Consentz is a single integrated system for managing a Private Medical practice, bringing together all the tools you need to build patient relationships, grow your business, and save you time. The first medical practice management software system developed with the clinician-patient relationship at the heart of everything it does.


  • Practitioner Consultation Tool
  • Treatment Plans
  • Photo Capture and Manipulation to record Treatments visually
  • Pre-Populated Consultation Notes
  • Clinic Dashboard and Reporting
  • Repository of Knowledge, both business and technology
  • Patient Application for patient record sharing
  • Bespoke Questionnaires and direct Patient education
  • Stock and Invoice Management
  • Multi View Calendar with Waiting Lists, Prospect Capture and Reminders


  • Increased interaction with patients and ability to address their concerns
  • Enhanced customer understanding regarding their entire treatment process
  • Fast and simple detailed visual record keeping of procedures
  • Save time from repeated typing and improve legal standing
  • Visualise your clinic's performance
  • Understand your business, how and what to do it
  • Keep your patients informed and engaged
  • Educate you patients and understand their needs more effectively
  • Complete, intuitive online system
  • Manage appointments, increase retention and turn enquires into patients


£120.00 per licence per month

Service documents


G-Cloud 11

Service ID

3 8 8 0 9 7 8 0 5 8 5 2 3 5 1



Michael Geary

01932 481 081

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
IPad required for the Practitioner Application, otherwise no constraints
System requirements
  • Twilio Account required for SMS reminders
  • Stripe Account for Online payments

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within an hour if during business hours, outside business hours the question will be responded to once business hours have commenced.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Chat is based on the Intercom platform, and accessible from our main website via a small pop up icon that floats on the bottom right of the screen.
Web chat accessibility testing
As a company Consentz hasn't tested the Intercom platform.
Onsite support
Yes, at extra cost
Support levels
Our support team is available via phone, email, or chat - all included in the price of a license.
Business support is also included with Consentz, whereby we assist with advice on growing your business. This information is accessible via our Academy.
Onsite training is available at an extra cost.
Support available to third parties

Onboarding and offboarding

Getting started
An onboarding service will be offered, and be free of charge for a limited period of time.
All new customers are taken through a series of Onboarding screens, and have the facility to import their existing data.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can export all of their data from within the Consentz control centre - although access is limited to certain roles.
End-of-contract process
At the end of a contract, customers can export their data themselves using the Control Centre. Additional costs are involved for hard copies of the data (printed documents etc).

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
Designed for use on mobile devices
Differences between the mobile and desktop service
Patient Application is designed specifically for iOS
Service interface
What users can and can't do using the API
For internal use only
API documentation
API sandbox or test environment
Customisation available


Independence of resources
Our infrastructure is run on Amazon AWS service using thier EC2, Elastic Block Storage, and RDS platforms, all being easily and almost instantly scalable.


Service usage metrics
Metrics types
We have a dashboard and a reports page, with selectable reports. These are set reports that can be tailored by date and various metrics (treatment type, practitioner etc) selectable by the user. They display real time results which can be exported to a number of different formats (csv, png etc)
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Much of a users data can be exported to csv files (Patient Lists, reports, invoices) from within the Control Centre at any time they wish.
Completed Forms and Questionnaires can be downloaded on an individual bases (PDF) and reports can be downloaded in a number of different formats from the report pages.
All data can be exported and will be bundled into a zip file containing all data in various formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • Pdf
  • Jpg
Data import formats
  • CSV
  • Other
Other data import formats
  • Pdf
  • Jpg

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Consentz software should have a 99.9% uptime in line with the Amazon Web Services that support it.
Any cases of reduced available will be reviewed on a case to case basis
Approach to resilience
This information is available on request
Outage reporting
Service outages will be reported via email alerts

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Management interfaces access is governed by roles and a hierarchical invitation method
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Our ISO 27001 certification covers Consentz as a company
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Security is a key selling point of Consentz and therefore at the forefront of our decision making when implementing features and design.
Information security policies and processes
Our team have no access to private customer information.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes to processes by third parties are monitored via mailing lists and any changes are assessed between staff and development team for impact to customer data.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We work closely with our development team to assess potential threats, as well as consulting with external companies.
Patches can be deployed very quickly, and the team is informed via developer notification from the platforms we use.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We currently have no protective monitoring process, other than Server alerts for unusual activity, and server logging.
We are in the process of enhancing this process.
Incident management type
Incident management approach
We have processes in place for common events such as resetting passwords or temporarily blocking access to accounts.
Users can report incidents via email, or directly via phone.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£120.00 per licence per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑