Enovation UK Limited

File Share

The File Share module is used to exchange large files with patients and/ or colleagues in a secure way.

The file share module can be integrated with electronic healthcare systems.

Features

• Safe exchange of large files via Outlook mail add-in
• Recipients do not need an account or app
• Exchange up to 10 files at a time
• Max. file size 5GB (per file)
• Sender can withdraw / add files
• REST API available for XIS integration
• Adjustable retention period (1 – 30 days max)
• Proven scalability and reliability
• Supports Single Sign on
• All data is encrypted in transit and at rest

Benefits

• Easy to use from your Outlook environment
• Improves efficiency
• Reduces risks of data breaches and security incidents
• Reduces risk of spreading viruses - files are actively scanned
• Full control of shared files
• Easy to integrate
• Improves efficiency, automated file sharing
• Proven scalability, availability and reliability
• Easy to deploy
• Commitment to ongoing investment and innovation

£85 a user a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Liam.Canham@enovationgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

668815053127951

Contact

Liam.Canham@enovationgroup.com
08445611814
Liam.Canham@enovationgroup.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: The File Share module is an extension to the Enovation Zaurus and/ or Enovation Mail.
• Cloud deployment model: Public cloud
• Service constraints: No specific constraints on hardware.
• System requirements:
  • Outlook 2013 or later on Windows
  • Outlook 2016 or later on Windows
  • Outlook 2016 or later on Mac
  • Outlook 2019 or later on Windows
  • Outlook 2019 or later on Mac
  • Outlook on Mac (Microsoft 365)
  • Outlook on Windows (Microsoft 365)
  • Outlook on the web

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard support hours are Monday - Friday, 0900-1730 but these can be extended upto 24x7x52 and the response times are as agreed with the client and will be the same as during weekdays
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support is available by telephone during normal business hours, which is 09.00 – 17.30 5 days per week. In addition, “critical” support in case high priority incidents is provided 24 hours per day, 7 days per week. ; ; Dependant on the size and scope of project a technical support person would be allocated.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Enovation can provide both onsite and online training for integrators, administrators and end-users. ; ; User manuals are available online.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Files shared have a retention period of max. 30 days. Enovation cannot migrate data to the client or to the new service provider due to the retention period and encryption of data.
• End-of-contract process: Enovation will inform the client at the time of cancellation that the users will be deleted from the system.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Sharing files is done through the Outlook add-in on a desktop or laptop.; ; The recipient can download the files through a web interface which can be used on a smartphone, tablet, desktop or laptop.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The recipient receives a link which can be opened through a web browser.; ; Through the web interface the files can be downloaded.; ; The uploader can log in through the web interface to remove or delete files, also after the link has been shared.
• Accessibility standards: None or don’t know
• Description of accessibility: The File Share module can be accessed through Outlook when creating an email. The first time the user will log-in by using a username and password or single sign on.; ; The recipient can use the link and code to download the files.
• Accessibility testing: The interfaces and functionality have been developed and tested in cooperation with healthcare organisations and their patients. ; ; Their feedback has been included in the design and functionality.
• API: Yes
• What users can and can't do using the API: The File Share module offers a well documented REST API to share files from existing information systems.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: The service is hosted on our scalable infrastructure and is continuously monitored to ensure the best user experience.; ; Internet bandwidth within an organisation/or at home is an important resource when uploading large files.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Encryption of all virtual data and media.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: See description 'End-of-contract data extraction'.; Users of File Share can download the attachment(s) from the web interface and store them in their own environment. The download of the attachments will be in their original format and can be done in a ZIP-file or as separate files.
• Data export formats: Other
• Data import formats: Other
• Other data import formats: Users can be imported in a CSV format

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Each contract will include specific SLA's relating to the agreed performance and availability standards. Any compensation agreed for failure to meet performance levels will be clearly stated.
• Approach to resilience: Enovation has implemented a redundant infrastructure to ensure availability 24 hours a day, 7 days a week, 365 days a year. In case of a calamity within the primary datacentre the environment will be switched to the secondary datacentre minimizing downtime to minutes.; ; More information can be shared on request.
• Outage reporting: Through our online service status page: https://status.zaurus.io/.; You can also subscribe to updates via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Single Sign On (SAML2.0 or OpenID)
• Access restrictions in management interfaces and support channels: The File Share module is designed to help you meet the highest security expectations. Only designated employees have access to the management interface.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Kiwa Nederland B.V
• ISO/IEC 27001 accreditation date: 16/11/2023
• What the ISO/IEC 27001 doesn’t cover: Enovation services are covered by our ISO certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 27799

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 27701
• Information security policies and processes: All knowledge and processes are being documented in a central knowledge base: Information Security Management System (ISMS). The Security Office organise on a yearly basis several workshops to be sure important subjects are clearly explained and ensure up-to-date knowledge. Every department also has at least one member of an internal task force to guard the compliance of the security policies in place. Enovation is accredited for the Data Security and Protection Toolkit (DSPT) and also for Cyber Essentials.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Internal documentation tools are available for documentation. These are remotely accessible to be reviewed by peer colleagues within the company. Additional meetings with different knowledge groups are organised to keep track of the changes and steer on possible risks that might emerge.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Ongoing efforts are made to enhance the software. When new information is supplied by partners, clients, support teams or developers, a risk assessment is made by Product Management and the security office. If the risk is high, this will result in downtime until fixed. If not, the affected parties are informed when deemed necessary and fixes are added to the backlog for the next update. Updates and fixes are not tied to a strict release schedule.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Ongoing efforts are made to debug and assess the software. Internal knowledge sessions and meetings are organised to minimise the chance of overseeing defects. Once something emerges, an assessment is made to assign a time frame for a fix. In case of a large security risk, users will be informed.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our service goal is to restore normal service operation as quickly as possible following an incident, while minimising impact to business operations and ensuring quality is maintained. ; To log an incident users either complete an Incident Logging Template and email to us or call us on a dedicated support number. This email address is monitored throughout the day and your call will be picked up immediately. ; For incidents that require immediate attention and are outside office hours calls are made to the support telephone.; A summary is made of all incidents on a regular basis for performance review.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  By reducing the need for physical printing and distribution of documents, File share contributes to environmental sustainability by conserving paper, reducing waste, and lowering carbon emissions associated with transportation. This supports efforts to mitigate climate change and promote eco-friendly practices.

  Equal opportunity

  File share provides a platform for sharing information inclusively, ensuring that everyone has access to important documents and materials regardless of their location or physical abilities. This promotes equal participation and empowerment.

Pricing

• Price: £85 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Liam.Canham@enovationgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.