Plentific

Plentific Resident Portal (formerly Active Housing portal)

The Plentific Resident Portal (formerly Active Housing portal) is a social housing focused self-service customer portal brimming with features and integration options, designed to help residents manage vital aspects of their tenancy. Built on one of the world’s most powerful CMS, Resident Portal offers landlords a secure and flexible solution.

Features

• Self-registration & Login including MFA
• Pre-tenancy including applications and digital agreement signatures
• Alerts, messaging, notifications and reminders
• Repairs reporting, planned maintenance and appointment management
• Balance, charge breakdown, statements, direct debits and payments
• Personal, contact and household information (inc cyclical update reminders)
• Documents directory
• Two way messaging and case management
• Optional Native App (iOS & Android)
• Much, much more

Benefits

• 24/7 service / reduce inbound enquiries
• Powerful CMS for content editing and creation
• Existing integration with commonly used HMS, CRM and Scheduling systems
• Reporting suite
• User administration
• High availability infrastructure
• Customisations available
• Published roadmap
• Established user group
• Client forum

£15,500.00 to £53,285.00 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maxim.decauwer@plentific.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

915942145461956

Contact

Maxim De Cauwer
+44 330 808 2049
maxim.decauwer@plentific.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Scheduled maintenance may require minimal downtime. Any downtime due to planned maintenance will be communicated with the client in advance and performed out of hours.
• System requirements:
  • Users must have a Internet access to access our service
  • Users must use a supported browser to access our service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support requests are responded to within two working hours on working days (dependent on SLA terms)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Live chat software embedded on the company's website, customers can send their questions to a person who can quickly reply to them in the same small window.
• Web chat accessibility testing: Na
• Onsite support: Yes, at extra cost
• Support levels: Default support includes: Direct access to project manager and / or account manager, Assistance with content Product and CMS training, Support helpdesk, Support response SLA, Performance reports Additional support may include: Faster support response SLA, Content writing, System reviews, Out-of-hours support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The standard 'Getting Started' process includes: kick off meeting Data capture exercise and analysis Integration prototyping / feasibility tests Requirements gathering and discovery (key stakeholder engagement) PRL and user story creation Deliverables playback & workshops Remote technical / integration meeting Design and UX sessions Regular sprint releases including playbacks Admin training User testing Access to documentation
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: Where requested we can supply buyers with an export of system data.
• End-of-contract process: At the end of the contract the buyer will be given the opportunity to renew the support of the product for subsequent years (at additional cost).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The system was designed from a mobile-first perspective, using responsive design techniques to ensure that the interfaces and workflows are consistent across a wide range of devices including smartphones, tablets and laptops / desktops. In addition, an optional native mobile app module is available.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The user interface is intentionally simple yet powerful. It has been designed and refined alongside genuine housing association customers and, as a result, has been considered “easy to use” by over 90% of customers. The design is responsive in order to maintain consistency across smartphone, tablet and desktop devices and mobile-first to ensure ease of interaction.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Internal testing has been carried out using tools including screen readers and contrast plugins
• API: Yes
• What users can and can't do using the API: Developed with third-party system integration as a vital priority, Active Portal can be easily integrated with the vast majority of commonly used housing management systems (HMS), customer relationship management (CRM) systems, electronic document management systems (EDMS), and payment and scheduling systems.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The following are examples of customisation options: Branding - logo, colour scheme, icons, etc, Content, forms and scripts (self administration), Settings and business rules (self administration), Features and functionality available to users User types and user rules Custom integration with third party customer portals, Housing Management Systems, Scheduling Systems, CRM Systems and more New features via the suppliers roadmap, Bespoke customisations by supplier.

Scaling

• Independence of resources: Customers have independent infrastructures in AWS, ensuring that system load is unaffected by other clients.

Analytics

• Service usage metrics: Yes
• Metrics types: The Plentific Portal has reporting as standard, covering: - Usage (sessions, time, device, etc) - User searches including most common search terms - Reported repairs - User feedback - Google Analytics can also be set up.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Key data, such as reporting information, can be exported in CSV format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLAs can be included for 99.5% uptime (subject to contract) with refunds on a sliding scale in the form of licence fee credits
• Approach to resilience: The infrastructure is designed to be highly available and resilient by utilising either redundant servers in different data centers which are geographically isolated from each other or by using SaaS solutions which already meet this criteria. If one server was to fail, or a data center went offline, our solution would continue to function from the remaining server or data center.
• Outage reporting: A monitoring system sends email and notification system alerts to our team when systems are unavailable or where certain conditions are not met.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Back office users are authenticated using a username and password, or Azure Active Directory SSO. Frontend users, are authenticated using a username and password, and optionally MFA (user opt in or client controlled).
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: Initial certification: 14/02/2022, Latest issue: 26/02/2024
• What the ISO/IEC 27001 doesn’t cover: USA Region / Company
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: We use an ISMS which is ceritified to ISO27001 and has been recently audited by an external party. In line with the ISO27001 standard, our reporting structure includes reponsibilities for all staff, includes measurements and metrics and the use of incident log and risk registers, which are reviewed on regular bases. Staff are required to review our policies at least annually, audited via our LMS system and recorded in our HR system.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our internal change management processes are overseen by our quality manager with changes which have the potential to impact security being reviewed by our infrastructure and security team.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: On a weekly basis, a member of the security and infrastructure team will review security notices posted by the operating system vendor and evaluate the urgency to apply their patches. If a patch is deemed critical, it will typically be applied within a few hours. If it isn't critical, it will be applied within 1 month on our routine patch day. If a vulnerability or breach is reported to us, we will follow our standard Security Incident Response procedures.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are identified using automated monitoring tools from AWS and other vendors. We also run regular inspections of our systems using both automated inspection tools and manual log analysis. An internal incident response processes is followed when potential incidents are detected which includes assessing the potential damage, mitigating further issues and reporting any relevant findings. Response processes are followed as soon as potential incidents are detected.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident response processes includes assessing the potential damage, mitigating further issues and reporting any relevant findings. Incidents and potential incidents which have not been detected by our monitoring systems can be reported via our support channels. Reports are provided to any affected customers as part of our incident process in the form of a completed incident report document.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  The Plentific Portal has enabled housing providers around the UK to overcome repairs backlogs that built up during the pandemic.; ; The Plentific Portal has enabled housing providers around the UK to reduce the number of inbound calls.

Pricing

• Price: £15,500.00 to £53,285.00 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at maxim.decauwer@plentific.com. Tell them what format you need. It will help if you say what assistive technology you use.