccinations, and other public health-related vaccination programs.
Features
- Customise test availability based on region
- Choose from different test settings such as on-site or drive-through
- System generates and sends automated emails
- Configure the number of tests available per site
- Scalable web-based system for rapid expansion
- Fully hosted, no need for software installation, ensuring quick implementation
- Minimal training needed due to system's user-friendly interface
- Developed by the NHS, tailored for NHS use
- Option to include home testing delivery functionality
- Capability to fulfil mass group test orders
Benefits
- Access the booking system round the clock, 24/7
- Utilise a web-based platform for convenient access
- Streamlined and speedy test booking process
- Specific entry points for both staff and patients
- Easily adaptable to set up new test locations or schedules
Pricing
£30,000 a licence
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 4 3 8 6 9 3 0 5 0 5 3 5 6 3
Contact
NHS North of England Commissioning Support Unit (Hosted by NHS England)
Business Development
Telephone: 0191 3751789
Email: necsu.busdev@nhs.net
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No
- System requirements
-
- For supported versions and browsers see Compatibility Matrix at help.k2.com
- Azure Active Directory: K2 Cloud customers should use AAD authentication
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 2 working days
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
- Throughout the implementation phase, we will offer extensive support to the customer, ensuring a smooth transition. After the system is up and running, we will continue to provide robust maintenance and support, tailored to the customer's needs, along with comprehensive ongoing assistance, including wrap-around programme support as needed.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- NECS will provide virtual training sessions, along with various user guides relevant to the end user.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Customers can request a backup of their database at the end of the contract.
- End-of-contract process
- Upon contract completion, customers have the option to either renew their subscription or terminate it. If the contract expires or is terminated, customers can request a copy of all pertinent information/data stored in the system at that time. Environments and associated data will be securely removed 30 days after the agreement's termination.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Font size and lay-out scaled down for viewing on mobile devices.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
-
Browser-based design tooling :
Design and Build
- Workflows
- SmartForms
- Integrations
Administration
- Security and Compliance
- Roles
- Permissions
- Reporting
Users
- Workspace
- Forms
- Mobile
- Reporting - Accessibility standards
- None or don’t know
- Description of accessibility
- Non-text content is supported through the inclusion of text based values to ensure the information is accessible
- Accessibility testing
-
We have not undertaken any interface testing with users of assistive technology.
Non-text content is supported through the inclusion of text based values to ensure the information is accessible - API
- No
- Customisation available
- No
Scaling
- Independence of resources
- K2 Cloud operates on a scalable service that can adjust to short-term fluctuations in demand or long-term growth in usage and adoption. While it is currently deployed as a multi-tenant model, customer compute and data are segregated from those of other customers, ensuring isolation in both the compute and data storage tiers.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Upon request, reports detailing the status of each process and their instances can be provided. These reports enable real-time monitoring of process information and facilitate the identification of trends for process improvement.
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Other
- Other data at rest protection approach
-
Standard TDE Azure SQL, full database encryption.
Optional database column encryption based on database engine (i.e. AES 256 on SQL Azure) - Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- For an end user, The Testing System provide a capability to "Export to Excel" a list of results with filtering and paging options available. An export of a form displayed information can also be created in PDF format.
- Data export formats
-
- CSV
- Other
- Other data export formats
- •Excel and CSV (via extensions)
- Data import formats
-
- CSV
- Other
- Other data import formats
- Excel and CSV (via extensions)
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- NECS, via the K2 Cloud, provides customers with an Availability SLA of 99.9% within their production K2 Cloud tenant. Availability is defined as the ability for a customer to be able to access the production service environment irrespective of network connection or other intermediary issues outside of the control of K2. A Service Credit is available to customers should the K2 Cloud SLA not be met.
- Approach to resilience
-
NECS via the K2 Cloud makes use of SQL Azure as data store. SQL Azure creates automatic geo-redundant database backups. Full database backups happen weekly, differential database backups generally happen every few hours, and transaction log backups generally happen every 5 - 10 minutes. The backup storage geo-replication occurs based on the Azure Storage replication schedule – handled by Microsoft. The retention period for the database is 30 days. The above means that we can do any point-in-time restore of the data with a 10-minute accuracy within the last 30 days.
High availability (HA) is provided by default in the Production instance. Native Microsoft Azure capability is utilised in testing disaster failover (DR).
More details available in the K2 Cloud - Service Policies document. More details available on request - Outage reporting
-
The Testing System on the K2 Cloud is hosted on Azure datacenters. Azure status, planned maintenance and outages are reported via the website: https://azure.microsoft.com/en-gb/status. An RSS feed is available.
Communications channels to customers are via the K2 Cloud status page (status.onk2.com) as well as direct email notifications to subscription administrators.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Access restrictions in management interfaces and support channels
- The K2 Management site allows you to manage your K2 environment and components such as workflows, worklist items, SmartObjects, users and security. These are administrative tasks that are performed by the K2 administrator. The Server Rights node is used to add, edit, remove and refresh Workflow server permissions for users or groups. These rights will determine which users and groups can administer a K2 workflow server, export new workflows or impersonate a user.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 26/04/22
- What the ISO/IEC 27001 doesn’t cover
-
14.1.3 Protecting Application services transactions
14.2.1 Secure development policy
14.2.5 Secure development environment
14.2.6 Outsourced development - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- SOC 2 type II attestation report
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Our policies and procedures ensure adherence to both UK and NSA law and professional requirements and are fully compliant with, but not limited to, the latest GDPR, Data Protection Act (DPA), Caldicott Principles and the 10 Data Security Standards (National Data Guardian). We hold an IG Toolkit score of Level 2 and the governance of our ICT service is underpinned by a workforce of engineers with ITIL version 3 certification. Whilst we have not sort formal certification for information security governance, the majority of our policies and procedures have been designed to adhere to ISO 27001 Security Standards.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
Changes to the Cloud environment are tracked, approved, tested, and implemented in accordance with ISO27001 specification are are independently audited annually against SSAE 16 SOC2 standards for 12 previous months prior to the audit.
Changes by customers within the K2 Platform will be configured and operated by either customers or third party suppliers. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- K2 performs annual vulnerabilty testing internally and externally, as well as contracts out to a third party to perform an annual penetration test of the product and standard environment. These are conducted in accordance with ISO27001 specifications and are independently audited annually against SSAE 16 standards for 12 previous months prior to the audit and reflected within an SOC2 type II report.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Monitoring is conducted within Azure and consolidated within Elasticsearch for analysis.
Monitoring activities are handled in accordance with ISO27001 specifications and are independently audited annually against SSAE 16 standards for 12 previous months prior to the audit and reflected within an SOC2 type II report. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Customers can reach out to K2 support via web, phone or email to raise incidents. Incidents will be handled via K2's internal incident management policies and conducted in accordance with ISO27001 specifications. The processes are independently audited annually against SSAE 16 standards for the 12 previous months prior to the audit and reflected within an SOC2 type II report.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Health and Social Care Network (HSCN)
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
NECS is dedicated to assisting customers, though the delivery of our services, in achieving their strategic and operational objectives and ultimately enhancing outcomes and efficiency.
Led by NECS' Organisational Development and Corporate Services Director our Corporate Social Responsibility (CSR) Group, is responsible for ensuring we meet our CSR Strategy. Our Strategy underscores our commitment to environmental sustainability. We aim to achieve 'Net Zero' carbon emissions, within our control, by 2040 and 'Net Zero' for emissions, we can influence, by 2045. To fulfil this pledge, we continually adapt our processes, harnessing digital platforms to minimise emissions and resource consumption.
To digitalise service delivery, we leverage tools like SharePoint and Microsoft Teams to create accessible real-time digital collaboration workspaces. This fosters seamless communication and enables sharing of insights, comments, and revisions, whilst minimising our carbon footprint.
By embracing digitalisation processes and Artificial Intelligence, we enhance efficiency, accessibility, and collaboration, while simultaneously reducing the environmental impact associated with traditional paper-based processes.
We continuously monitor and analyse our environmental impact, employing proven continuous improvement techniques to mitigate any increase in emissions or resource consumption.
We commit to a 20% reduction in our carbon footprint, a 30% decrease in paper consumption, and a 15% improvement in overall operational efficiency.
Our method statement includes implementing cloud-based project management tools, minimising in-person meetings through Microsoft Teams, reducing paper usage by adopting electronic documentation, optimising travel routes to minimise transportation emissions, and transparently monitoring and reporting on Key Performance Indicators for continual improvement.
Our healthcare procurement team ensures compliance with the Social Value Act 2012, considering economic, social, and environmental factors in commissioning services. We support clients to achieve health improvements, reduce health inequalities, and meet Net Zero and Carbon Reduction targets. Our team have gained invaluable knowledge and experience which we utilise when delivering our solutions.Covid-19 recovery
As an integral part of the NHS, NECS played a pivotal role in supporting NHS England, Integrated Care Boards and Foundation Trusts in navigating and recovering from the challenges posed by COVID-19. We took a proactive approach in managing resources and internal capacity, ensuring our customers received the necessary support to alleviate pressure on services. Despite pandemic restrictions, our employees swiftly adapted to new working methods, embracing innovation to meet evolving demands.
We continue our commitment in supporting COVID-19 recovery efforts in several ways:
1. Providing Strategic Guidance: We offer guidance and support to navigate the complexities of COVID-19 recovery planning. This includes assisting the development and implementation of recover strategies tailored to each providers unique needs and challenges.
2. Delivering Operational Support: We provide operational support to help providers manage and recover from the impacts of COVID-19. This involves assisting with workforce planning, resource allocation and service redesign to meet challenging demands.
3. Facilitating Innovation: We encourage innovation in solution delivery to address the challenges posed by COVID-19. This includes supporting the adoption of digital solutions to improve efficiency.
4. Promoting Health and Well-being: Our mental health "first aiders" provide support and signposting to resources to promote physical and mental wellbeing. We collaborated with trade unions to develop a new framework for flexible working, reflecting our commitment to adaptability amidst COVID-19 and the recovery period. Our framework emphasises decentralisation from traditional office setups, prioritising wellbeing, and accelerating carbon footprint reduction efforts.
NECS is dedicated to playing a proactive and supportive role in COVID-19 recovery efforts, leveraging its expertise, resources, and partnerships to help provider organisations and communities emerge stronger from the pandemic. We are keen to share our experiences and best practices with both providers and customers, fostering collaborative efforts toward sustainability and efficiency.Tackling economic inequality
NECS, as an NHS organisation, is guided by core values of professionalism, honesty, integrity, and high-performance standards. We prioritise both short-term objectives and long-term sustainability, striving for a balance between acquired skills, employment opportunities, and societal impact.
Embracing a culture of continuous learning, we offer an online platform with diverse courses for NECS employees and customers. We track participation and completion rates to inform future course offerings, aiming for an 8% annual increase in course completions over the next two years.
Recognising the importance of hands-on experience, we launched the NECS100 Programme for Graduate trainees and Apprenticeships in 2020. In the first year, this programme saw the recruitment of 100 graduates and apprentices into our organisation. We continue to increase apprenticeships and graduate trainee opportunities annually, ensuring diversity in recruitment and providing mentorship for knowledge sharing and skill development.
We conduct periodic assessments of staff skills and expertise to identify gaps and areas for improvement. Collaborating with contracting authorities helps us tailor services to evolving customer needs. Our Business Development Team and members of our Executive Team have access to HSJ intelligence, which is a digital platform offering real-time information exchange. This helps us anticipate market needs and adapt the services that we provide accordingly.
Feedback loops with customers provide insights into service effectiveness and emerging needs.
Our method statement outlines ongoing efforts to enhance online learning platforms, strengthen apprenticeship programs, conduct needs assessments, and address inequalities in skill development. Through measurable Key Performance Indicators, we ensure transparency, accountability, and adaptability in achieving desired outcomes.
Overall, our skills policy aims to elevate the overall skill level of our workforce, bridge gaps, and reduce inequalities in skill development, creating a diverse, inclusive, and adaptable workforce prepared for the dynamic healthcare environment.Equal opportunity
NECS is committed to addressing inequalities within our organisation, evidenced by our ongoing reporting against the Workforce Race Equality Standard (WRES) and Workforce Disability Equality Standard (WDES). Through continuous efforts, we strive to enhance performance across all WRES and WDES indicators, gaining crucial insights into the challenges we face and working towards fostering a fairer, more inclusive workplace.
Our recruitment and selection policy reflects our commitment to positive discrimination through the Disability Confident scheme, ensuring that candidates are assessed solely based on their skills and relevant experiences. We take proactive measures to minimise opportunities for discrimination during recruitment by anonymising application forms and applying objective selection criteria. Furthermore, we maintain equitable pay across the organisation by adhering to NHS Agenda for Change pay rates.
Our training programmes prioritise Equality, Diversity, Inclusion, and Respect, creating an environment where diversity is celebrated, and equal opportunities are provided. We establish ground rules within teams to cultivate safe and inclusive learning environments, empowering every individual to realise their full potential.
To address inequality in training and development, we revamped our Talent Management Programme in 2020, offering stretch assignments and mentoring opportunities. Additionally, we introduced a 'reverse mentoring' programme, facilitating knowledge-sharing and enhancing employment prospects for colleagues from under-represented groups.
NECS focuses on enhancing experience, culture, and outcomes for all colleagues through an equality lens to support both protected and vulnerable groups. Leveraging insights from various reports and surveys, we have developed an Inclusion and Equality strategy encompassing communication pathways, workplace accessibility improvements, educational enhancements, workforce development support, and promotion of inclusive leadership.
These initiatives and policies are fundamental to our operations and will be upheld during the delivery of any call-off agreement. We remain open to sharing best practices with our suppliers and customers, fostering a culture of inclusivity and equity across our ecosystem.Wellbeing
NECS prioritises good mental health and wellbeing among our employees, recognising the impact we have on wellbeing, longevity, physical health, and productivity. We are committed to implementing measures that encourage and promote a healthy workforce.
Our approach to managing health and wellbeing is integrated and comprehensive, overseen by our Health and Wellbeing Group who ensure that NECS takes a proactive and engaging stance towards enhancing the health and wellbeing of our employees, thereby fostering a supportive and nurturing work environment.
Our health and wellbeing champions play a pivotal role in promoting a culture that prioritises both the physical and mental health of our workforce. These champions not only support their colleagues but also receive support and development opportunities themselves, contributing to a mutually beneficial environment.
In line with our commitment to supporting mental health concerns, NECS has trained several employees as Mental Health First Aiders (MHFAs). While MHFAs are not clinically trained in mental health treatment, they are equipped to recognise early signs of mental health issues and provide responsive assistance, including signposting individuals to appropriate support services.
To further support employee wellbeing, we offer an Employee Assistance Programme, providing access to online Cognitive Behavioural Therapy (CBT), mindfulness exercises for mental health, a virtual gym, advice on sleep and nutrition for physical health.
We encourage employees to engage in volunteering initiatives through allocated time and funding. Since launching this programme in July 2023, employees have reported improvements in self-esteem, confidence, and work-life balance, along with the opportunity to learn new skills.
These initiatives and policies are integral to our operations and will be upheld during the delivery of any call-off agreement. Furthermore, we are committed to sharing our best practices with suppliers and customers, fostering a collaborative approach to promoting mental health and wellbeing across our ecosystem.
Pricing
- Price
- £30,000 a licence
- Discount for educational organisations
- No
- Free trial available
- No