THOMSON SCREENING SOLUTIONS LTD

SchoolScreener Vision

SchoolScreener Vision: online/offline laptop application for orthoptist-led, locality-wide vision screening.
• For Reception-Age Vision Screening, or Older
• Complies with Latest PHE Service Specification
• Multi-Lingual Voiceovers and Animations
• Automated Scoring, Parent and Referral Letters
• Automated Management, KPI and Audit Reports
• In-school internet access unnecessary; synchronise later

Features

  • Admin Staff Upload CSV Class Lists to Cloud Quickly
  • Used by School Nurses and Screeners from Band 2 Upwards
  • Designed for Reception Age Upwards: Includes Vision Screening Kits
  • Quick and Engaging for Children: Multi-Lingual Voiceovers and Animations
  • No Need for In-School Internet Access; Synchronise-Later Functionality
  • Automated Production of Customised Parent Letters and Specialist Referrals
  • Automated Pathway, Audit and KPI Management
  • No Specialist Knowledge or Training Required to Use it
  • Data Output to Share with Electronic Patient Records, CHIS, etc
  • Full Training, Onboarding, Implementation and Support Included in Licence Fee

Benefits

  • Saves Time by Accelerating All Administrative and Reporting Processes
  • Automatic Recording of Results Minimises Scoring and Transcription Errors
  • Increase Capacity from Existing Resources Through Immediate Efficiency Gains
  • Cohort View Shows Real-Time Status of All Children Simultaneously
  • Configurable to Local Requirements for Pass/Fail and Secondary Referral
  • GDPR and NHS IG Kit Compliant for Security of Data
  • Improved Commissioner/Stakeholder Relationships via Automated Reports and Dashboards
  • Proven Platform Improves Clinical Risk Management and Information Governance
  • Improves Efficiency of Follow-Up Campaigns for Absent Pupils
  • Cut Costs Further if use with Other SchoolScreener Cloud Services

Pricing

£1.93 to £4.33 a person

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at marketing@schoolscreener.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

4 0 1 4 4 8 3 8 5 8 0 4 9 2 9

Contact

THOMSON SCREENING SOLUTIONS LTD Chris Coyne
Telephone: 07508164333
Email: marketing@schoolscreener.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
All other SchoolScreener Cloud Services products from Thomson Screening, each of which can be used standalone or alongside any combination of the others:
SchoolScreener Health Needs Assessments;
SchoolScreener Imms with eConsent
SchoolScreener NCMP Height and Weight Data;
SchoolScreener Hearing.
Cloud deployment model
Public cloud
Service constraints
The desktop component used when there is no internet access available in schools requires Windows 10 or later; we recommend 12" screens as a minimum, although it will work on screens down to 10.1". There are no restrictions for the online version.
System requirements
  • Laptop In-School May Be Used Online (No Restrictions) or Offline
  • Laptop In-School (Offline) Requires Windows 10 or Later
  • Laptop In-School (Offline) Recommended Screen Size 12 inches or more
  • Laptop In-School (Offline) Minimum Screen Size 10.1 inches
  • Desktop (Administrators) Requires Internet Connection for Reports, Parent Letters

User support

Email or online ticketing support
Email or online ticketing
Support response times
We normally respond to email or ticket requests on the same business day. Resolution is 96.2% on the first contact/call, although this depends upon the specific complexity of the problem.

We provide support when our customers require it, which is Monday to Friday, 9-5. We do not provide support at weekends as none of our customers work at weekends.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
We use Zoho Desk which has a live web chat facility via embeddable web chat widgets. If a customer has an issue that requires more time and attention, agents can convert the chat conversation into a ticket, in a single click. This lets agents save all the context of the chat conversation, with no time lost.

We have enquired and there is no official compliance with the standards listed above, although a review of the features indicates they are in all respects of the services that we use.

Where buttons are offered to customers, they are described also, in line with WCAG 2.0 guidelines.

Instructions provided for understanding and operating content do not rely solely on sensory characteristics of components (shape, size, visual location, orientation), again in line with WCAG 2.0.

Colour is not used as the only visual means of conveying information, indicating an action, prompting a response, or distinguishing a visual element.

All functionality of the content is operable through a keyboard interface without requiring specific timings for individual keystrokes.(This does not forbid and should not discourage providing mouse input or other input methods in addition to keyboard operation).
Web chat accessibility testing
Thomson Screening have conducted no such testing, although Zoho Desk may have. If they have we're unaware of the details. Zoho have indicated to us that they plan to seek full compliance, but do not have it as yet.

If a client has a specific need for accessibility testing, we will comply with all reasonable requests.
Onsite support
Onsite support
Support levels
We attend on site as required by customers on the rare occasions that remote support is not possible or doesn't resolve the problem fully.
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide a full implementation and onboarding service to all new customers.

This involves technical implementation services, including installation,customisation and configuration. Also, onsite training in small groups and customer service.

Post-implementation our customer service and training staff are available for supplementary support, as required.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • Microsoft Word
  • Google Docs
End-of-contract data extraction
Via API or data extract, customised to client needs. Typically this has been CSV in the past.
End-of-contract process
We ask what format the client wants their data in. We then provide the data in that format. Then remove all user access rights. Then data and backups are removed from the system. We provide a written confirmation of all actions.

All of the above are included in the licence fee. There are no extra charges for the above.

Beyond this scope, additional charges may apply.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
Windows
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
Administrators have full access. API is designed to move data to 3rd party systems. Clinical users do not have access to the API.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users can customise outputs, such as parent communications, letter/email templates, referral letters.

Customisation and how to use it is a standard part of the onboarding process.

Scaling

Independence of resources
The service expands in-line with demand via our Cloud service provider's capabilities. We use a major, UK-based provider, UK Fast. They are approved suppliers to G-Cloud 11.

UK Fast is independently DSP Toolkit compliant, Registration ID 8J407

All data (including backups) are held in datacentres in England.

Analytics

Service usage metrics
Yes
Metrics types
KPI dashboards with standard and customised reports. Also drill-down facilities and data exports.
Reporting types
Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Export to CSV via on-screen menu, can be user-selected partial database export, or full database export.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Our guaranteed SLA uptime is 99%. In 2019 we achieved 99.3% service availability overall and 100% during school time. Uptime is monitored and reported to clients monthly. Availability is guaranteed by service credit commitment.

When service (including customer service) is affected by downtime, automatic credit will be issued. Service Downtime Credit is given on a sliding scale of 2.5% to 10%.

99% - 0%
95% - 2.5%
90% - 5%
Less than 90% - 10%
Approach to resilience
Architectural, platform and data centre resilience.

Our data centres are ultra-secure and resilient cloud services designed for public sector organisations. They are used by many NHS trusts and have full resilience capabilities, including physical separation, UPS N1 or greater and allow full HSCN connectivity. They are Cyber Essentials Plus certified, ISO Certified:
27001:2013
ISO 27017:2015
ISO 27018:2019
ISO 22301:2012
Outage reporting
Customer notifications are managed via our ticketing system, Zoho Desk, email or any other means of communication agreed with a specific customer.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Client-determined, role-based security. Different levels of access available based on user role/function. For example, only clinicians can access patient clinical data (such as immunisation data)
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
DSP Toolkit
Information security policies and processes
Compliance framework is led by a Director of the company and reviewed annually by the Board. Quarterly risk reviews and action plans.

The company is NHS Digital DSPT (Data Security and Protection Toolkit) compliant. Our DSP Registration ID is 8HW22

In addition, our ICO (Information Commissioner Organisation) Registration ID is Z3489680

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All change requests are documented via our ticketing system or by other written requests. Once changes are implemented, positive approval is required from the client by means of a sign-off.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Potential threats are assessed via 3rd party penetration testing and our own, quarterly risk assessments and action plans.

All security, vulnerability and protective monitoring compliance is led by a Director of the company and reviewed annually by the Board.

In the event that patches are required, they will be deployed immediately via Customer Support.

The company is NHS Digital DSPT (Data Security and Protection Toolkit) compliant. Our DSP Registration ID is 8HW22 In addition, our ICO (Information Commissioner Organisation) Registration ID is Z3489680
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Potential compromises are identified via log management, including firewall logs, alerts from the operating system and other intrusion monitors.
Checks are continuous and automatic via alerts.

Reviews of protective monitoring are included in our quarterly risk assessments and action plans.

All security, vulnerability and protective monitoring compliance is led by a Director of the company and reviewed annually by the Board.

The company is NHS Digital DSPT (Data Security and Protection Toolkit) compliant. Our DSP Registration ID is 8HW22 .
Incident management type
Supplier-defined controls
Incident management approach
Incident management follows an established process.

Incident reporting protocol used includes forms for users to report incidents.

We review incidents that occur on a regular basis (even if no incidents), the action plans developed and lessons learned analysis - all by senior management.

The processes for recording data breaches is described in the Incident Management Policy (copy available on request) and is covered during annual information governance training.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
Health and Social Care Network (HSCN)

Pricing

Price
£1.93 to £4.33 a person
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at marketing@schoolscreener.com. Tell them what format you need. It will help if you say what assistive technology you use.