PORTALS UK - Sangix Appointments

Sangix Appointments

Sangix Appointments: Secure platform for healthcare & other sectors. Supports 100% walk-in, pre-booked, or mixed clinics. Book via online portal or automated phone system. Includes calendar templates & reports. Supports Single Sign-On (SSO) and integrates with PAS.

Features

• Book, view, cancel appointments on-line and by automated phone line
• Reduce patient waiting time and eliminate staff overtime
• One click reporting, ie. GP and CCG rebilling
• Secure and stable cloud technology
• Integrates with existing systems
• Manage and update Calendar Templates
• Patient web Portal for patients to manage their appointments
• Support prebooked appointments, walk-in and a mix of both
• Efficient queue management
• Call-in Screens and Self Check-in Kiosks

Benefits

• Eliminate need for reception and staff dedicated to booking appointments
• Remove hygienic risks related to paper-based systems
• Prevents crowded waiting areas
• New features get release every quarter responding to customer feedback
• Supports Single-Sing-On (SSO) - log in using existing Trust username
• Patients can book online from their phone or PC
• Patient web portal: patients can manage their appointments and data
• Support for family accounts

£4,900 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jiri.blazek@sangix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

842231466659676

Contact

Jiri Blazek
07531234264
jiri.blazek@sangix.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: N/A
• System requirements:
  • Requires stable internet connection to Google Cloud
  • Requires a modern internet browser updated to latest version
  • Users need a PC or tablet with internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response time is 2 working days.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide working days and business hours support.; On-site or MS Teams support on Go Live day is free.; Ongoing support via email or service desk tickets is included in the annual subscription.; Subsequent On-site support is £ 800/day.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Prior to Go Live - Online Training & User documentation; Go Live- On-site (or online) hands-on training during the first day of operation.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The data are extracted from the database by vendor and provided to the client in a computer readable format.; Patients can add, update or remove their personal and appointment data from the web portal. They can also remove their account from the web portal.
• End-of-contract process: Sangix Appointments is provided as an annual subscription. When the subscription expires, all data are extracted and provided to the client free of cost upon request.; ; Call-in screen software is included in the subscription.; Call-in screen hardware is NOT included in the subscription.; Self Check-in software is NOT included in the subscription.; Self Check-in kiosk hardware is NOT included in the subscription.; Single Sing-On is NOT included in the subscription.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Patients web portal is optimized for for both mobile and desktop.; ; Staff interface is optimized for desktop and tablet.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Our platform includes an API interface to connect to other systems.
• Accessibility standards: None or don’t know
• Description of accessibility: Our service is accessible via internet.
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: Users can view, book or cancel appointments.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The solution can be fully customized with preferences section of the staff portal. There are over 60 configuration options. Clients can customize their email templates, calendar templates, opening hours and days, allow patients to self check-in using their mobile phone, enable pre booking screening questions, configure the Call-in screen and check-in kiosk, manage minimum and maximum age of patients and many more.

Scaling

• Independence of resources: GCP offers auto-scaling features that allow your application to automatically adjust resources such as compute instances, storage, and networking to accommodate fluctuations in user demand. ; Load balancing mechanisms are implemented on GCP to distribute incoming traffic across multiple instances of your application, ensuring optimal performance and availability for users. GCP's infrastructure provides resource isolation to prevent the performance of one user's workload from impacting others. GCP's virtualized environment ensures that each user's workload runs in isolation from others, minimizing the risk of resource contention. We leverage GCP's monitoring and analytics tools to monitor the performance of Sangix Appointments.

Analytics

• Service usage metrics: Yes
• Metrics types: Staff users can use a range of configurable reports.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Staff can use a range of configurable reports, that will export data to Excel.
• Data export formats: Other
• Other data export formats: Excel
• Data import formats: Other
• Other data import formats: Uses fill in their data using an electronic form.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide a 99.5% availability per year.
• Approach to resilience: Our service running on Google Cloud Platform (GCP) is designed to be resilient through scalable architecture, redundant components, fault-tolerant design, automated monitoring, and healing mechanisms. We prioritize data protection with robust backup strategies.
• Outage reporting: Email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: Patients can use Username and password OR login via Google Auth. service. ; Staff can use Username and password OR SSO with Trust Authentication provider.
• Access restrictions in management interfaces and support channels: Staff users have different user roles that grant them access only to data and pages they need to see.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: All user accounts are governed by same security principles. A user account with a user access role.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 5/6/2024
• What the ISO/IEC 27001 doesn’t cover: The following is the scope of our ISO/IEC 27001:2022 certification: The provision of software services encompassing booking and queueing systems for healthcare providers, retail and other sectors globally.; ; Anything not in the scope is not covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow the ISO 27001:2022 Information Security Policy and the following sub-policies:; Acceptable Use of Assets Policy; Access Control Policy; Backup Policy; Clear Desk and Clear Screen Policy; Communication Policy; Cryptographic Controls Policy; Information Classification, Labelling and Handling Policy; Mobile Devices Policy; Physical and Environmental Security Policy; Protection from Malware Policy; Protection of Personal Information Policy; Suppliers Policy; Remote Working Policy; Use of Intellectual Property Policy; Use of Software Policy; Microsoft 365 Acceptable Use Policy; Threat Intelligence Policy; Configuration Management Policy; Operational Controls Policy; Policy Review

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our configuration and change management processes involve meticulously tracking the lifecycle of our software solution and evaluating changes for potential security implications. We maintain detailed records to monitor the evolution of each software version, ensuring transparency and accountability. Prior to release of a new version, all changes undergo rigorous testing and security assessments to safeguard against potential vulnerabilities and maintain the integrity of our systems.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management process involves continuous assessment of potential threats to our services. We promptly deploy patches to address identified vulnerabilities, prioritizing the security of our systems. We stay informed about potential threats through a variety of sources, including security advisories, threat intelligence feeds, and industry best practices.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our protective monitoring processes involve vigilant identification of potential compromises through continuous monitoring of system activities. In the event of a potential compromise, we promptly respond by investigating the incident, containing the threat, and initiating appropriate remedial actions. Our goal is to swiftly address incidents, minimizing their impact, and ensuring the security and integrity of our systems.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management processes encompass pre-defined procedures for common events, ensuring a structured and efficient response to incidents. Users can report incidents to our service desk via an email or electronic form, allowing for timely escalation and resolution. Following incident resolution, we provide comprehensive incident reports to stakeholders, fostering transparency and continuous improvement in our security practices.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Wellbeing

  Covid-19 recovery

  Given the ongoing impact of the pandemic on healthcare delivery, solutions that facilitate safe and efficient patient management are crucial for supporting Covid-19 recovery efforts. Appointment booking software that enables remote access to healthcare services and prevents crowded waiting areas helps healthcare facilities adapt to new protocols can play a significant role in this regard.

  Wellbeing

  Access to timely healthcare services is fundamental to maintaining and improving individual wellbeing. By streamlining the appointment booking process and reducing wait times, the software enhances patient access to care, leading to better health outcomes and overall wellbeing for the community.

Pricing

• Price: £4,900 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jiri.blazek@sangix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.