TENDABLE LIMITED

Tendable

Tendable application is a cloud based, real time inspection and reporting tool for healthcare quality inspections. It eliminates administration by capturing inspection results directly onto Android or IOS devices and providing automated reporting. Customisable for every healthcare setting, it empowers frontline staff to own quality in their own area.

Features

• Practical mobile and web apps designed for the end users
• System prompts and personalised notifications to make prioritising work easier
• Tailor audits to specific areas making data entry more efficient
• Tag questions to customised themes CQC domains organisation priorities etc
• Real-time automated reporting data exports in PDF CSV other formats
• Integrated action tracking highlights actions addressing issues raised during inspections
• Issue resolution reporting highlights problems and speed being addressed
• Remote access via Android iOS devices and web browser
• Customisable for all health and social care settings
• Live dashboards for every level of your organisation

Benefits

• Implement a quality programme that's quick and easy to use
• Engage your staff in the quality journey
• Track measures which provide biggest safety boost organisation-wide
• Real-time reporting from every area of your organisation
• Visibility of action being taken to resolve issues
• See where your issues are to identify themes and trends
• Frees up time to care for patients and service users

£400 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at finance@tendable.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

690557562755856

Contact

Robert Thornton
020 7435 7349
finance@tendable.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Tendable is available on Android, iOS and Huawei smartphones and tablets. It aims to be backwards compatible providing support to devices on the two previous OS versions. The app requires internet access (though can work offline during inspections). Inspections can also be carried out on computer desktops, via a web browser.
• System requirements:
  • Compatible Android and iOS devices
  • Internet access
  • Ability to upgrade to the latest version of the app
  • Licences require for usage
  • Compatible operating systems Android , iOS, PC (Windows, MacOS)
  • Compatible with any device supporting Chrome, Firefox web browsers
  • Compatible with any device supporting Edge or Safari web browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our response times are typically within 24 hours between Monday to Friday 09:00 to 17:30 GMT excluding English bank holidays. We may take longer to respond outside office hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All customers will have access to help desk support provided in office hours via phone and email. ; All customers have access to a self-service platform to manage their system configuration. Depending on the contracted service package, support may also include ongoing system configuration carried out by the Tendable team.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The onboarding approach will depend on the selected service package. All customers will have access to the Tendable virtual training suite, which will cover all elements of the system, including data capture, analytics and use of the admin portal for managing system configuration.; For Advanced and Custom package customers, there will be a dedicated Implementation Specialist, who will work with the organisation to design their quality program and will provide guidance and support on change management activities to ensure the system is embedded.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We will agree with users how they want to obtain their data. We can make the data available to them as pdf reports or work with them to enable a data feed so they can extract the raw data.
• End-of-contract process: Included in the price of the contract: At the end of contract, the customer will have the option for Tendable to archive or delete their data. All historical inspection reports will be provided to the customer in an electronic form. All users access to the Tendable application will be revoked. Not included in the price of the contract: Any additional requirements such as tailored data or reports will be subject to additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile and desktop service both enable users to carry out inspections, manage actions, review results, and personalise settings and notifications. The mobile application offers additional notification settings. The desktop service provides additional access to an analytics tool to review data on the quality programme, and to an admin portal allowing specific users to manage the overall quality programme.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Tendable’s service interfaces are designed for ease of use, accessibility, and robust functionality.; Integrated real-time monitoring and embedded support resources enhance user experience and operational efficiency, meeting the stringent needs of public sector clients.
• Accessibility standards: None or don’t know
• Description of accessibility: Users have the ability to utilise their accessibility tools to utilise the application. Font size, type and screen adaptation can be used alongside functionality
• Accessibility testing: Testing has yet to be completed with specific user types outside of the current process
• API: Yes
• What users can and can't do using the API: Tendable's external APIs provides authorised users with secure access to organisational data. Access is controlled through individual user tokens, which are issued via our developer portal. This portal also houses comprehensive API documentation to aid in integration and usage.; Users can leverage the API to retrieve detailed results and related analytics. However, the API is designed exclusively for data retrieval and does not support data import functions into the application.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Tendable can be customised by the organisation's admin (or Tendable) as follows: ; 1. Customised, multiple audits with customised question text, guidance text, images and web links and answer options. ; 2. Customised aggregation of questions into categories and ordering of questions. ; 3. Customise the questions that are asked in each area ; Tendable can be customised by Tendable's Customer Success team as follows:; 4. Customised areas for inspection including details of those in charge and location information. ; 5. Customisation of grouping of organisation into divisions and sites. ; 6. Customisation of inspection scheduling. ; 7. Customisation of tags for data aggregation; 8. Define whether to enable the ability to flag inspections as having been carried out by peer or expert auditors; End users can configure their own Tendable setup as follows:; 9. Setting and updating of user password ; 10. Customisation of user profile, team membership and contact information. ; 11. Customisation of alerts settings and inspection reminders for each user; 12. Customisation of analytics dashboards by bookmarking filters and changing the charts shown on each page

Scaling

• Independence of resources: Our service utilises Amazon Web Services (AWS) with autoscaling to ensure resource independence and consistent performance. AWS autoscaling dynamically adjusts server capacity to maintain stable performance irrespective of load changes. This automatic scaling, coupled with AWS's robust security measures, guarantees high availability and reliability, fulfilling public sector standards.

Analytics

• Service usage metrics: Yes
• Metrics types: Reporting provides metrics on system usage, deadline completion, inspection results, key issues and progress of actions generated in the system
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: We implement robust security measures for data at rest, utilising AES-256 encryption across our data center and on mobile devices. Access to data is tightly controlled with fine-grained, role-based access measures. We conduct regular audits and compliance monitoring to ensure adherence to regulatory standards such as GDPR.
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users are able to email historical inspection reports as a pdf document directly from the app, or download from the web portal. ; Full raw inspection data can be extracted via the API. ; An analytics tool is provided to users as standard which facilitates export of different views of the data submitted in CSV, PDF or PNG format; Further export scenarios may be possible, subject to additional costs.
• Data export formats: Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: Excel/ Paper inspections

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99% service availability, assured by Cloud Service provider assertion
• Approach to resilience: We use the IaaS provider resilience mechanisms including multiple availability zones within one region & database backups replicated outside of local regions.
• Outage reporting: Any outages that may have impacted customers will be reported to customers via email and/or phone calls.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: Username and password. Nominated admin(s) from the organisation is responsible for approving user access requests, managing user permissions and offboarding user accounts; Tendable supports Azure Active Directory integration for managing user permissions, onboarding, offboarding and single sign-on
• Access restrictions in management interfaces and support channels: End users have no access to management interfaces; they can interact with support channels and can review all tickets they themselves have submitted. ; Nominated leads from the organisation can be granted access to manage the Tendable system configuration and user management for their organisation; access can also be granted to review summary information of all support tickets raised by users from their organisation.; Within Tendable, access is managed on a "Need to know" and "Need to use" basis, only those staff members who require access to management interfaces and support channels to carry out their job will have access granted.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: SSO / MFA enabled on all internal systems where possible

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI GROUP
• ISO/IEC 27001 accreditation date: 12/01/24
• What the ISO/IEC 27001 doesn’t cover: The entire business is covered by the ISO certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The CEO is the executive sponsor of our Information Security Management System. The CFO is the responsible for all Information Security. The Information Security Manager is responsible for ensuring the Information Security Management System is adhered to and remains appropriate. We are an ISO 27001 accredited organisation which has a full suite of information security policies and processes which covers all aspects of Access Control, Asset Management, HR Security, Systems acquisition, Development and Maintenance & Supplier Management.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our product change process employs process management systems to record all change requests, tracking them through planning, development, and delivery. These systems provide a full change history of our products development. All changes are risk assessed based on the potential impact from both a functional and security to the service and a full roll back plan is in place.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We conduct vulnerability scanning across all external company devices and systems through an external provider. Patches and remediations are to be deployed to devices and systems within 48 hours.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We maintain logs of user activity, access to the system and have a process to review these logs for any suspicious activity. Any potential compromise will follow our internal security incident management policy for investigation and reporting. All data breaches will be assessed and where applicable be reported to the ICO where customer personal identifiable data is concerned within 72 hours
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We employ a security incident management policy as defined by our Information Security Management System which defines a common approach to the logging, assessment, reporting and resolution to each potential breach. All users are trained on this policy upon induction then at minimum once per year for a knowledge refresh or after a change ensuring they have the knowledge on reporting. The process is in place for any data or systems classified as private and/or confidential and includes personal data

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As an application designed to remove physical processes and digitise, the service has an inherently positive impact on carbon footprint. Additionally cloud infrastructure, flexible working and remote support model all deliver a light carbon footprint of operation.

  Covid-19 recovery

  Our solutions are designed around quality improvement and were used extensively to aid with COVID-19 assurance, training and guidance. As we move to a recovery environment our solutions are used to help reduce wasted capacity in the system, improve patient flow and drive operation efficiencies.

  Tackling economic inequality

  Our solutions are created to ensure that any user from any background can adopt our application; using the same methodologies as android and IOS, therefore economic background should not be a barrier to using our tools. Additionally, our solutions are designed to support transient workforces across varied economic and geographic domains, for example audits can be completed offline so WIFI is not required in out of reach areas. Tendable participate in healthcare outreach projects in lesser developed healthcare systems alongside our customers to support the sharing of best practise.

  Equal opportunity

  We are an equal opportunity employer, have an extremely diverse workforce and we value diversity of background, skill set and thought.

  Wellbeing

  At Tendable we offer a psychologically safe workplace and ensure all team members have support they need, from our mental-health first aider programme to our external well-being support services. Our office spaces are designed to have a variety of different workspaces, have onsite gyms and yoga classes. For our customers we offer a tool build within our solution to gain quality assurance over the health and wellbeing of their workforce.

Pricing

• Price: £400 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Time limited implementation of app to demonstrate efficacy and business case for customer

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at finance@tendable.com. Tell them what format you need. It will help if you say what assistive technology you use.