Ingenica Solutions Limited

Inventory management, RFID and ERP solution for NHS and Healthcare

Inventory management, RFID & ERP solutions for NHS and healthcare resource management.GS1 certified inventory management solution, proven in NHS,developed in Microsoft Dynamics 365 Business Central On-Premise ERP platform, accessed via VPN, N3/HCSN,UK data centre.Ingenica's highly scalable ERP inventory management solution, benefits from Microsoft and Ingenica investment and published development roadmap.


  • Real time inventory and asset management solution, flexible, scalable
  • Inventory management information drill down business intelligence functionality
  • Full inventory warehouse management, manufacturing ability & clinical mobility
  • Supports NHS healthcare costing, reporting patient level and service line
  • Inventory management solution developed on Microsoft ERP platform
  • Inventory track and trace management meeting MHRA requirements
  • Inventory management solution Cloud hosted system within the N3 HCSN
  • Inventory management solution specifically designed for NHS and healthcare environment
  • Ingenica's inventory management solution is a fully GS1 Approved solution
  • ERP platform allows integration to existing finance and catalogue solutions


  • Proven inventory management solution with many NHS reference sites
  • Microsoft ERP platform creates seamless integration with other Microsoft technologies
  • Functionality rich inventory management solution with a development road map
  • Cloud technology creates, secure real time environments and reporting
  • Ingenica's inventory management solution fully configurable per organisation and user
  • Microsoft ERP modular design, customer adds features throughout life cycle
  • Inventory management solution is an open data format
  • Inventory management consumption and replenishment at point of use
  • POU data capture and real time inventory & asset management
  • Ingenica's inventory management solution is reliable, scalable and flexible


£82,909.92 an instance a year

Service documents


G-Cloud 12

Service ID

5 2 2 5 3 7 9 9 6 6 1 6 6 5 8


Ingenica Solutions Limited Nicola Hall
Telephone: 08450660100

Service scope

Software add-on or extension
What software services is the service an extension to
Microsoft Dynamics 365 Business Central On Premise
Cloud deployment model
Private cloud
Service constraints
As detailed in Paragraph 6 of the service definition document, these relate to data centre interruption of services and include both unscheduled and emergency maintenance.
System requirements
  • Internet Explorer 10 or above
  • Microsoft licence
  • Microsoft SQL Server 2016 or higher

User support

Email or online ticketing support
Email or online ticketing
Support response times
Immediate ticket allocation, timescales to resolve query are dependent on the severity of the ticket. All critical queries are answered within 2 hours, non critical up to 5 days.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
A member of the support team will detail the service delivery plans available for the client, ensuring that all their key staff are aware how to log calls and what to expect from the remote support desk function. This is provided as part of Ingenica's support desk function. Incorporated in this plan, is the commercial service levels mutually agreed with the client. Ingenica provides 3 levels of support; Standard, (£330) Standard Plus (£360) and Extended (£530) costs per User licence per annum .Ingenica through their helpdesk and Client Engagement Manager keep the client informed at all times of progress to resolve their issue and the time scales applicable. Ingenica provides clients with the option to obtain a technical account manager onsite. There are no set number of days or visits per annum – These are scheduled as requested by the client or as a designated required response to a support call. Call outs are not differentiated between emergency and normal working hours and are calculated based on our ‘blended’ consultancy rate of £950 (excluding VAT) per 7 hour day inclusive of Travel and expenses. Our minimum call out charge is Half a day (3.5 hours) or £475 (excluding VAT).
Support available to third parties

Onboarding and offboarding

Getting started
Ingenica currently use a mixture of On-site training and User documentation
Service documentation
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats
End-of-contract data extraction
Data belongs to the client and they can specify how they would like that data backed up or archived for subsequent access and referral.
End-of-contract process
The client owns their data so at the end of a contract, this is archived or stored as stipulated. Alternatively should they be requiring to export their data to another solution, this could be quoted for as an additional cost.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Differences between the mobile and desktop service
The functionality is the same for the mobile and desktop service. The view on the mobile service is changed to reflect the user is viewing the system on a small device.
Service interface
What users can and can't do using the API
Users are able to consume and configure API’s based on the ODATA web protocol that is designed for querying tabular data. OData uses URIs for resource identification and commits to an HTTP-based, uniform interface for interacting with resources. All API’s make use of the same authentication methods and permissions configuration used by the Cloud solution.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The core software application is deployed as a Role Tailored client and as such can be deployed with different functionality and features switched on appropriate to the user and utilised as the customer’s requirements develop and mature. There is also a range of data capture devices which support differing Inventory Management (IM) processes to meet different requirements at the clinical point of use, from Theatres, Wards, and service departments such as pathology and medical engineering.


Independence of resources
Each customer has an isolated (individual) service / install instance that cannot be accessed by other customers.


Service usage metrics
Metrics types
Service metrics related to the system support function are provided monthly and on request
Reporting types
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported in various formats, advice on which can be agreed to get the best result.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Ingenica Solutions do not anticipate that our solution will have any downtime apart from when updates are required to be loaded into the Ingenica solution. To update the Ingenica solution, the user is required to log out of the Ingenica solution to enable the update to be installed and for the Ingenica solution to be updated. The update process usually takes 10 minutes but some large updates may take longer. Required updates will be agreed in advance with the client to ensure that they have the least possible impact on the clients activities and use of the Ingenica Solution. Ingenica usually agree with a client a suitable time outside of normal working hours to do such updates, therefore not affecting use of the system in normal working hours. An SLA of a maximum 99.98% uptime is guaranteed. Refunds would be via service credits as agreed in an SLA.
Approach to resilience
Available on request
Outage reporting
Email alerts. Our 'data storage' service providers uses NIMSOFT, a configurable monitoring tool.

Identity and authentication

User authentication needed
User authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
System access is restricted by user login and likewise support calls are Add to transcribed to our SYSAID support desk system. Ingenica restrict access to this system to application consultants and support desk staff for reporting however users can be nominated to directly load support calls onto this system with their own restricted logins.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • Ingenica quality manual compliant with ISO 27001 in principle
  • Data Centre holds ISO 27001 and is subject to audit
  • Our Data centre meets CSA Star Level 1 SA Criteria
  • Our Data Centre provider is PCI compliant
  • Clients can evaluate our cloud solution and supplier audit
  • Current clients have evaluated our solution and supplier audit
  • Ingenica aim to gain ISO 27001 accreditation during 2017
  • Ingenica hold ISO 9001

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Ingenica compliant with ISO27001:2013 seek LRQA accreditation 2017. Data centre (performance security implications) holds ISO27001:2013, Ingenica has security audit's/agreement with them covering all compliance. Ingenica's Cloud provider is Microsoft’s Tier 1 CSP, meeting CSA Star Level 1 SA criteria. Data centre PCI compliant. Ingenica cloud/supplier audit evaluated by existing customer.
Information security policies and processes
Ingenica's security polices and processes are contained in both Ingenica's Quality and security manual and the employee handbook. Our policies comply in principal with ISO 27001 a standard to which we are looking to be accredited during 2017. All staff are required to attend a briefing session that outlines their role and responsibilities with regards to IT security as outlined in the employee handbook. All employees are required to sign documentation confirming that they have read and understand their obligations with regard to security. Any infractions of the policy are reported by the IT manager who informs HR. Subsequent action is then agreed with the manager of the employee in line with the Ingenica disciplinary policy which may include gross misconduct, leading to dismissal.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Ingenica's Cloud solution is based on industry standard technologies and changes to the solution are tracked whilst configurational changes are carried out by Ingenica's cloud provider. Changes to the Cloud software are only made following a documented change request process carried out with the client, whereby all aspects of the change are assessed and their security impacts are considered and discussed with the client ahead of any change.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Annual It health checks and monthly vulnerability testing is completed to evaluate any potential technical vulnerabilities. Two different vulnerability scanners are used, results are compared, exploits are run against IP's. Vulnerabilities found against both types of testing are added to our risk assessment for risk treatment (corrective action). Vulnerability tests are managed by our networks and security team and audited by our compliance team. Updates are received from Ingenica's software provider and hosting provider. Updates are deployed during normal working hours unless specifically agreed otherwise with the customer.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Ingenica's data centre will utilise Nimsoft and Solarwinds for system monitoring providing continuous updated information on IT infrastructures, providing key metrics and generating alerts based upon criteria agreed in Ingenica's SLA with them. Incidences are ranked as critical high, medium and low and there are initial progress and target resolution times given. Further information is included in Ingenica's Service Definition document at paragraph 7b.
Incident management type
Supplier-defined controls
Incident management approach
Yes Ingenica have a pre-defines process for common events. Incidences are reported and logged with our help desk. Instructions for using Ingenica's support service are provided as part of the mandatory training and this covers how feedback and reports are returned to the user.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)


£82,909.92 an instance a year
Discount for educational organisations
Free trial available

Service documents