Altrix Technology Limited

Altrix Technology Platform

Altrix provides an online market place for fully compliant staff to engage directly with hospitals. This significantly reduces costs, time and effort in the sourcing of suitably compliant resources to increase patient care and ensure compliance with NHS Employers guidelines.

Features

  • Online Workforce Scheduling
  • Risk Management
  • NHS Employers Compliance
  • Time Management
  • Real-time Reporting

Benefits

  • Cost Management
  • Patient Safety
  • Improved Staffing Levels
  • Increased Compliance
  • Full visibility of Staffing Levels

Pricing

£3000 to £15000 per licence per month

Service documents

Framework

G-Cloud 11

Service ID

2 9 7 2 8 4 7 9 7 5 2 7 4 4 7

Contact

Altrix Technology Limited

James Lock

07966097827

james@altrix.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No
System requirements
Internet access via a web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within our policy we will always respond within 2 hours. This is provided 24 hours a day, 7 days a week.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
The support provided by Altrix is available 24 hours a day, 7 days a week including all Bank holidays. There is no additional cost required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Altrix has a dedicated account manager who will be available to provide training onsite at no extra cost. Online training videos are available as is user documentation. The account manager will be able to provide additional training sessions as and when required.
Altrix provides the resources to onboard the Trust onto the Altrix platform and will build the links with the e-rostering tools.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Video
End-of-contract data extraction
Users will request their information via the technology platform and deletion of all data in line with GDPR regulations.
End-of-contract process
Full suite of services are in one low fixed cost.

At the end of the service the Trust would be removed from the platform and no longer visible to users.

The are no additional costs at the end of the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The service is mobile optimised and has identical features and functionality on mobile and the desktop service providing all features and benefits.
Service interface
Yes
Description of service interface
The service interface has been designed and tested to be ultra user-friendly. Offering a range of intuitive options for end-users.
Accessibility standards
None or don’t know
Description of accessibility
Service is accessible for any user that can use a web browser. All features of the platform are available for users.
Accessibility testing
None currently. We have this within our development road map.
API
Yes
What users can and can't do using the API
The API has been designed to be as flexible to interface with host systems as possible. This is made available freely to any contracting authority to allow simple integration.
The API allows shifts to be published from the e-rostering tools and send back booked shift and staff details for real time updates.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
The service is hosted on AWS with load balancing and redundancy built into the architecture. We continuously stress test the load to ensure no service interruption as we add more Trusts and users.

Analytics

Service usage metrics
Yes
Metrics types
There is a full audit trail of usage statistic.
Altrix are able to provide a full reporting suite for end - users and can tailor our reporting packages to meet the requirements of our clients.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
All information is available to the account holder and any user within the system can export shift transaction details in Excel through the platform. Any further information can be made available on request.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • XLSX

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Our SLA ensures that guaranteed up time for our system is 99.9%
Approach to resilience
The Altrix platform is built and run in AWS and we leverage the AWS tools for fail over and redundancy to ensure continued service with 2 locations specified. As a default Altrix nominate the two locations acting as stand-by for each other.
Outage reporting
Email alerts are sent in the unlikely event of an outage.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Each user has their own unique username and password required to access the service.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
May 2017
CSA STAR certification level
Level 5: CSA STAR Continuous Monitoring
What the CSA STAR doesn’t cover
None
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We adhear to the principles of ISO27001 and it is the intention of Altrix to achieve ISO27001 certification during the life-cycle of the G-Cloud 11 framework. Currently, our security governance is in line with these standards.
Information security policies and processes
Altrix is a relatively small team with the 2 founding directors intimately involved in the day to day operations. Our Information Security policy which forms part of the staff handbook contains data classifications, and provide direction as well as details on how to protect confidential information at varying sensitivity levels.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We use three environments, one for Development, one for UAT and one for Production. Any changes to the Production environment must be validated through testing in the UAT environment first. Deployment of patches to the Production environment take a few seconds and are run out of normal working hours so the users are oblivious to any disruption.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We use the latest versions of the software and libraries available within AWS for the operation and development of the Altrix platform.

Please learn more about vulnerability management approach implemented by AWS https://aws.amazon.com/compliance/csa/
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We use CloudWatch (https://aws.amazon.com/cloudwatch/) to monitor the application health. We receive real-time notifications for potential threats.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have an incident management policy in place that is included in the staff handbook. The aim of this policy is to ensure that Altrix acts appropriately to any actual or suspected security incidents relating to information systems and data. All users must understand and adopt use of this policy and are responsible for ensuring the safety and security of the Altrix systems and the information that they use or manipulate.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£3000 to £15000 per licence per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
The full-suite is available for trial - this is on a transactional basis rather than a subscription basis but can run for any agreed time period.
Link to free trial
Www.altrix.co.uk

Service documents

Return to top ↑