SARD JV

Medical Job Planning

SARD Medical Job Planning is a simple to use calendar-based system designed to ensure rapid data entry, accurate job plans and data ready for capacity planning and rostering in the NHS. Built to reflect the reality of medical work and to capture all schedules, however complex. Custom sign-off and reporting

Features

• Rapid, straightforward data entry for all types of activity
• A true iCal calendar system to allow full, detailed reporting
• Instant automatic calculations of all hours and PAs
• Secure 24/7/365 web access from anywhere
• Custom activity types, categories, locations
• Custom mandatory sign-offs to meet organisational needs
• Instant heat-map overview of full job plan
• Import from existing calendars

Benefits

• Simple, intuitive design promotes user engagement
• Major administrative savings over existing data capture methods
• Access all job planning information via a single powerful interface
• Accurately and completely reflect users’ working schedules
• System access from multiple devices
• Provides accurate information for capacity planning and rostering
• Designed in collaboration with major NHS trusts
• Easily handle the most complex job plans
• Flexible to the unique requirements of each organisation

£20 to £49 a user a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris@sardjv.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

911395144281510

Contact

Chris Giles
07840 454821
chris@sardjv.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Medical revalidation is part of our wider workforce management platform. It connects to job planning, leave management, rostering, mult-source feedback and ESR.
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • Internet connection
  • Modern web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Less than 10 seconds when initiated via our chat support system. Within 24 hours (typically less) when outside core chat support hours. Full details of response times are within our SLA.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Our chat support software supplier ensures WCAG 2.1 AA; https://help.snapengage.com/ada-web-accessibility-for-visitor-chat/
• Onsite support: Onsite support
• Support levels: All clients are provided with an account manager who will liaise with you to answer queries and feature requests. These are then processed as part of our technical triage process.; ; Chat support are able to escalate queries to the on-call software engineer if appropriate.; ; There are no additional costs for our support services.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite and online training to system administrators. We provide chat support to system administrators and we have an account manager that will guide new users through the implementation plan.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • Other
• Other documentation formats:
  • Video guides
  • Webinar recordings
• End-of-contract data extraction: We are able to extract the data as a series of zip files or database backups. We can also provide access to the API for offboarding.
• End-of-contract process: There are no additional costs for offboarding.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are no differences between our mobile and desktop services. The majority of the system is easier to use on a desktop device due to the nature of the service.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: All of our systems have a freely accessible RESTful API built on Swagger Open API specification standards.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: The UI for the service interface has been tested against WCAG 2.1 AA
• API: Yes
• What users can and can't do using the API: The API mirrors the same abilities that a user has an ordinary web user e.g. a manager is able to manage appraisals, and a doctor can upload evidence against their portfolio etc. A system administrator can generate an API token. There are no limitations on how users can set up or makes changes through the API.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The portfolio can be customised.; Most of the application is customisable to some extent. For example, the administrator can change appraisal reminders to match the local policy.

Scaling

• Independence of resources: The system is load balanced over multiple web servers that have significant redundancy and contingency built in.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide ticketing, support and service information for all our end users. There are compliance reports that will show user system engagemnt.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: They can export data in multiple formats: zip files, CSV, JSON exports or migration when they're moving to another client.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • Zip files
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • MAG PDF forms
  • Export formats from other systems

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our service level agreement has an uptime of 99.9%. Please refer to the Service Level Agreement for more detail.
• Approach to resilience: The system consists of multiple application and database servers behind a load balancer. This ensures zero downtime deployments and downtime is not expected within a year, even for maintenance with the exception of large scale database upgrades. These typically take less than an hour.; Further information is available upon request.
• Outage reporting: There's an email notification, announcements on Twitter and our website in the event of an unexpected outage. We have service monitoring software that constantly monitors the health of our services.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Full details are available in our ISMS - available on request
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 02/03/2022
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have a full Information Security Management System accredited to ISO27001 that lists all of our policies. The full ISMS is available upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management is included as part of our full ISMS accredited to the ISO27001 standard. All system changes must be authorised by the CTO who must first assess justification for business and potential negative security impacts. Changes must be deployed and tested according to change control and secure development procedures and are tracked on technical project manager software. We operate an agile environment of continual monitoring.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Full details are available in our ISMS - available on request
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Full details are available in our ISMS - available on request
• Incident management type: Supplier-defined controls
• Incident management approach: Full details are available in our ISMS - available on request

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  Throughout the Covid 19 pandemic, our flexible approach ensured that all our staff were able to transition smoothly to remote working with a budget provided for home-working equipment and display screen assessments. This minimal business impact meant we did not have to furlough any staff and in fact were able to take on new employees during the pandemic. We have maintained a hybrid working system which gives employees the flexibility to continue working between home and office, thus maintaining work/life balance, reducing travel, and allowing extra time in the day for physical and mental wellbeing. It is important to us that remote workers don't feel left out, and through daily team scrum check-ins and regular team activities we prioritise mental health through maintaining connection. For those who wish to return to the office, the environment remains set up to enable social distancing and increased ventilation. Because all SARD software can be accessed from anywhere and any device, it also supports our users in working remotely where possible.
• Tackling economic inequality:

  Tackling economic inequality

  SARD are founding members of the Public Money Public Code (PMPC) Community Interest Company. PMPC is a community dedicated to improving software systems in the NHS through greater collaboration and the use of open-source development. The benefits of establishing an open-source workforce platform for the NHS include eradication of monopoly domination, vendor lock-in, and associated price inflation; greater accountability for the spend of public money; creation of an environment that cultivates innovation; lower barriers to entry into the workforce software market for SMEs; and promulgation of individual NHS Trust successes across the wider community, all of which support the tackling of economic equality through the creation of new businesses, new jobs and increased supply chain resilience.
• Wellbeing:

  Wellbeing

  SARD clients are also our design partners, with whom we develop products to precisely meet their needs. All SARD products have been developed in collaboration with partner NHS trusts and we are committed to maintaining this design model going forward. We believe that great technology can only excel where there are dedicated, collaborative human relationships in play and users have a strong voice. We actively seek to establish a community where this kind of partnership working can flourish. All clients are invited to attend annual user events to provide feedback and share best practice with other members of the SARD user community and we hold ad hoc social events to further strengthen these collaborative relationships. Our online chat system provides a way for all users to contact us directly on a daily basis and provide immediate feedback on our software and services, further strengthening the excellent working relationships we hold with our clients.

Pricing

• Price: £20 to £49 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris@sardjv.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.