Aire Logic Limited

healthcare forms - forms4health

Forms4health is a highly modular standards based (XForms), smart digital forms solution with both patient / citizen facing forms ( as well as a clinican / business facing forms solution ( Whilst the initial offering is targeted at healthcare the platform is generic and could be used in all industries.


  • Electronic / digital forms
  • Branching / Skip Logic / Calculation Logic
  • Mobile friendly (responsive)
  • Graphical form designer environment
  • Form publication mechanism (avoiding development)
  • Existing bank of (healthcare) forms
  • Stored structured information for reporting
  • Auto creation of PDFs
  • Data pre-population
  • Optional (slimline) clinical record (EHR/EPR)


  • Rapidly design and deploy new electronic forms
  • Minimise form completion effort/time with branching / skip logic
  • Calculations performed by form to improve speed and accuracy
  • Conditional display of help text and decision support advice
  • Form pre-population to reduce errors and completion time
  • Building-block approach to create re-usable form sections
  • Integrate with existing systems and workflow
  • Supports free-form and highly structured (coded) data
  • Drive form with reference and other data from existing systems
  • Can support bespoke or open standards


£0 per unit per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10


Aire Logic Limited

Joseph Waller

+44 (0)7793 841 932

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Can be integrated with parent electronic patient record (EPR) or case management system.
Cloud deployment model Public cloud
Service constraints There are no constraints in running the service
System requirements Modern browsers - Edge, Chrome, Firefox, Safari and IE 11

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Depends on the service level. Can offer 24x7 support
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Bronze - email support
Silver - email + phone
Gold - email + phone (24x7)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Initial workshops, onsite training and online training available. Form building and deployment steps well documented.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Database export.
End-of-contract process Full database export and copy of your developed forms (in open and portable XForms standard).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Responsive design ensures all forms are available, and work well on mobile devices.

The graphical form designer is best accessed through a desktop device.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing N/a
What users can and can't do using the API Discover all available forms
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Look and feel, configuration for various features. Configuration performed by designated administrator.


Independence of resources Segregated resources (docker containers)


Service usage metrics Yes
Metrics types Form usage reports (e.g. form completions within last 30 days), popular forms, form uptake.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Database extract
Data export formats Other
Other data export formats
  • XML
  • JSON
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.5
Approach to resilience Available on request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels Role Base Access Controls
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach We have highly experienced consultants who have worked in the security and information governance space. All our architecture and design are reviewed by these consultants.
Information security policies and processes All staff are required to read our information security guidelines.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All build and configuration assets are version controlled (using git). All changes are peer reviewed by at least two others before being merged into the codebase (or configuration).
Vulnerability management type Supplier-defined controls
Vulnerability management approach We do in-house penetration testing. Any known vulnerabilities should be patched within 24 hours.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Pro-active log monitoring
Incident management type Undisclosed
Incident management approach User's can email or phone with incidents. We use an incident management tool (Zendesk) that has built-in reporting.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)


Price £0 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full functionality, but limited forms for a limited time


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑