APEX NETWORKS LIMITED

Apex Patient Transport Software

Fully comprehensive cloud based Patient Transport software package for a flexible monthly subscription, including: control room dispatch, driver app, route planner, web booking portal, vehicle tracking, fleet management, HR, Business Stats, SMS Messaging App, Medicine box management, events management, invoicing.

Features

• Control Room Dispatch: Full control over every booking
• Driver App: New jobs and updates directly to drivers' phones
• Vehicle Tracking: Real-time tracking for you and your customers
• Route Planning: Automatically allocate single or multi routes planned routes
• Web booking portal: Customers book jobs and receive updates online
• Fleet Management: Mileage, Fuel, MOT, services, tax and insurance
• SMS Messaging: Send individual or group messages from the system
• Event First Aid App: Record first aid assistance electronically
• Medicine box management: keep track of usage and replenishing
• HR: Manage rotas, absences, holidays, licenses, training.

Benefits

• All information records of a job stored in one place
• Reliable audit trail of all information and documents
• Monthly subscription, no min contract - highly flexible
• Cloud based – no additional hardware required
• UK based 24/7 helpdesk
• Secure systems – ISO27001 certified
• Dedicated resource for onboarding and training

£200 a licence

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jpdekker@apex-networks.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

819412355492795

Contact

Jan Pieter Dekker
0203 195 6757
jpdekker@apex-networks.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Software updates are scheduled 3 to 4 times per year. An update requires minimal downtime and will rarely interfere with operational activities
• System requirements: Optimised for Google Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We try to respond to all tickets within 4 hours. Weekend and out of hours support for emergencies only
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide a single all-inclusive support, which is included as part of the overall software subscription package. We have a dedicated support team to look after all customer queries during working hours (9am - 5.30pm) on weekdays and out of hours and weekend support for emergency cases.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide all new customers with a dedicated onboarding and training resource. This includes the initial set up of users, employees, vehicles and customers. We also provide detailed set up documentation, as well as "how to" videos.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We provide full data extraction via CSV files. We will also provide post termination access to the system at a small fee, to give customers time to extract their data.
• End-of-contract process: Our cancellation term is 30 days. There are no costs involved in termination. We continue to provide access to our customers' data, once the contract has been terminated, for up to 3 months.

Using the service

• Web browser interface: Yes
• Supported browsers: Chrome
• Application to install: Yes
• Compatible operating systems:
  • Android
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We have created dedicated Android apps for mobile users (eg ambulance crew, first aid crew). Online portals for customers and employees are platform agnostic. The main software package is optimised for desktop usage, specifically in the Google Chrome browser, but can be accessed in other browsers and devices.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Software is hosted on Amazon Web Services. ; AWS continuously monitors service usage to deploy infrastructure to support our availability commitments and requirements. AWS maintains a capacity planning model that assesses our infrastructure usage and demands at least monthly. This model supports planning of future demands and includes considerations such as information processing, telecommunications, and audit log storage.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Customers have access to a range of dedicated reports and also have the ability to create their own data extracts. Data will be extracted in the form of CSV files.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We host our PTS software on a best-efforts basis and also provide a public statuspage for users to monitor previous availability metrics
• Approach to resilience: We can provide an overview of how we host and secure our platform within Multiple AWS availability zones and manage offsite backup of customer data.
• Outage reporting: A public dashboard is available for users to subscribe to for notifications.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: User rights access and management is controlled through the implementation of granular RBAC (role based access controls) which are mapped per user to provide the required level of access across the organisation.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 12/09/2022
• What the ISO/IEC 27001 doesn’t cover: A.14.2.7 OUTSOURCED DEVELOPMENT; A.11.1.5 WORKING IN SECURE AREAS
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our ISMS standard operating procedures are managed within our QMS as controlled documents.; ; Internal Policy Approvals are the responsibility of the Senior Management team (CEO and CTO).; ; Our Policy and Procedures documentation includes (but is not limited to):-; * Information Security Policy; * Information Security Incident Management Policy; * Information Security Risk Management Policy; * Operating Procedures for IT Management; * Supplier Management Policy; * Access Control Policy and Procedure; * Communications Security Policy

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The first step is to identify all assets in the ISMS scope; The second step is to define the context of the organisation. This considers internal and external; factors and their impact on the achievement of objectives.; The third step is to identify, classify and list all information and privacy risks using an asset-based or; risk scenario-based approach.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Automated monthly vulnerability scans are performed to ensure that any CVSS rated vulnerabilitys can be triaged in a timely manner.; ; We release new major versions of the software every 3-4 months and provide additional bugfix patches live during that period if required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use an SIEM package to monitor infraatructure and security logging which proactively scans for events/incidents according to our ISO 27001 incident management process
• Incident management type: Supplier-defined controls
• Incident management approach: We have an Incident management policy document that defines our process for servicedesk tickets realting to information security events.; ; Users can request incident reports if required for compliance purposes.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are very focussed on providing a service that ensures a high degree of efficiency for our customers, eg by minimising journey distances or optimising fuel usage.

  Covid-19 recovery

  Our customers are able to amend their user licences, with a 30 day notice period. As such, during the Covid pandemic and lock down, our customers were able to reduce their spend with us, in line with reduced activity for their own services.

  Tackling economic inequality

  We operate our offices from Thanet, Kent, an area that is widely regarded as economically deprived. We offer a highly secure job environment in this area and continuously grow our team.

  Equal opportunity

  We offer employment to people of all backgrounds, including all minorities.

  Wellbeing

  We offer a range of employee perks to our staff, including, but not limited to, a six hour work day, 40 days of holiday and other perks, to ensure the wellbeing of all our staff.

Pricing

• Price: £200 a licence
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: On request a test system can be made available for a period of up to 7 days to assist the buyer in being able to assess the functionality and user experience.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jpdekker@apex-networks.com. Tell them what format you need. It will help if you say what assistive technology you use.