Visionable Ltd

Visionable Video Conferencing Healthcare

The Visionable Healthcare Platform is a multi-application video collaboration and communication platform. Providing core tools for NHS new care models, by enabling next generation services.

Supporting patient-consultations, Telemedicine & MDT applications. Secured with 256-bit encryption and advanced features for clinical applications as well as back office collaboration and Board management.

Features

• Native resolution data image quality
• Unlimited participants
• Unlimited data shares
• Patented multi-stream technology goes beyond the limits of video conferencing
• Easily Scalable
• Multiple Camera inputs for 360 degrees views
• Connected external devices such as diagnostic imaging workstations
• Presence, chat, record, desktop and app share
• Moderator controls
• Works on Windows, Mac, IOS and Android

Benefits

• Immediate access to expertise
• Accelerate decision making in critical situations
• Single platform for consultations, telemedicine, board meetings and education lectures
• Works over standard internet protocols reduces need for specialist support
• Re-use existing hardware and does not require expensive hardware infrastructure
• Reduce travel costs & increase productivity
• Reduce costs by sharing resources with virtual services
• Reduce physical space, clinic and witness rooms
• Can be embedded into existing platforms
• Virtual working connecting to all relevant parties simultaneously

£3.12 a person a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

878708745260905

Contact

Ashley Thornley-Davies
+44 (0) 2033 320074
ashley@visionable.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
• Service constraints: None
• System requirements:
  • Requires Windows7+, or MAC OSX 10.9+
  • High Speed Internet connection
  • One or more USB, PTZ or builtin camera upto HD-Resolutions
  • High Quality Audio Device
  • IOS: Requires IOS 9 or later
  • Compatible with iphone 4s and + and ipad2 and +
  • Audio and Video are allowed WFI/3G/4G/5G
  • Android: Requires Android OS4 or later and supports ARM V7

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is within 4 working hours Monday to Friday or as agreed in a Service Level Agreement. At the weekend Users are still able to submit email tickets and although support is not guaranteed, it is provided on a best endeavours basis with higher priority tickets taking precedence over those that have are less critical.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We have tested against the standards and can meet and can self-certify that we have achieved the levels required. We also take on customer feedback and ensure that any improvements that could be made are built into software.
• Onsite support: Yes, at extra cost
• Support levels: Visionable Support Staff are categorised as described below: “Level 1 Support Staff” – Visionable technicians who act as liaisons between Visionable and the Authorised Customer Contacts to resolve Errors. Upon receiving a Support Request, Level 1 Support Staff will classify and log the support request. Thereafter, Level 1 Support Staff will work toward resolving issues relating to: Sound settings, including echo cancellation problems; desktop and room video settings; room display settings; node configuration settings; or operational questions not covered in an ACC Training Session. Level 1 Support Staff provide technical support and assistance by email, Visionable and telephone to Authorised Customer Contacts. If an Error will be solved through a future software upgrade, dynamic update package, or documentation change, the Level 1 Support Staff will use commercially reasonable efforts to advise Authorised Customer Contact on how to bypass the Error. “Level 2 Support Staff” – senior technical specialists, technical product management, and Research and Development personnel employed by Visionable. “Level 3 Support Staff” – Visionable’s Chief Technology Officer and his/her direct reports. We offer a full account management service to our customers covering future service developments, risk management and performance against the agreed standards.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Single users can access our online support portal for getting started, documents and videos plus more in-depth support materials. Organisations can purchase training packages by the hour which includes online and onsite training options. Our maintenance agreement stipulates any sales bundle sales includes 4 authorised contacts (ACCs).
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All user records are indexed by email address and can be deleted by purging files and database entries. We comply with GDPR mandates and requirements as per current legislation.
• End-of-contract process: If the customer decides they do not wish to renew their subscription, the software will cease to work and they will be provided with instructions to remove software from the designated PC. All the user data will be purged by email address.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile devices, including MDTS, can only send and receive one video at a time.
• Service interface: Yes
• Description of service interface: The Visionable application is available via a commonly used mediums, namely smartphone (IOS/Android), tablet, laptop and PC (please see system and browser requirements). The application has a small footprint and has been designed with a combination of features that provide an intuitive interface and enable users ease of access to our solutions.
• Accessibility standards: None or don’t know
• Description of accessibility: Non-text-context is presented to the user in a text alternative, except as listed below: Controls/Input: A name is provided that describes its purpose. Time-Based Media: Text alternatives provide descriptions. Test: Text alternatives provide a descriptions. Sensory: Text alternatives provide descriptions. CAPTCHA: If the purpose is to confirm that content is being accessed by a person not a computer, then text alternatives describe the purpose of content, and alternative forms of CAPTCHA using output modes for different types of sensory perception and disabilities. Decoration, Formatting, Invisible: It is implemented in a way that it can be ignored by assertive technology.
• Accessibility testing: We have not tested our solution widely however we take on customer feedback and make accessibility changes as they are identified.
• API: Yes
• What users can and can't do using the API: Visionable has a complete set of server and client side APIs that allow managing user accounts, meetings, and complete control and customisation of user interface. Sandbox test environment can be easily deployed as needed.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The application is completely customisable on many levels. Basic customisation and branding is available by uploading logos and specifying colours on the server. Complete customisation and white label options are also available.

Scaling

• Independence of resources: Multiple Visionable servers are deployed as a Cloud of nodes that can be monitored and scaled for demand. Any additional demand is addressed by increasing capacity. We scale server (nodes) and band-with as demand increases with no impact to users.

Analytics

• Service usage metrics: Yes
• Metrics types: Accounts managers can generate usage reports.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Account managers and customer administrators can generate usage reports by email address.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The service credits are is passed to you that we obtain from the hosting service provider. The service credits are calculated from the time and date they are escalated to the hosting provider. AWS details are at https://aws.amazon.com/compute/sla/, and provide for a 10% credit for less than 99.0%-99.99%, and 30% for less than 99.0%. Our other key hosting provider provides the same levels of service. In addition we have quality assurance processes in respect User Acceptance Testing to ensure the performance of our testing and once in the live environment the system is regularly monitored to ensure that the system remains at its optimal performance.
• Approach to resilience: Highly availability fault tolerant database with federated servers distributed across multiple datacentres.
• Outage reporting: Each server has a status page that can be monitored with network monitoring software and email alerts can be generated. The Email alerts are sent to named customer support contacts or generic email address. Phone call to customer support contact or helpdesk. Our Support desk pro-actively contact customers to highlight any high priority. We discuss impact and resolution or any preventative action already taken by our Infrastructure team.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: User name and password
• Access restrictions in management interfaces and support channels: User name, password and user access level. We adhere to a standard methodology and hierarchical structure ranging from Support User with limited access only dealing with what is available to them, to administrators who are senior engineers.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: User name and password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DRS J Sehgal RE IDirector, EY Certypoint
• ISO/IEC 27001 accreditation date: 27/03/2020
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: Via hosting provider
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: Visionable uses AWS http://aws.amazon.com/compliance/CSA per the CSA definitions. Out third party audits for SOC and ISO: CSA Star rating Level 2 Attestation is based on SOC 2 which can be requested with AWS Artifact. The SOC 2 report audit attests that AWS has been validated by a third party auditor to confirm that AWS Control Objectives are designed and operating effectively.
• PCI certification: Yes
• Who accredited the PCI DSS certification: QSA - report available on request
• PCI DSS accreditation date: 03/01/2018
• What the PCI DSS doesn’t cover: Visionable uses https://stripe.com/docs/security/stripe. Stripe has been audited by a PCI certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, they make use of best in class security tools and practices to maintain a level of security at Stripe.
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Visionable have Cyber Essentials plus our Certification should be completed in August 2020 for ISO27001 and our security policies are stringent. In addition our servers are hosted by AWS and they comply with ISO27001, SOC1-3 and additional standards. Visionable have established a number of committees that support and control the implementation of the Management System. These include: 1)Operational Committee Meetings that are held monthly with heads of departments. The Committee will consider KPIS along with business decisions, security, policies, financials, revenue and investments 2) Weekly meetings with Heads of Departments in technology and the COO and 3) Change Control Committee which considers control of the product, quality and release.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Typically large organisations, such as the NHS, have their own change management boards and processes. Any users request for a Visionable change is submitted via a change request form that is sent to the board for approval. This includes type of change, impact on business and timeframe. The impact on service and security is reviewed and any issues would be referred back to the Board with alternative proposals and solutions. The board will approve the change request and allocate time for the change to us.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Penetration Testing Tools, internal testing, general security audits. OS security patches are automatically applied nightly and vulnerability reporting databases like cert.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Each server has a status page that monitors its health and can be monitored its health and can be monitored with network monitoring software to generate alerts.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have predefined process. Support and software can be reported via telephone and via the ticketing system. Incident reports are provided by email.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Joint Academic Network (JANET)

Pricing

• Price: £3.12 a person a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: One month full trial of the software
• Link to free trial: https://cloud.visionable.com/signup/gcloud

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF