iplanit is a cloud based social&health care case management system for disability, mental health, housing&aged care. By providing a live view of service delivery, care&support plans and measures the impact of services delivered, it benefits service users, provider staff&management and funders by reducing costs, managing risk,evidencing value and supporting inclusion.


  • Accessible, multimedia enabled care and support plans
  • Live progress & outcome tracking
  • Care and support team collaboration and teamwork, escalations and notifications
  • Management information dashboard based on live point of care data
  • Quality and compliance reporting linked to Key Performance Indicators
  • Web based calendars and activity tracking
  • Web based risk management and reporting
  • Web based referrals, needs assessment and reporting
  • Web based work management and calendars
  • Web based contract and individual budget management.


  • Cost and risk reduction - from paperbased to electronic plans
  • Quality Assurance - Management reporting and statutory compliance
  • Service user / patient empowerment and inclusion via own login
  • Live tracking of outcomes supporting better use of funder resources
  • Live tracking of outcomes supporting improved management decisions
  • Friends and family inclusion improving quality and cost of care
  • Compliance administration reporting costs reduction
  • Staff travel time, meetings, admin, service overhead costs reduction
  • Support providers in winning tenders and grants
  • Provider revenue assurance through improved referrals and tendering


£2 to £60 per licence per year

  • Education pricing available

Service documents


G-Cloud 11

Service ID

7 7 3 6 4 1 5 3 7 4 5 3 4 5 6



Chris Dobinson


Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
No - iplanit is based on open standards and uses open source components.
System requirements
  • Access to Internet
  • Use of modern browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
Mon - Fri 9am-5pm, excluding public holidays
Client Management Queries responded to within 4 hours.
iplanit helpdesk operates Monday- Friday 9AM-5PM
Support SLA : Severity: Priority 1, Technical Response: 1 Business Day, Target Resolution: 1 Business Day
Severity: Priority 2, Technical Response: 1 Business Day, Target Resolution: 2 Business Days
Severity:Priority 3, Technical Response: 2 Business Days, Target Resolution: 4 Business Days
Severity: Priority 4 , Technical Response: 3 Business Days, Target Resolution: 5 Business Days
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Iplanit support includes :
• A nominated client manager for ad-hoc practitioner advice and guidance
• iplanit help desk access for nominated administrator contacts within client organisation
• iplanit support including issue logging, tracking and resolution
• Upgrades to the iplanit system as new versions are made available
• Periodic project follow-up calls
• Regular general iplanit training webinars
• Regular iplanit good practice briefings by webinar
• iplanit Learning Centre content and updates. The iplanit Learning Centre is an online resource for subscribing iplanit provider users where service users, supporters and management where you can access relevant support materials by role"
Support available to third parties

Onboarding and offboarding

Getting started
• Standard set up includes Scoping discussions and analysis of needs followed by Development and documentation of baseline requirements, estimates, need and functional requirements
• Detailed requirements gathering and documentation with checklists
• Build of first iteration
• Design group review and amendments noted
• Review build to reflect the above
• Potential 3rd iteration of the above where required
• Sign off on screens, functionality and design
• Final build and testing
• Move to delivery/implementation phase and training.
A range of training options offered include on-site, web based and blended training with eLearning suite of content available for self service. Full suite of user documentation is provided and a comprehensive client management approach applied.
Service documentation
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats
  • Word
  • Csv
  • Excel
End-of-contract data extraction
We have a standard 2 day data offboarding service which is DPA compliant.
End-of-contract process
Typical iplanit SLA includes annual subscription, hosting, set up, configuration, training, client management, project services and ongoing support. Data offboarding is an additional cost.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The iplanit staff and service user screens are optimised for and particularly well suited to mobile devices . User interface is form factor sensitive, touchscreen optimised and supports auto detection of device type. Screens are designed to be role sensitive with clean screen bias, heavy use of multimedia , big icons and with accessibility options built in.
Service interface
Description of service interface
Iplanit is a highly accessible solution which has from day one been designed to support and encourage active participation from service users and families/carers across a wide spectrum of abilities in a way which is consistent with the inclusion principles of the product.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Iplanit has been extensively used by 10 000s of users across disability and social care spectrum. The service user interface has been specifically designed with input from user groups and provider clients.

iplanit has had a range of accessibility enhancements to the user portal added with each release up to the current Version 5.4. Each release undergoes extensive internal testing followed by user acceptance testing with BETA clients prior to general release.
What users can and can't do using the API
The iplanit connect API is available for users to facilitiate integration with third party applications. The “iplanit connect” suite is an Application Programming Interface (API) that provides a range of data interchange capabilities based on a web service connection protocol and the XML data format. This suite also contains a series of scripts and templates which are configured to each client’s needs and can support both synchronous and asynchronous integration options. For example, we have used the iplanit connect suite to support report integration, data on boarding, management reporting exports, feeds into provider financial systems, links to funder systems/portals and other data interchange requirements.

The typical data integration would involve transfer of staff and service user log data but this can also be extended to other areas such as outcome, KPI and performance management data.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The iplanit system is normally configured for each client to meet their business needs around support planning processes through an iterative RAD type "quickstart" service, this business requirements and configuration exercise allows consultants to user feedback which enables an informed configuration of the system. Following configuration a change request process is used to manage any additional changes to the system beyond day to day administrative level configuration activities. Day to day configuration can be handled by clients at the super user level using a range of wizards and appropriate training.


Independence of resources
Iplanit is hosted on Scalable Tier 3 hosting service with dynamic capacity adjustment.


Service usage metrics
Metrics types
Service usage metrics are provided upon request on:
plan usage, login data, quality data, funding data, incident and risk and safeguarding metrics and data, key statutory KPI data e.g. CQC etc...
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can export their data directly from iplanit.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • MS Excel
  • PDF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The hosting platform and iplanit have been vetted by third party independent security analysts and the hosting service has a 99.98% availability guarantee, a target which has been met 100% since the launch four years ago. Availability guarantees can be negotiated and written into the SLA on a client by client basis.
Approach to resilience
The BT hosting service includes a comprehensive failover / disaster recovery and data back up/recovery schedule including multi-site locations and multiple data generation storage. This is tested every six months. Aspirico also maintain an additional off site backup of the exact iplanit code base and unique configuration for every iplanit customer. This does not include any personal of customer data.
Outage reporting
In the event of an outage the following communications plan is enacted: Aspirico will immediately notify the named Project Manager and/or Technical team within the Contracting Bodies by telephone and email. Following this, Aspirico will keep the Client updated during the recovery process on an hourly basis by email and will also notify the Client when the issues are solved.
Following resolution, Aspirico will carry out an incident report within 2 weeks of the closure of a Priority One and Priority Two Incident (the iplanit support SLA details four incident levels and response time commitments). This will include detailed input from the teams involved and will list all steps taken to recover client services. A post incident review will be held with all interested parties and documented to accompany the Incident report which will be sent to the client by email within two weeks of the incident.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Each customer has their own instance of iplanit, stored in its own unique folder on the iplanit server. Each customer iplanit instance contains the following components
• Unique (not shared) version of the iplanit software and the customer unique configuration
• Unique folder structure for storage of uploaded media (picture, documents)
• Unique Log file folder for customer log and access log records.
• Unique MySQL relational database instance.
To use iplanit, individual users are provided with an encrypted, secure usernames and passwords which will allow individuals to access the relevant services as stipulated by their roles and permissions.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Information security policies and processes
Aspirico management carry out annual security reviews of the iplanit security plan for the upcoming release. This is monitored on an ongoing basis and led by the lead security architect within the development team. This person reports directly to the VP product development.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
As a modern, web native service, iplanit has been designed from the ground up to be configurable easily using the wizard driven configuration layer built into the service. The Quickstart process ensures that care&support plans and related documentation along with assessments, risks, referrals, reporting and other functional needs are configured using the wizard layer to provider's specific needs.
For functional enhancements to the service, Aspirico have a tightly managed Change Request process.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Aspirico have proactive monitoring services running on the server and use the Mantis source code management system to manage the deployment of patches to the iplanit system.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Hosting provides suspicious activity monitoring, e.g. Denial of Service.
We use a WAF (Web Application Firewall) called ModSecurity with customised rules to suit iplanit related web requests.
WAF Denial of Service detection.
Brute force detection on password/login inputs.
Incidents are logged and reviewed. Clients are notified if required and the
response times are client service level dependent.
Incident management type
Supplier-defined controls
Incident management approach
The standard iplanit SLA has a detailed schedule of incident categories, response times, time to fix, communication plan for incident monitoring and response times detailed with commitments and escalation processes.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£2 to £60 per licence per year
Discount for educational organisations
Free trial available

Service documents

Return to top ↑