AireFlow - Workflow Engine
AireFlow is a low-code workflow engine, allowing automation of business processes and activities that involve human intervention. Designed around a choreography approach, where events trigger tasks to be performed as opposed to a traditional orchestrated approach allows for management of complex, sprawling processes and pathways which reflect reality of healthcare.
Features
- Highly configurable
- Event driven
- Choreography based approach
- Extensible task types
- Versionable workflows
- Integrated with other systems through AireGlu hooks
- Flexible public API
- Embeddable task management UI
- Many integration options for embedding into other systems
Benefits
- Coordinate team activities
- Flexibly define new business processes
- Create visibility of process stages and pathway progress
- Manage multiple workflows without tight coupling to external processes
- Reduce risk of human error or accidental breakdown of process
- Integrate into other systems for additional dimension of functionality
Pricing
£2,500 a licence a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
9 3 2 1 6 4 1 3 5 7 7 8 4 0 0
Contact
Aire Logic Limited
Mike Odling-Smee
Telephone: +44 (0)7946 51274
Email: procurement@airelogic.com
Service scope
- Software add-on or extension
- Yes
- What software services is the service an extension to
- AireGlu supports the integration and interoperabiltiy of any number of systems that need to share data, empowering connectivity and information sharing
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- There are no constraints in running the service
- System requirements
-
- Browser-based and is accessible using any modern browser
- No browser extensions are required.
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
-
Support is banded into service level agreements. Some services can choose to have little support and some stronger support. The level of support selected by the customer determines whether it is free or chargeable.
Our response times are within 2 hours for urgent requirements, to 3-4 days for low priority requirements depending on the service level the customer has selected.
We do provide weekend support, but this does fall into one of the chargeable models - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Bronze - email support
Silver - email + phone
Gold - email + phone (24x7) - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We deliver initial workshops to support business analysis of the endpoints and interoperability needs the organisation has. We deploy and train users on the tool and can provide further on-site and online training as required.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- Database export
- End-of-contract process
- Contract dependant
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- Authorised users can self-administer the configuration settings for their organisation and their local integration needs
- Accessibility standards
- WCAG 2.1 A
- Accessibility testing
- We have used both online and offline accessibility testing tools and have installed local accessibility tools on developer workstations.
- API
- Yes
- What users can and can't do using the API
-
There are a number of APIs across our platform, which allow you to programatically access functionality within each service. The APIs are secure by design, and follow RESTful principles. There are also GraphQL APIs which allow you to fetch discrete data points using selective querying.
APIs can be used to access available forms, query data collected through forms, retrieve lists of workflow tasks and create new patient records. It is not possible to delete patient data through the APIs, you are able to withdraw information, but it cannot be permanently delete for audit purposes.
APIs documentation is made available dynamically through OpenAPI specifications, and product specific documentation sites. These sources detail the extensive capabilities of individual API methods, and their respective interfaces. - API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Users can define output data using JSONPath, XPath, XSLT and custom Javascript functions. In addition users can create any endpoint to facilitate HTTP requests, use messaging, or send email/SMS and store endpoint definition in custom storage
Scaling
- Independence of resources
- Segregated resources (docker containers)
Analytics
- Service usage metrics
- Yes
- Metrics types
- Aire Logic are happy to provide service usage metrics that are agreed at the start of the contract
- Reporting types
-
- API access
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Database extract
- Data export formats
- Other
- Other data export formats
-
- JSON via API
- GraphQL via API
- Data import formats
- Other
- Other data import formats
- JSON via API
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.5
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- Role Base Access Controls
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI Assurance UK
- ISO/IEC 27001 accreditation date
- 09/10/2020
- What the ISO/IEC 27001 doesn’t cover
- Outsourced Development - No development is outsourced, it is all done inhouse.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- Data Protection and Security Toolkit (NHS Digital)
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- We are Data Protection and Security accredited with NHS Digital and Cyber Essential approved.
- Information security policies and processes
-
We follow the requirements of the Data Protection and Security Toolkit and Cyber Essentials. We are undertaking ISO 27001
We have a Clinical Safety Officer to ensure Clinical safety in the deployment of the application in healthcare settings
All staff are required to attend an information security (and GDPR) session and read our information security guidelines.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All build and configuration assets are version controlled (using git). All changes are peer reviewed by at least two others before being merged into the codebase (or configuration).
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We do in-house penetration testing. Any known vulnerabilities should be patched within 24 hours.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Pro-active log monitoring
- Incident management type
- Undisclosed
- Incident management approach
- User's can email or phone with incidents. We use an incident management tool (Zendesk) that has built-in reporting.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Health and Social Care Network (HSCN)
Social Value
- Fighting climate change
-
Fighting climate change
Aire Logic Limited is committed to achieving Net Zero emissions by 2030. You can read our full Carbon Reduction Plan here: https://www.airelogic.com/legal/carbon-reduction-plan - Covid-19 recovery
-
Covid-19 recovery
During the COVID-19 pandemic and recovery phase, Aire Logic offered its services for free to any organisations that needed help managing COVID-19 or support with the recovery phase. For example we worked with The Bradford Institute for Health Research, utilising their community links, we looked at how we could more closely monitor the spread of COVID-19 in vulnerable ethnic minority communities. This resulted in a re-useable and tailorable COVID-19 symptom monitor (C-Track) - Tackling economic inequality
-
Tackling economic inequality
Aire Logic work with different charities to help underrepresented groups develop a career in digital technology. Part of our strategy is to reach out to younger generations to show development paths for careers in digital technology. - Equal opportunity
-
Equal opportunity
Aire Logic is committed to challenging discrimination and promoting inclusivity. We embrace the Equality Act 2010 and all the protected characteristics listed within. In addition, we also support social mobility and gender diversity. We provide a working environment that is a safe space where every person is treated fairly and with respect. - Wellbeing
-
Wellbeing
Aire Logic became a member of the Good Business Charter in 2020 and has achieved all of the criteria including a commitment to fairer working hours and contracts, by encouraging part time working and initiatives such as “wellbeing days” where our employees can book time off, to concentrate on their physical and mental wellbeing, or that of a family member, we aim to make a career in technology accessible to everyone. Equally, we’re committed to paying fair tax, which in turn facilitates central and localised investment in community led initiatives, putting people in control of their own destinies and the future of their community.
Pricing
- Price
- £2,500 a licence a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Free of charge Proof of Concepts are available for a limited time period - please contact us to discuss your requirements.