Homeless Link

In-Form

In-Form is a client relationship and property management application built on Salesforce.com. Used by 300+ non-profits and local authorities, In-Form is user-friendly and packed with features to support clients, collaborate with colleagues and measure impact. Our 40+ Salesforce experts help non-profits improve business processes, save staff time and manage services.

Features

• Real-time reporting and dashboards
• Web-based providing mobile access using any browser
• Customisable and scalable to meet changing requirements
• Client, service, safeguarding and housing management information in one system
• Built on the highly secure and GDPR compliant salesforce.com platform
• Wide range of outcomes monitoring tools as standard
• Choice of thousands of third-party applications
• APIs available and seamless integration with other systems eg Office
• Granular client data sharing controls across staff and services
• Task management automation, reminders, alerts and workflows

Benefits

• Access real-time client and service management data
• Gain valuable insights from dynamic reports and dashboards
• Be confident that your data is secure with daily backups
• Adaptable system to meet your organisation's changing needs
• Access outstanding support and consultancy from the In-Form team
• Monitor impact, client outcomes, staff and organisational performance
• Communicate and collaborate securely with colleagues, within the system
• Streamline data collection and business processes
• Get instant notification of safeguarding and other incidents
• Integrate HR, fundraising and other functions on the same platform

£155.00 to £280.00 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cainan.loubon@homelesslink.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

959391658166726

Contact

Cainan Loubon
07949458825
cainan.loubon@homelesslink.org.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: In-Form can be used alongside other CRM functionality on the Salesforce platform eg contact management.
• Cloud deployment model: Private cloud
• Service constraints: An up to date browser is required to use In-Form on pc or laptop. Details of these are provided on help.salesforce.com. The new Salesforce release is installed automatically 3 times a year. During this time there may be a very short (a few minutes) interruption to service. This usually takes place overnight and at weekends.
• System requirements:
  • An up-to-date browser - details provided on help.salesforce.com
  • An up-to-date device - details for mobile app on help.salesforce.com
  • An In-Form licence which includes a Salesforce licence

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Homeless Link provides an In-Form support service from 09:00 to 17:00 on Business Days. Support cases raised during Business Hours receive a response within one Business Day. Homeless Link aims to respond to all subsequent emails concerning a case within two business days.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide one support level for all In-Form Enterprise customers. Support is included in the per user annual licence costs. For In-Form Essential customers support is chargeable @ £112 plus VAT per hour. We would provide a technical account manager or cloud support engineer for large projects. The member of staff assigned to a support case (ie consultant or senior consultant) will depend on the complexity of the case.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: In-Form by Homeless Link offers end-to-end support for organisations using the service. Our team of 40 experts work closely with the organisation to understand requirements, design the system, and work to support users at all levels of IT literacy.; For most customers we recommend at least a 1 day onsite or online end user training.; However our training offering can be customised to the customer's needs - this can include a combination or mixture of on site/online training ie end user training, In-Form Rent, Reporting, System Admin and Train-the-Trainer. We also provide user guides, videos and other online resources to supplement the training. Users can also access Salesforce's extensive online resource - Trailhead.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Option 1 - full data extraction which pulls all data into unformatted excel spreadsheets. This option can be actioned free of charge as it is completely unformatted and will involve intervention on the customer's end to format it in the manner required for a new system.; Option 2 is a targeted and formatted data export. This would involve the customer providing In-Form staff with all of the objects/data areas they would like exported from their system, i.e. clients, risk assessments etc. We will then export the data into excel spreadsheets that only include the fields in use on the customer's page layouts. This option is chargeable.
• End-of-contract process: Included in the price of the contract:; On termination of the contract all licences granted shall immediately terminate and access to In-Form services shall immediately cease. Homeless Link may destroy or otherwise dispose of any of the customer's data in its possession unless Homeless Link receives, no later than ten days after the effective date of the termination, a written request for the delivery to the customer of the then most recent back-up of the customer data. Homeless Link shall use reasonable commercial endeavours to deliver the back-up to the customer within 30 days of its receipt of such a written request, provided that the customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Access is provided through the Salesforce mobile application.; To use the app devices must be running Android 10.0 or later, or iOS 16.0 or later.; More detail on requirements for the mobile app can be found here:; https://help.salesforce.com/articleView?id=salesforce_app_requirements.htm&type=5
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Fully functional web pages and mobile application.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: All testing has been completed by the platform vendor Salesforce.com. They write:; ; Salesforce is committed to providing applications accessible to all. This includes users working with assistive technology, such as speech recognition software and screen readers. Salesforce follows international best practices in Section 508 of the Web Content Accessibility Guidelines (WCAG) 2.0 Level AA to the extent possible.; ; A third party has assessed and documented the accessibility status of Salesforce core products in the VPAT documents published here: https://www.salesforce.com/company/legal/508_accessibility.jsp; ; In addition, Salesforce includes an alternate user interface mode that lets users with assistive devices, such as speech recognition software and screen readers, work with Salesforce more effectively with detail here https://help.salesforce.com/articleView?id=accessibility_mode_enabled.htm&type=0
• API: Yes
• What users can and can't do using the API: The core set of APIs includes:; REST API; SOAP API; Tooling API; Chatter REST API; Bulk API; Metadata API; Streaming API; Apex REST API; Apex SOAP API; Data.com API; The following URL contains additional information:; https://developer.salesforce.com/developer-centers/integration-apis
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Point-and-click configuration: the Salesforce platform force.com, upon which In-Form is built, makes it easy to modify the functionality of In-Form to meet your unique requirements. Working with the metadata framework and a series of simple point-and-click wizards, you can design custom user interfaces and modify the structure of the data model and the application’s business logic. Configuration enables organisations to modify objects, fields, validation rules, workflow, security settings, formulas, and much more without the need for code.; ; Customise with code: although point-and-click configuration with the Salesforce platform is the fastest and easiest way to customise, some functionality is beyond the constraints of a metadata framework. For such cases, developers can create needed functionality in open-ended development environments, using toolkits for most of the common programming languages, or Apex.; ; Customers who wish to customise their In-Form system can do so but only after one of their staff has completed our System Admin training, or have achieved the appropriate Salesforce Administrator certifications.

Scaling

• Independence of resources: Scaling is handled by the Salesforce force.com platform.; ; "The current daily transaction average for our platform is regularly 3 billion, consistently at sub 200ms response time within the Salesforce environment. Within each logical system, we use load balancers to distribute load among multiple web and application servers for additional scalability and redundancy. The multitenant application design, combined with the fastest servers and high-performance networking infrastructure available, guarantees fast performance."

Analytics

• Service usage metrics: Yes
• Metrics types: Specific adoption, usage, and volumetric measures.; User metrics; Application usage
• Reporting types:
  • API access
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Salesforce.com

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Sensitive information or data examples being; HR data, Project data containing personally identifiable data and confidential organization data; must not be kept on unencrypted portable devices, laptops or desktop computers. Storage of Sensitive data on cloud based services must have the sign off a Senior Manager (typically the Director with Data Protection portfolio).
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The export of data is a function of the reporting feature.; Reports can be either be:; - exported in a way that maintains formatting into an .xlsx file; or; - exported with only data to an .xlsx or .csv file
• Data export formats:
  • CSV
  • Other
• Other data export formats: XLSX
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service availability ‘fix’ times shall be within one Business Day of the incident being identified. ‘Fixes’ shall be defined as work carried out by Homeless Link to resolve any service availability issues that relate to the In-Form application and are within their control. This may include programming, upgrading, rebuilding and restoring the In- Form application. ‘Fixes’ do not include issues which are the responsibility of SFDC and which will be notified by SFDC on their website: https://trust.salesforce.com/en/ Please note that the time taken for some fixes may be dependent on support from another party, eg SFDC. This may impact Homeless Link response times as Homeless Link does not have control over the support response times of the other party.; ; "Salesforce uses commercially reasonable efforts to make its on-demand services available to its customers 24/7, except for (minimal) planned downtime, for which Salesforce gives customers prior notice, and force majeure events. Historically this has meant a 99.9% availability. Live and historical statistics on Salesforce system performance are publicly published at: https://trust.salesforce.com/en/#systemStatus"
• Approach to resilience: Resilience is managed by the force.com platform.; ; "To maximise availability, the service is delivered using a world-class data centre infrastructure consisting of a primary production data centre, a full capacity secondary data centre for hosting the service provided to customers. The infrastructure utilises carrier-class components designed to support millions of users. Extensive use of high availability servers and network technologies, and a carrier-neutral network strategy help to minimise the risk of single points of failure, and provide a highly resilient environment with maximum uptime and performance."
• Outage reporting: Outages are managed and reported by the force.com platform.; ; "Outages are publicised on a public portal and via email alerts. Escalation policies are established and maintained as Salesforce's goal is to rapidly restore service. In the event of an extended outage, periodic updates are provided in near real time to customers via the trust.salesforce.com dashboard site and in addition, service notifications are provided to nominated contacts via various channels such as email. Update frequency for notifications is dependent on the customer support service plan."

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Multi Factor Authentication is standard for all In-Form systems. Customers can request the implementation of different authentication security models.
• Access restrictions in management interfaces and support channels: Management access for service support and delivery is available to our technical team only through restricted SSO in a centralised management platform.; ; Additionally access to the management interface for the customer to configure their salesforce environment, is available upon request for named users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 14/02/2024
• What the ISO/IEC 27001 doesn’t cover: The only ISO27001 control not included in Salesforce's Statement of Applicability is A.14.2.7 - Outsourced Development. This is not covered as Salesforce does not perform outsourced system development.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 22/03/2024
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: The available CSA STAR self-assessment covers all points in the latest CCM; version 4.0.2.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: National Cyber Security Centre Cyber Essentials
• Information security policies and processes: Security policies and processes:; -Data Protection Policy; -Global Privacy Policy; -Data Breach Response Procedure; -ICT Usage Policy; -Information Security Policy; ; The Board of Trustees recognises its overall responsibility for ensuring that Homeless Link complies with its legal obligations. The lead for data protection issues is currently the Deputy CEO. Each team or department where personal data is handled is responsible for drawing up its own operational procedures including induction and training to ensure that policies are adhered to when handling personal data in the course of their projects. All staff, temporary staff, trainers, consultants and volunteers are required to read, understand and accept any policies and procedures that relate to the personal data they may handle in the course of their work. Significant breaches will be handled under Homeless Link's disciplinary procedures.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change requests are gathered from a range of sources. These are fully scoped and put to a change management committee and stakeholders; approved where applicable and developed following an agile methodology allowing for continuous improvement and change based on feedback.; In order to prevent any potential security impact, all changes must ensure that In-Form remains entirely contained within the Salesforce platform. This ensures that all security implications are handled by Salesforce.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability management is handled by the force.com platform.; ; "Salesforce has various vulnerability management processes in place around internal scanning, external scanning & vendor patch release management. Technical operations and security personnel monitor vulnerability alerts and patch release notifications from vendors and other sources. There are associated evaluation and deployment processes in place. Salesforce also regularly performs self-vulnerability assessments using various tools and techniques, such as Qualys. In addition, Salesforce uses external service providers to perform an application vulnerability assessment after each major release and network vulnerability assessments quarterly. There is also an on-going external application scanning service used. https://trust.salesforce.com/en/security/responsible-disclosure-policy/"
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring is handled by the force.com platform.; ; "Salesforce's Computer Security Incident Response Team uses a security event logging and management system to manage the alerts and logs generated by devices on our network and provide protective monitoring. The system consists of a central database, management server, and distributed agents. The distributed agents receive events from network devices and systems on the network, then compress, encrypt, and transmit the data to the management server and database for processing. Correlated events are configured to generate alerts and logs which are monitored on a 24/7 basis."
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management is handled by the force.com platform.; ; "Salesforce has a formal Incident Management Process that guides the team in investigation, management, communication, and resolution activities.; ; Salesforce will promptly notify the customer in the event of any security breach of the Service resulting in an actual or reasonably suspected unauthorized disclosure of Customer Data. Notification may include phone contact by Salesforce support, email to customer's administrator and Security Contact and posting on trust.salesforce.com.; ; Salesforce.com is a member of the prestigious Forum of Incident Response and Security Teams (FIRST) and complies with the FIRST framework and best practices for incident response."

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Homeless Link is the national membership body for homeless and housing organisations in England. Our vision is a country free from homelessness. We believe that everyone should have a place to call ; home and the support they need to keep it. Our mission is to develop, inspire, support and sustain a movement of organisations working together to achieve positive futures for people who are homeless or vulnerably housed.

Pricing

• Price: £155.00 to £280.00 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial In-Form system with all features and sample data included is available for 30 days.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cainan.loubon@homelesslink.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.