BookingLab

GovBook | Local Government Booking Service

We've worked with 50+ councils to create an off-the-shelf appointment & event booking system that is proven to increase efficiency, cut costs & improve the resident experience. Powered by JRNI, the system provides a robust solution to manage a high volume of bookings for any appointment, event or course-based service.

Features

• Easy to configure booking rules, forms, and workflows
• 40-second end-to-end booking journey on all device types
• Comprehensive reporting dashboards and booking analytics
• Automated SMS/email reminders and customisable pre-and-post appointment/event communications
• A single platform for managing appointments/events, resources, and staffing
• Integrate to payment gateways, communication software, and enterprise apps
• Secure: ISO27001, PCI, GDPR & Cyber Essentials Plus certified
• Automated, rule-based waiting lists and multiple ticket/check-in options
• Accessible: WCAG 2.2AA compliant and built for mobile
• Multiple appointment/event types: in-person, virtual, and telephone

Benefits

• Deliver a quick and easy UX and provide 24/7 access
• Increase operational efficiency, reduce wasted capacity and cut costs
• Data-driven schedule and resource optimisation
• Improve communication with residents, minimise no-shows, and collect feedback
• Streamline admin processes and automate menial tasks
• Full white-label branding on all product user interfaces & API
• Improved data management for evidencing and reporting
• Connect workflows and deliver a seamless UX with open APIs
• Brings together online, mobile, and face-to-face appointments/events
• Variable pricing, re-occurring/bulk bookings, and multi-option discounts

£5,000 to £105,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@bookinglab.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

664850465224385

Contact

Chad Duggan
03334440203
info@bookinglab.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Any service constraints are handled and managed by bookinglab.
• System requirements:
  • Modern web browser
  • Internet connection to the online service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please refer to our Service Level Agreement included with our Terms and Conditions.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Core support is provided between 9am – 5pm Monday to Friday. ; ; Our supported customers receive access to our Support Desk; SLAs for response and resolution are included as standard and part of the annual license fee. 'How to' video guides, FAQ knowledge-base and a getting started training manuals available. ; ; As well as proactively monitoring your performance and providing regular platform-wide improvements, our Support Team will answer general queries about the solution, resolve technical issues and manage any escalations.; ; 24/7/365 support available on request only and must be included in an agreed Statement of Work.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Approved customers are on-boarded through the creation of JRNI Staging and Production Environments. ; ; BookingLab has a highly skilled configuration team who are able to assist with the initial setup and configuration of the system to meet the individual client needs. From this point the client will be able to alter those configurations themselves.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The JRNI technology stack can export data in several different ways depending on the receiving platform. SFTP is commonly used for CSV data, but our API can also support secure JSON data streams over HTTPS in and out of the platform. If the existing data transfer options are insufficient, we also employ a tightly-bound micro-services architecture as a core part of our platform, which allows us to create very small and simple bespoke services to send or receive data from almost any 3rd party source.
• End-of-contract process: Off-boarding follows the publication of automated emails and then the closure of their bookinglab account. ; ; It is the customer’s responsibility to download all collected data prior to the project completion. This can be exported directly from the platform admin interface. All booking and customer data can be extracted in a number of formats to ensure a safe and secure migration to any new systems being used. This would be an agreed format between the supplier and buyer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The booking platform is built from the ground up as a mobile-based application. All features and functionality delivered by the product are compatible with both Mobile and Desktop supported browsers.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Yes, the user interface is accessible using a supported web browser.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The platform is designed and tested to meet WCAG AA standards.
• API: Yes
• What users can and can't do using the API: The JRNI REST API is a HAL based API that allows you to manage all aspects of the JRNI platform.; ; JRNI is separated into three different APIs:; ; Public - The public API does not require authentications and it enables you to get information about services, resources, events, add items to the basket, view basket and checkout.; ; Member - The member API enables you to log in as a member, make bookings and amend or cancel their previously made bookings.; ; Admin - The admin API enables you to administer the account, such us create or amend people, resources or clients and view bookings.; The request format of the three APIs are:; ; Full developer documentation can be found at: community.bookinglab.co.uk
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Examples of areas of the booking system that can be customised include - additional services, additional resources, additional staff members, user levels, hierarchical user structures, notification settings, interface, layout, branding, pre and post booking questions.; ; Users can customise the system via platform configuration, in-house custom development or bookinglab services.; ; bookinglab has a highly skilled configuration team who are able to assist with the initial setup and configuration of the system to meet the individual client needs. From this point the client will be able to alter those configurations themselves.

Scaling

• Independence of resources: Via a dedicated cloud service or auto scaling policies.

Analytics

• Service usage metrics: Yes
• Metrics types: Bookinglab monitors availability from 3 locations; traditional server performance monitoring tools, hypervisor and load-balancer control panel systems ( via Amazon ) and external third-party availability monitoring packages. Other metrics are extracted from the system using report generation processes. We provide information on system uptime; Service Level Agreement metrics; security related metrics.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: JRNI

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Each organisation has complete access to their database, extensive Web Services API’s and development tools. All data is completely exportable, transferable and secure.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Bookinglab guarantees that the Booking Service will be available, excluding Downtime caused by Scheduled Maintenance, Emergency Maintenance or a Force Majeure Event, 99.5% of the time in a given calendar month (1st day to last day) ("Service Level"). The Service Level will not apply (and therefore no Service Credits will be applicable) to the extent that any Service Level Failure is caused by a failure of the Customer to comply with any Customer dependency or obligation, detailed in a Statement of Work or Order Form or the Master Subscription Agreement. ; ; If, as recorded at the end of a calendar month, the Booking Service fails to achieve the Service Level, Customer is eligible to receive a Service Credit as detailed in the table below. The Service Credit percentage will be calculated in relation to the Fees payable in the month in which the Service Level Failure occurred.; ; Uptime in a calendar month - (Service Credit); Less than 99.5% but greater than or equal to 99.0% - (5%); Less than 99.0% but greater than or equal to 95% - (15%); Less than 95% but greater than or equal to 90% - (50%); Less than 90% - (100%)
• Approach to resilience: Available on request.
• Outage reporting: Monthly report provided via the Customer Success team.; ; More information available on request.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Named representatives only by user role.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISO Quality Services Limited
• ISO/IEC 27001 accreditation date: 07/04/2022
• What the ISO/IEC 27001 doesn’t cover: Available on request.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Security Metrics
• PCI DSS accreditation date: 07/01/2021
• What the PCI DSS doesn’t cover: This certification is held by the service vendor: JRNI Limited.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Follow ISO27001.
• Information security policies and processes: Bookinglab adopt:; Internal audits in line with ISO27001;; Any deviations logged as tickets and fully investigated;; Issues mitigated.; Managed by our Engineering team.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Service components continue to be tracked and reviewed monthly, with risk assessments on security impacts.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Servers are built and attached to configuration management systems before being tested and permitted to access data, or accessed by the internet. These systems apply security requirements, including remedial actions found during penetration tests. Monitoring and IDS systems monitor for vulnerable settings, and alert engineers. ; ; Weekly reviews of CVE vulnerabilities are performed. Staff subscribe to updates from core news sources. Security incidents and vulnerabilities are investigated by the ISM and Operations. Issues are dealt with on the associated threat. Key contact points exist with customers. ; ; Patches are deployed on a priority basis, critical patches being deployed as soon as possible.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Bookinglab monitors availability from 3 locations; traditional server performance monitoring tools, hypervisor and load-balancer control panel systems ( via Amazon ) and external third-party availability packages. ; ; Real-time Intrusion Detection Systems are installed on all servers. Logs and activities are monitored at 3 levels - On-host, central in-environment, and bookinglab central log management locations. This allows for per-server IDS services. File integrity is ensured by the IDS system and server monitoring. Core files that are managed by central configuration management are monitored and reverted if changes are found. Alerts are directed to the Operations team, who operate an on-call 24/7/365 rota.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Bookinglab responds to incidents based on the terms of the Master Service Agreement that is in place between bookinglab and each customer. These terms are agreed as part of the contract process and defines the response process for 4 levels of incident, ranging from P1 (service inoperable) to P4. Incident reports are directed to the customer via an agreed process. This is usually passed between the bookinglab Account Manager and a nominated representative at the customer. ; ; bookinglab incorporates automation of issue resolution actions, where possible. Other issues have defined steps stored in an incident management wiki.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: NHS Network (N3)

Social Value

• Fighting climate change:

  Fighting climate change

  We pride ourselves on our contribution towards net-zero. Our solutions are designed to reduce carbon emissions, influence behaviour change, and expedite the usage of electric vehicles. To elaborate, our solutions have helped Nottingham City Council, Dumfries & Galloway Council (and many more) to change their organisation's travel behaviour by making it quick and easy to plan, book, and manage green business travel. With this solution, they’ve been able to Improve route planning, compare and book different (greener) travel options, and easily manage travel requests — all in one place. It is also worth noting that all of the organisations who have implemented our travel booking solutions have noted a significant reduction in their carbon emissions.; ; Our booking solutions also enable our public sector partners to go paperless (an operational norm which we ourselves abide by). What’s more, we operate a hybrid working model, whereby our staff are only required to be in the office one or two days a week. We also incentivise our team to travel into the office using greener modes of transport. Not only have we introduced a cycle-to-work scheme, but we now also offer subsidised public transport to-and-from our office space. ; ; Importantly, we also reside in a shared office that purchases electricity from a supplier committed to renewable energy and we only purchase energy-efficient office equipment. What’s more, we also encourage our employees to be mindful on a micro-level. This includes turning screens off when not in use, ensuring all plug sockets are switched off from the wall, disposing of rubbish/recycling correctly, and much more. While these actions are relatively small in the comparison to scale of the impending climate crisis, we believe that every action we take counts.
• Covid-19 recovery:

  Covid-19 recovery

  Our solutions are designed to help significantly reduce costs and improve operational efficiency. Importantly, this has resulted in huge savings, which have subsequently been passed down to other departments and the wider community. Essentially, this means that public services can keep critical frontline services open for residents, redistribute revenue for the benefit of the wider community, and ensure that residents can still access the services they need to support their mental (and physical) well-being. With the financial/social implications of COVID-19 becoming increasingly apparent, our solutions have never been more important.; ; What’s more, by digitally transforming public services, and subsequently, offering in-depth train-the-trainer style workshops/webinars — we’re playing our part in providing the opportunity for staff to train/re-train in a high growth sector and learn the skills they need to excel in the digital economy. In fact, our community is designed for this very reason — to allow public servants to share knowledge in order to improve the delivery of public services. In digitising their services, departments are also presented with their own opportunity to train and equip the younger workforce with digital skills that will allow them to excel in our digital-driven economy and offset the decline in more traditional job opportunities as a result of the pandemic. ; ; Our booking solutions have helped to reduce demand on essential mental/physical health services by reducing no-shows, making it easy to balance in-person and virtual appointments, helping to better manage resourcing, reducing admin/wait times, and much more. In fact, in the midst of the COVID-19 pandemic, we were able to support our government community in rapidly rolling out a purpose-built test booking system to over 100 locations across the UK. In this instance, our speed to deliver value was cited as being essential in helping to curb the spread of the virus.
• Tackling economic inequality:

  Tackling economic inequality

  We offer an array of project management, commercial, and software-based graduate roles and apprenticeships to kick-start careers in our high-growth tech industry. Our graduate/apprentice employees work on real projects, with real clients, and get real responsibility from day one — all whilst being supported to gain as much knowledge as possible from their experience. We also support those who wish to transition from previous occupations into a career in tech and are happy to champion a work/learning balance to facilitate this. ; ; As standard, we encourage and financially support all employees to undergo regular training and personal development to equip them with the skills they need to excel (both professionally and personally).; ; As mentioned previously, we offer in-depth train-the-trainer style workshops, webinars, and user forums for all of our partners — hence, we play our part in providing government staff with the skills they need to excel in the digital economy. We’ve also developed a government community where industry leaders from a range of professions (all within government) come together to share knowledge and learn from others in order to improve the delivery of public services and build upon their skillset. ; ; Please refer to the equal opportunity section to see how we ensure a fair, equal and open approach to hiring/workforce management.
• Equal opportunity:

  Equal opportunity

  We pride ourselves on making digital work for everyone. All of our solutions are quick, easy-to-use, and fully WCAG 1.2AA compliant. That's why over the last three years, we've been able to help 50+ organisations improve the accessibility of their online services for residents (and make digital roles available and attainable to a wide range of applicants). We’ve also developed rules-based logic and in-built search functionality that allows people with special requirements to easily find and book a service that meets their needs. Whether that’s a council staff member with particular ergonomic requirements who needs to book a desk or access space in a council building, or a resident that needs to book travel with wheelchair access and a 1-2-1 appointment with a public servant that can use sign language. ; ; What’s more, for residents that simply cannot access digital services due to a lack of skills, economic hardship, or other — we also offer booking modules for on-premises bookings and telephone bookings to ensure everyone has fair access to public services. ; ; Importantly, we are also committed to achieving a working environment which provides equality of opportunity and freedom from unlawful discrimination on the grounds of race, sex, disability, pregnancy and maternity, marital or civil partnership status, gender reassignment, religion or beliefs, age or sexual orientation. We have an in-depth diversity and inclusivity policy that seeks to remove unfair and discriminatory practices in their entirety. We, as a company, are wholeheartedly opposed to all forms of discrimination, and we evidence this in our day-to-day operations.
• Wellbeing:

  Wellbeing

  Gone are the days of one-way, announcement-style communication flows. Instead, residents now expect (and deserve) an open, two-way channel of communication that allows them to have their say on services that affect them. That's why all of our solutions are built to help public sector organisations improve how they communicate with constituents and adopt a more relational approach to government. With intuitive liquid templates and integrations to Gov.Notify, SMS, and email — we've helped 50+ government organisations build strong relationships with their residents. So, whether it's collecting feedback via automated follow-up surveys or sending personalised service updates, our booking solutions help you build services that your residents value and increase community cohesion. ; ; We’re also proud to have cultivated a government user group/community that is committed to sharing knowledge on digital best practices with the aim of further advancing digital government services. In keeping with this, we routinely hold webinars whereby representatives from as many as 50 public sector organisations get together to share knowledge. ; ; What’s more, our solutions play a vital part in the management of public-owned resources that foster community cohesion and promote physical and mental well-being. These services include but are not limited to sports pitches and leisure facilities, government-owned buildings, community centres/halls, and more. Hence, we like to think we play an active role in aiding community-focussed mental (and physical) health enhancement activities.

Pricing

• Price: £5,000 to £105,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A 14 day free trial of one of three SME versions of the software available on request.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@bookinglab.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.