Synertec Ltd

Synertec NHS Hybrid Mail Services

100+ NHS trusts use Prism to deliver a complete patient-centric communication solution, eliminating the systemic and operational barriers to providing consistent and effective communication. Prism ensures patient communication needs are met throughout the care pathway, with the flexibility to handle varied clinical requirements. All with virtually no trust resource.

Features

  • Integration-free letter control from any PAS or print file
  • Intelligent content extraction to replicate operational processes
  • Live HL7 letter integration with digital letter and PHR solutions
  • Secure multi-site, same day print and post service
  • Secure automated electronic letter delivery
  • Automated reminders via SMS and email from letter extraction
  • Online 2-way patient engagement for FFT and appointment management
  • Free consistent and automated Accessible Information Standard formats
  • User application for recording patient needs and tracking communication
  • Online secure patient chat functionality

Benefits

  • Trust-wide consistent communication meeting patient needs every time
  • High quality effective communication and greater patient engagement
  • Reduced DNA rates and improved clinic utilisation
  • Significant direct cost savings and immediate ROI
  • Efficiency gains from process automation, digital and online patient engagement
  • Simple, secure and consistent electronic delivery options for patients
  • Simple and fast implementation with minimal trust resource required
  • Reduced risk, from a proven and secure solution
  • Full Accessible Information Standard compliance to 'exemplar' levels
  • Simple managed Transfer of Care and care record interoperability

Pricing

£0.05 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at corporate-support@synertec.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 3 2 8 5 8 6 4 2 1 4 4 8 9 6

Contact

Synertec Ltd Corporate Support
Telephone: 01823 652360
Email: corporate-support@synertec.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
No constraints
System requirements
Buyers need no software licenses for our services

User support

Email or online ticketing support
Email or online ticketing
Support response times
1 working day
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
Synertec provides Helpdesk and Customer Support services from 08:30 - 17:30 on UK business days (Monday to Friday excluding bank holidays).
Synertec’s Prism software, installed at the customer site, is constantly monitoring numerous operational parameters and will send auto-logging support notifications in the event of an anomaly being detected.
Each customer has a dedicated office based Customer Support Adviser with whom they can log requirements and fault calls, and raise any service queries. This is a single point of liaison - your Customer Support contact will deal with all technical support teams and advise of updates/resolutions to streamline communications. Customers also have a field based Account Manager responsible for the overall customer relationship, contract monitoring and performance and commercial review. They can also deliver onsite support and training for users.
All support costs are included in the software rental charges; there are no additional costs regardless of type or scale of changes.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our project and Implementation teams provide remote training during initial set up and go live, Account Management provide onsite training at onboarding and throughout the service contract.
User documentation and support manuals are also available via our desktop user application.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Data is not stored for users to extract
End-of-contract process
30 days notice is required to terminate the contract. Transactional costs will be invoiced (as during contract period) for any usage following the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
No functional differences. Service adapts automatically to mobile/desktop use.
Service interface
Yes
Description of service interface
Simple web-based interface specifically focused at users being able to perform a single task.
Accessibility standards
None or don’t know
Description of accessibility
Service supports & tested with accessibility features of their mobile device, e.g. large text.
Accessibility testing
No testing by users, but testing performed with accessibility features of supported mobile devices, e.g. large text, high contrast.
API
No
Customisation available
Yes
Description of customisation
Buyers have flexibility to customise the service, e.g. what questions/options are presented to the user for surveys (e.g. Friends & Family test).

Scaling

Independence of resources
Independence of resources Service incorporates extensible load balancing. DoS prevention measures are built-in to the service.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
N/A Users do not store their data within our service.
Data export formats
Other
Other data export formats
N/A users do not store their data within our service
Data import formats
Other
Other data import formats
N/A users do not store data within our service

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • Other
Other protection between networks
In addition to utilising HSCN/PSN, all traffic is encrypted, e.g. using HTTPS (TLS 1.2) or SFTP (AES-256-bit).
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
All services run on VM's in a highly available environment. All service components have redundancy. SLAs for all aspects of service are agreed with customer based on requirements.
Approach to resilience
All services run on VM's in a highly available environment. All service components have redundancy
Outage reporting
Email alerts, or direct notifications from system to Prism

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
Dedicated VPN access only.
Access restriction testing frequency
At least every 6 months
Management access authentication
Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Plus Government Scheme
  • PSN - Our Service Code is SRV_0281.
  • Designed our systems to be consistent with ISO 9001
  • Designed our policy to be consistent with ISO 14001
  • NHS Digital - DSP Toolkit - Code is 8HL10
  • Data from NHS to Synertec over an encrypted connection HSCN
  • Synertec’s Data Protection Act register entry number is Z1858675

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Synertec have designed our ISMS policy to be consistent with the principles of ISO 27001.
Information security policies and processes
This information is available upon request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The service is subject to a DPIA under control of our DPO. Changes are assessed for potential security impact and the DPIA updated where necessary. Service has been security tested by independent security specialist to OWASP, OSSTMM & PTES standards.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scans are performed at least twice per year by independent CREST/CHECK approved security company. This includes checks for missing patches. Internal vulnerability scans are performed monthly.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Vulnerability scans are performed at least twice per year by independent CREST/CHECK approved security company. Internal vulnerability scans are performed monthly.

Our ISMS includes a mature Security Incident management process ensuring quick responses to incidents including reporting of incidents to customers within 1 working day.
Incident management type
Supplier-defined controls
Incident management approach
Our ISMS details our security incident processes which are overseen by our DPO. Security Incident reporting forms are available and customers are informed of incidents within 1 working day.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)

Pricing

Price
£0.05 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at corporate-support@synertec.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.