Automated intelligent scheduling for a field-based workforce. Comprehensive and secure system for managing appointment booking. Automatically creates schedules, matching client requirements with organisational priorities. Dynamic rescheduling throughout the day in response to disruptive events. Live data and location information collected from field staff via mobile app, with lone worker protection
- Rostering staff, printed or mobile app rotas and schedules
- Client/customer profiles and staff/field worker records
- Automated appointment allocation process
- Disruptive event dynamic rescheduling throughout the day
- Auto optimisation of visit schedules based on location and KPIs
- Intuitive consistent design with single view for capacity and demand
- Realtime staff location and self-managed post-setup including custom fields
- Messaging to field staff and office staff, with resolution tracking
- Highly configurable and self-managed post-setup including custom fields
- Handle diverse payroll scenarios and client charges for invoicing
- Scheduling staff becomes automatic; staff merely approve schedules
- Optimise regular rotas via visual planner
- Creates consistent scheduling and allows resource management planning
- Resource and capacity planning via availability, leave and service demand
- Avoid assigning incorrect staff based on compatibility and training rules
- Proof of arrival. Offline mode and syncing for mobile app
- Auditable trail: know who did what and when
- Powerful search ensures you can quickly find information
- Quick access to client/staff records and visit/appointment history
- Low adoption and training costs due to familiar web interface
£8.5 to £16 per user per month
Malinko Scheduling Software
0161 850 0111
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
Access to the web application
Microsoft Internet Explorer 11
Microsoft Edge (most up to date version)
Chrome (most up to date version)
Firefox (most up to date version)
Safari (most up to date version)
No additional plug ins are required
Android 4.0 +
iOS 7.1 +
Windows Mobile not currently supported
NB. There may be some firewall configuration needed for full application functionality
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Hours of Business (Standard Support Plan): Malinko Helpdesk is open and contactable on Working Days between 09:00 and 17:00 (Service Hours) for all helpdesk calls.
Response times vary dependent upon internal triage. For a support query classed as Severity 1, there would be a response within 1 business hour.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Immediate (Severity 1): Where a call priority is Immediate, Malinko will respond to the call within 1 hour during Service Hours. e.g. Service Failure / Unavailability of the Service affecting many users across 1 or multiple sites.
Urgent (Severity 2): Where a call priority is Urgent, Malinko will respond to the call within 4 hours during Service Hours. e.g. Service Failure / Unavailability of the Service affecting few users at 1 or more sites.
Normal (Severity 3): Where a call priority is Normal, Malinko will respond to the call within 1 Working Day. e.g. Non-urgent Service defect for which a workaround can be provided affecting 1 or more users.
Non-urgent software issue: Non-urgent Service defects (those defects inherent within the Service but for which a workaround is available) that are affecting 1 or more users will be logged and be deployed in a future software release subject to the terms.
Educational Support: Where a call is purely an educational request, Malinko will respond to the call within 1 hour during Service Hours with a target fix time of 4 hours.
All response times are within the Service Hours and Working Days of Malinko Helpdesk.
Additional support levels available upon request.
|Support available to third parties||Yes|
Onboarding and offboarding
There is a full project managed configuration, implementation and training plan. We provide on-site training with a train the trainer approach.
We provide full user documentation and online training support system and associated support articles.
|Other documentation formats||Via online support system|
|End-of-contract data extraction||
Reports can be set up on the system for self service data export. Data is provided in csv format. For more specialised reports, the client can contact support.
Additionally, within thirty (30) days of termination, the Customer may request that Malinko shall provide an extract of the Customer Data to the Customer.
Within thirty (30) days of termination, the Customer may request that Malinko shall provide an extract of the Customer Data to the Customer (in such file format as Malinko shall determine). Malinko hereby reserves the right to charge a fee to the Customer for providing the said extract in accordance with its then current applicable charges for such service. If the Customer fails to request the return of Customer Data within the thirty (30) day timeframe, then, to the extent permitted by Applicable Law, Malinko reserves the right to delete all Customer Data in its possession.
In the event of termination (for whatever reason), Malinko shall (for a period not exceeding 60 (sixty) Working Days after the date of termination or expiry) provide the Customer with reasonable co-operation to enable the Customer to make arrangements for the transition of the supply of the Service to an alternative provider. Malinko shall be entitled to charge the Customer at its prevailing day rate (as notified to the Customer from time to time) in respect of such assistance and co-operation.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||There is an optional mobile phone app, which is used for checking in/out of jobs and collecting information when out in the field - this does not have the full functionality of the main scheduling system. This can be used on iPhones and Android phones.|
|Accessibility standards||WCAG 2.0 A|
|What users can and can't do using the API||
Access to client information
Access to visit information (including services, notes)
Access to questions for a visit
Check in and out of a visit
Check status of a visit
Submit visit question results
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||
Full configuration support including account configuration, rules configuration, services configuration, custom fields for clients and users.
There are two levels of configuration: Account level - configured by Malinko internal staff.
Account manager level - client side staff with appropriate permissions can set up elements such as new service types.
|Independence of resources||We use an on-demand cloud computing infrastructure to provide additional capacity, both planned (ie during working hours vs out of hours), as well as automatically provisioning new servers based on load.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Reports can be set up on the system for self service data export. For more specialised reports, the client can contact support.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Uptime/availability for services is 99.9% during Service Hours.
Systems are subject to a planned maintenance strategy. Planned maintenance where possible will be accommodated outside of Service Hours without impacting the availability to Users to the System.
All planned maintenance will be subject to change control procedures and will be communicated to the Purchaser within a reasonable notice period.
Upon request we are able to refund on a prorata basis for any unplanned downtime which falls outside the 99.9% uptime availability.
|Approach to resilience||The application is split over physically separate availability zones, as well as a clustered database running over multiple physically separate availability zones.|
|Outage reporting||Planned maintenance is communicated via in-app notifications and email communications to nominated contact within client. Support desk can give status updates.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||We have Access Control Specifications, with the principle that only those who are required have a particular level of access actually do so. Dependent upon the system and action taken, sometimes it will require authorisation from two staff. All staff are required to have a DBS check.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||QMS|
|ISO/IEC 27001 accreditation date||17/02/2017|
|What the ISO/IEC 27001 doesn’t cover||All activities are covered by the certification|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||NHS Information Governance|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
We have ISO27001 and Information Governance Toolkit. We have the following policies in place which have a direct bearing on information security:
Access Control Policy, Anti-piracy Policy, Cryptographic Controls Policy, Data Protection Policy, Information Exchange Policy, Information Governance Policy, Information Sensitivity Policy, IT Policy, Leaving Policy, Media Destruction Policy, Network Security & Systems Monitoring Policy, Remote Working Policy, Secure Development Policy, Security Policy, Security Incident Reporting Policy, Social Media Policy, USB memory sticks Policy, Whistleblowing Policy, Virus Protection Policy.
We have a number of associated processes and procedures designed to adhere to these policies. We have an ongoing process of internal auditing to ensure adherence to these policies and monthly ISMS management meetings.
There is a dedicated software system with recorded process for handling: Security incident, Non-conformity, Change Request.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||We have a change management process as part of ISO27001. All tickets are logged and tracked via our issue and project tracking software (JIRA) and the potential security impact is assessed as part of the process of signing off a ticket. All changes to the software are tracked in our version control system (Git).|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Server operating systems run Long Term Support versions which are regularly patched
All application software changes resulting in failed tests or security vulnerabilities are blocked by continuous integration servers.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Role based access control, with audit trail of staff changes to records.
As part of the Information Security Management System we screen staff and we have ongoing training including security awareness. In the case of an incident or near miss we have an incident management procedure and recording process and the Information Security Management System Manager would always been informed.
Dependent upon the nature of the incident we may also inform the ICO and we may report it via the Information Governance reporting tool.
|Incident management type||Supplier-defined controls|
|Incident management approach||
For incidents requiring business continuity actions, these are defined within the Business Continuity (Disaster Recovery) Plan.
IS events identified are recorded using Zendesk following the procedures relating to the identification, control and recording of incidents handled using existing escalation procedures when required. These events are assessed by the ISMS Committee ISMS Manager to determine if they are to be defined as information security incidents and when relevant, details are referred to Senior Management.
All comments and actions arising from any incident are recorded within the Zendesk system and appropriate action is instigated - these can be provided upon request.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£8.5 to £16 per user per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|