assist-Mi is an "app" that allows a user with restricted mobility or disabilities to request assistance while travelling, visiting a service provider, a retailer, workplace or other location. It optimises customers experience andservice provider operations. The user's profile is visible to the service provider so they anticipate the users needs.
- Real time assistance requesting for customers
- Customer needs and personal profile visible
- Location based services for locating the customer
- Interactive 2-way chat
- Supports meeting Equality Act 2010 and DDA Compliance
- End-user app available on iTunes and Google Play
- Service provider "app" and admin console for use by staff
- Browse facility so customers can understand site accessibility
- Automatic logging and audit trail of all customer service events
- Customer expectations can be managed through 2-way chat
- Optimises the customers experience for those with restricted mobility/disabilities
- Optimises service provider operations and resourcing
- Encourages more customers to travel and visit service providers
- Increases service provider revenue
- Improves customer confidence to travel and be economically active
- Provides audit trail of events in case of dispute
- Helps to identify the correct customer who needs assistance
- Reduces risk of embarassment for customer and service provider
£1000 to £2000 per licence per year
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
End user mobile devices served are currently Apple iOS and Android. Windows version is in preparation.
Standard helpdesk support operates 9-5 Mon-Fri
|Email or online ticketing support||Email or online ticketing|
|Support response times||
In working hours Mon-Fri 9-5 within 2 hours
At weekends within 48 hours
More tailored support arrangements can be offered
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Our standard support level provides Mon-Fri 9-5 helpdesk, regular software upgrades/new releases.
Our Custom support service can be tailored to meet the operating requirements of the Service Provider at additional cost
We provide a technical account manager who would normally capture and set up any Custom support requirements.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||End users can download the customer app from iTunes and Google Play and register to set up their assist-Mi account. Service providers need to enter into an agreement with assist-Mi Limited so that their access credentials can be created and issued. assist-Mi Limited provides service provider training, initial configuration of the service provider request handling setup so that for example, roles can be shift based or vary by time of day. A centralised request handling function for multiple sites can also be configured. The service provider has rights to further configure the site data where they provide assistance services. We provide documentation for service providers and can train staff directly or use a "train the trainer" approach.|
|Other documentation formats||MS Word|
|End-of-contract data extraction||
End customer data is retained in line with assist-Mi's data retention policy. As end users the contract is for use of the app. Their contract ends is they choose to uninstall the app. Their usage data is deleted in line with our policy.
Service provider data needs to be reported or extracted through the API described above. Service provision event data is discarded in line with assist-Mi's data retention policy, subject to agreement of special retention arrangements with the service provider.
|End-of-contract process||Only the service provider pays for the contract. The contract price is based on the consiguration and scale of the service provider including: sites operated, contact centres, dispatch locations,number of staff or customers. This fixed element is in the for of a standing charge per annum for the specific configuration. It includes standard helpdesk support (Mon-Fri 9-5) and application updates. There are additional charges for training services, implementation project management, go-live planning, customisation, API development, creation of MIS reports and out of hours support all subject to the operation and function required by the service provider's business.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The end user/customer app is phone/tablet based. The service provider element can be desktop or tablet/phone based. There are two parts to the service.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
|Accessibility testing||The end user app has been specially designed to meet accessibility needs and act as an assistive technology. It has been tested by RNIB and received the highest test score. It has been piloted in the city of Coventry with users with multiple disabilities and has met user requirements for accessibility|
|What users can and can't do using the API||
The API is to the application database which permits: reports on requests to be generated, export of request and customer service event data, integration and linkage of assistance requests with other application services, such as tickets for events/travel.
The API is intended for our development team to enable interfaces. It is not a user API.
|API sandbox or test environment||Yes|
|Description of customisation||The system can present service providers branding similar to what is known as "white labelling". The customisation needs to be performed by our developers.|
|Independence of resources||By monitoring processing capacity used for the service and periodically reviewing peak loading and spare capacity. To date loading has not exceeded 10% of the available processing capacity. Additional capacity can be configured at less than 1 days notice.|
|Service usage metrics||Yes|
Customer site browse event volumes by period
Customer request volumes by period
Breakdown of browse and request volumes by site by period
Total requests made
Total requests accepted
Requests made and accepted broken down by site
Other metrics can be provided subject to the service provider requrement
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
The data relevant to service providers is customer request history. This data can be exported through an MIS report using SQL through our API or put into a data file and communicated in a "batch" fashion.
End-users do not export data - it is in the app on their device.
|Data export formats||
|Other data export formats||Data cubes formats to be agreed with the service provider|
|Data import formats||Other|
|Other data import formats||Not applicable to this service|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
We guarantee availability of the central service for service providers, but not the end user communications link or device as that is sourced and under their control. The central service availability is 99.8% between 0600 and 2400 hours.
If the availability measure is not met within a month, a refund of a percentage of the service fee for that month can be made. The percentage would need to be agreed alongside the pricing for the particular service provider configuration.
|Approach to resilience||Available on request|
As our product is SaaS it relies on the underlying Infrastructure/Hosting service. Our service by itself cannot therefore report outages. Outages due to planned maintenance can be reported in advance by email as part of the customised setup for the Service Provider using our product.
A separate outage reporting function would need to be implemented with our Platform provider to provide such a facility. To date we are not aware of any Platform outages that have affected our service.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||The system is designed so that access to different functions is on the basis of roles, where each role provides different privileges. Adminstrative users within the Service Provider can be assigned to one or more different roles, depending on what level of access is appropriate. assist-Mi Limited has "super-user" administrative rights. Administrative rights can be tailored to suit the Service Provider organisation, including their support functions.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||Assist-Mi Limited has a security policy which is overseen by a Board Director who is responsible for security and is managed day to day by a Security Officer. The policy is reviewed on an annual basis and is reconfirmed by the Board each year. The security policy adopts principles from ISO27001.|
|Information security policies and processes||The Board Director responsible for security ensures thepolicy is communicated to staff. The Security Officer provides the policy to staff and administers the security procedures. The Security Officer reports to the Board Director. All staff are inducted and trained on the Security Policy and procedures when they join the business. Any breach of security is documented by the Security Officer, reported by the Security Officer to the Board Director. The Board Director and Security Officer jointly decide if additional investigation is required into the incident and what additional resources or independent investigation may be required. They jointly decide whether to implement new procedures, additional countermeasures and mitigations or revise the security policy.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Our system and its components are tracked through formal version control supported by a software version management tool which is also used to control releases.
Each new release has formal integration testing and security testing before release into the live environment. The end-user app is separately tested by Apple and Google before publication on iTunes and Google Play - this includes security testing.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||The ISO 9001 accredited company system of our software development partner manages vulnerabilities. Our standard project management approach includes managing and mitigating risk within the design and development approach to the product.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||The ISO 9001 accredited company system of our software development partner manages protective monitoring. Our standard project management approach includes implementing protective monitoring within the design and development approach to the product.|
|Incident management type||Supplier-defined controls|
|Incident management approach||The ISO 9001 accredited company system of our software development partner manages how incidents are addressed. Our standard project management approach includes managing and mitigating incidentswithin the design and development approach to the product. Our hosting service provider typically manages Denial of Service attempts (can be several an hour) by external parties attempting to gain access to the system via remote login. In practice, the hosting provideris continually blocking such DOS as part of its standard service without additional incident reporting.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£1000 to £2000 per licence per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
The end-user app is free and also has a test site.
We will provide a free trial option for a limited period of time so service providers can understand the solution, but this would not operate with live end-users. The typical trial period for the service provider is one month.
|Link to free trial||http://www.assist-mi.com/|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|