Mazik Global Limited

Microsoft Dynamics 365 for HealthCare

Microsoft Dynamics and MazikCare’s end-to-end healthcare solution empowers healthcare organizations to successfully adopt Digital Transformation. Our platform enables health providers to transform the care continuum. Care teams can engage patients and improve patient retention through remote monitoring and facilitates activities such as appointment scheduling and medication management.

Features

  • Patient Access - Intuitive and unified patient scheduling
  • Patient 360 - Common operating picture for care team
  • Patient Companion -Modernizing patient experience
  • Care Coordination - Optimized resource utilization and communication
  • Operational Pathways - Smart tasking & care plan management
  • Referral Management -Simplified referral loops
  • Patient Engagement - Connected, empowered patients
  • Materials Management - Effective materials management
  • Financials - A financial system tailored for healthcare
  • Human Capital Management - Managing healthcare’s strongest asset

Benefits

  • Engaged Patients - Improve the experience of care for patients
  • Evidence-Driven Outcomes - Use new insights to shape care plans
  • Enhanced Security - Safeguard your data while generating actionable insight
  • Reduced Costs - Align with new payment incentives like MACRA
  • Optimized Clinical and Operational Effectiveness
  • Ability to run workflows in CRM based on clinical data
  • Secure data and HL7, HIPAA, and FHIR compliant system
  • Simple automation or assignment of work flows
  • Automated reminders, followup, notifications, and care team alerts
  • Easy tracking and reporting of patient engagement

Pricing

£8 to £210 per unit per month

Service documents

Framework

G-Cloud 11

Service ID

1 4 8 3 3 2 3 0 1 1 1 0 3 6 1

Contact

Mazik Global Limited

Afzal Syed

+44 7886 946892

syed.afzal@mazikglobal.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Microsoft Dynamics can be integrated with different software like SAP, Oracle, Sales Force, People soft.

Microsoft Dynamics enables the integrations through Application Integration Framework (AIF)
Cloud deployment model
Public cloud
Service constraints
Microsoft is committed to delivering predictable service updates each month (excluding March and September). These service updates will be made generally available for self-deployment approximately 2 weeks prior to Microsoft automatically applying the update.

Microsoft’s policy is to provide a minimum 30 days' notification when customers are required to act to avoid significant degradation to the normal use of the product or service.

https://support.microsoft.com/en-us/help/30881/modern-lifecycle-policy
System requirements
  • Dynamics 365 License
  • Microsoft Edge, Internet Explorer 11, Google Chrome, Apple Safari
  • Supported Microsoft Office applications for integration
  • Internet Connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
Severity A -  1st call response in 1 hour or less
Severity B -  1st call response in 2 hours or less
Severity C -  1st call response in 8 hours or less
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Level 3—This is support provided by a Mazik Global application support specialist.

Mazik provides Dedicated Support Engineer, Enhancement and resolution engineer and support manager. The monthly allocated hours for each type of resource will depend on the agreement with the customer.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Mazik will provide online training, onsite training and product documentation that the user can use to configure, test and deploy the solution. However, the assumption will be that customer will have the dedicated functional and technical team to take care of the complete requirement gathering, configurations, data migrations, customizations, testing, deployment on their own with the training from Mazik.

Mazik can also provide the complete Solution Implementation Services that will include
- Requirement Gathering and Analysis
- Solution Design
- Solution Configuration and Customization
- Assisting the customer in solution testing
- Deployment
- Post go live support.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Mazik utilizes Data Management Framework for data ingestion and extraction. This same tool can be used for data extraction at the end of the contract. The framework supports:
- Data Entities and classifying them as Master, Transaction, Gold data
- Data Project
- Job history
- Data Package
End-of-contract process
Mazik will provide one month of Post Go Live Support. Complete Knowledge transfer will be done to the customer.

A Project closure report will be prepared and signed off by both customer and Mazik to ensure that all project closure activities are complete.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Dynamics 365 allows access and provides functionality to Mobile Devices via a Web Browser or Mobile Application. There is a particular level of functionality between Mobile and Desktop, each tailored to the Form-Factor to provide the parity of service.
Service interface
Yes
Description of service interface
Mazik provides a rich service interface which is accessible both on Web & Mobile. The service interface is an HTML web client that runs in all major browser. It consists of
- Physical Presentation of forms and controls in HTML, Javascript, and CSS
- Form controls are split into logical and physical parts
- The logical and physical parts are kept in sync through service calls that communicate changes from each side.
- The service tier keeps the form state in memory while the form is open
Accessibility standards
WCAG 2.1 A
Accessibility testing
Mazik Global utilizes tools & technologies which meet accessibility and standards. While Dynamics 365 platform meets WCAG 2.0 standard, our interfaces enabled people with learning difficulties, limited vision, speech to access and communicate. For many products like Dynamics 365, conformance of accessibility standards has been evaluated by external suppliers. These conformance reports are added on a rolling weekly basis and available on Accessibility Conformance Report Portal.
API
Yes
What users can and can't do using the API
Mazik extends the Dynamics 365 service by utilizing the Microsoft Azure stack. It provides
- Common Data Service so that data can be accessed via APIs in real time through a secure channel.
- Azure API Management for integrating external systems via a microservice architecture pattern.
- IoT & Telematics for integration with vehicle telematics

Users of the system can use APIs above to build
- Custom Portals
- Custom Apps including Microsoft PowerApp Platform

Users are set up via Azure B2C and access is provided via security roles.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Dynamics 365 platform provides an extensive framework to customize the service. These include customizing the preconfigured entities, fields, forms, views, security model, report and workflows that help business manage their sales, marketing, service

Mazik uses 'train a trainer' approach which enables Customer super-users to train & customize the system.

Scaling

Independence of resources
Dynamics 365 for Finance and Operations provides a complete set of Enterprise Resource Planning (ERP) tools to provide global visibility, scalability, and digital intelligence and an effective solution with the potential to scale with your business locally and globally.
It is a fully Microsoft-managed cloud service that runs in Microsoft-managed Data Centers that provides Elastic Scale-Out capability.
-
https://azure.microsoft.com/en-us/global-infrastructure/regions/
-
http://aka.ms/Office365TI

Analytics

Service usage metrics
Yes
Metrics types
Mazik provide application monitoring and diagnostics via Microsoft Life Cycle Services. It consists of three primary use cases: monitoring, diagnostics, and analytics.
A) Monitoring
- High scale, low latency, reliable alerts
- Hot path < 60 seconds
B) Dianostics
- Interactive visualization with Near Real Time (NRT)
- Warm path < 5 minutes
C) Analytics
- App insights, data analytics and reports
- Cold path > 5 minutes

There are various tools available in the diagnostics portal
- Activity Monitoring
- Environment Monitoring
- SQL Insights
- System Diagnostics
- Raw information logs (slow queries, deadlocks, cashes, financial reporting issues)
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The export process is done through a data project. When exporting, user can choose which data entities to export, the file format used (there are 14 different formats to choose for export), and apply a filter to each entity to limit what is exported.

After the project is created and saved, the user can export the project to create a job. The system provides a graphical view of the status of the job and the record count. This view shows multiple records so you can review the status of each record prior to downloading the actual files.
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Excel
  • XML
  • API
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • Excel
  • API

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
-
http://aka.ms/Office365TI
-
http://aka.ms/Office365CE
-
https://docs.microsoft.com/en-us/Office365/securitycompliance/office-365-encryption-in-microsoft-dynamics-365
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Dynamics 365 is a fully Microsoft-managed cloud service. Microsoft monitors and optimizes the usage and scale to meet the stated SLAs that is at least 99% of availability and uptime.
Generally, this SLA applies to the Microsoft Online Services, but does not apply to separately branded services made available with or connected to the Services or to any on-premise software that is part of any Service.
If we do not achieve and maintain the Service Levels for each Service as described in this SLA, then you may be eligible for a credit towards a portion of your monthly service fees.
-
http://www.microsoftvolumelicensing.com/Downloader.aspx?documenttype=OSCS&lang=English
Approach to resilience
Microsoft has designed its cloud services to maximize reliability and minimize the negative effects on customers when things do go wrong. Microsoft have moved beyond the traditional strategy of relying on complex physical infrastructure, and have built redundancy directly into our cloud services. Microsoft use a combination of less complex physical infrastructure and more intelligent software that builds data resiliency into our services and delivers high availability to our customers.

Microsoft's SLA is at least 99% of Availability and Uptime.
Microsoft's current SLAs as per stated on their website.
-
https://azure.microsoft.com/en-us/support/legal/sla/
Outage reporting
Microsoft provides several portals and communication mediums for customers for the purpose of reporting of the service status and outages of its online services.
-
https://portal.office.com/adminportal/home#/servicehealth
-
https://azure.microsoft.com/en-us/status/history/

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Other user authentication
Azure AD, Active Directory & Claims Based Authentication
Certificated based Authentication
Azure Vault & Manage Identities
Access restrictions in management interfaces and support channels
Dynamics provide role based security model which can be optimized for any organization. Data is controlled in the following manner:
- Security Roles contains Duties that can be part of user interface.
- View security policies, limit data for access of user roles
- Process Cycles
- Duties (privileges that grant permission to perfom an actoin)
- Privileges (specifies level of access that is required to perform a job, solve a problem)
- Permissions
- Data security
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Description of management access authentication
Azure AD, Active Directory & Claims Based Authentication Certificated based Authentication Azure Vault & Manage Identities

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI Group
ISO/IEC 27001 accreditation date
30/10/2018
What the ISO/IEC 27001 doesn’t cover
The management of Information Security Management System (ISMS) for Microsoft Dynamics 365, including services, supporting systems, protection of personally identifiable information (PII), data trustee controls, development, and operations are in accordance with ISMS Statement of Applicability Ver. 2018.001-10/30/2018.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
29/9/2016
CSA STAR certification level
Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover
https://servicetrust.microsoft.com/Documents/ComplianceReports?command=Download&downloadType=Document&downloadId=6d07d7e3-da62-4153-a91c-14d259dac9f1&docTab=4ce99610-c9c0-11e7-8c2c-f908a777fa4d_ISO_Reports
PCI certification
Yes
Who accredited the PCI DSS certification
BSI Group
PCI DSS accreditation date
31/12/2016
What the PCI DSS doesn’t cover
https://www.microsoft.com/en-us/TrustCenter/Compliance/PCI
Other security certifications
Yes
Any other security certifications
  • ISO 27001, ISO 27017, ISO 27018
  • SOC 1, SOC 2, SOC 3

Security governance

Named board-level person responsible for service security
No
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Dynamics 365 SOC Bridge letter confirming no material changes to the system of internal control that would impact the conclusions reached in the SOC 1 type 2 and SOC 2 type 2 audit assessment reports.

- https://servicetrust.microsoft.com/Documents/ComplianceReports?command=Download&downloadType=Document&downloadId=727a4996-4065-43bb-a80a-146f38d249fc&docTab=4ce99610-c9c0-11e7-8c2c-f908a777fa4d_SOC_%2F_SSAE_16_Reports

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Mazik change management approach consist of change strategy , business sponsor & stakeholder alignment, communication planning and user adoption assessment.

The changes are managed within the Microsoft DevOps which directly links with Microsoft Life Cycle services. All changes are approved & signed through various environments (ConTest, Staging, UAT, Pre-Production) before the change are deployed to Production.

All changes on the Dynamics environment is automatically vetted by the platform.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Microsoft Dynamics 365 takes advantage of the cloud service infrastructure and built-in security features to keep data safe using security measures and mechanisms to protect data. In addition, Dynamics 365 provides efficient data access and collaboration with data integrity and privacy.

The Microsoft Security Response Center (MSRC) is led by some of the world’s most experienced security experts. They identify, monitor, respond, and resolve security incidents and on-premises and cloud vulnerabilities around the clock, each day of the year.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Dynamics 365 Security Team and various Service Teams work jointly with same approach on security incidents: Preparation; Detection and Analysis; Containment, Eradication, and Remediation; and Post-Incident Activity.

Microsoft’s approach to managing a security incident conforms to the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-61, and Microsoft has several dedicated teams that work together to prevent, detect, and respond to security incidents.

As developing step-by-step processes for handling every potential incident is impossible, Microsoft takes a risk-based approach to detecting malicious activity. We leverage incident data and threat intelligence to define and prioritize our detection.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have defined process using which Users can submit their support requests whether it relates to the product or to the implementation that we have done.

Issues can be reported using portals provided by Mazik and Microsoft.

In case of Service Level Agreement with Mazik, we will provide weekly and monthly reports for the status. Real time status reporting can be seen on the Support Tool.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£8 to £210 per unit per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
1 month trial is given for the product
Link to free trial
https://trials.dynamics.com/

Service documents

Return to top ↑