Home Connections

Housing Needs Software - Online Registration, Options, Homelessness and Choice Based Lettings

Non profit company providing bespoke social housing SaaS including housing registers, choice based lettings (CBL), direct lettings, integrated mutual exchange, accessible housing registers, options, homelessness and homeless reduction, temporary accommodation, Homefinder UK, Section 5 referrals and smartphone apps. Built-in workflow, e-communications, CRM, fraud detection and document management.


  • Intelligent web based housing needs software platform
  • Modern, accessible, user-controlled website based on responsive design
  • Homefinder UK national mobility service - an add-on or integrated
  • Full communications - email, text, web, letter, phone, web chat
  • Ready made and configurable templates
  • Configurable reports, workflow, controls, settings and comprehensive auditing
  • Document management for customer and staff
  • Inbuilt reports plus business intelligence dashboard and data mart
  • Customer relationship management
  • Integrated Fraud detection software


  • Efficient and low cost housing needs software
  • Software tailored to local needs and configurable by users
  • Customer self-service options generates cash savings for the business
  • Do-it-yourself controls helps the organisation save on software costs
  • Rapid and frequent software development and deployment
  • Integration to third party housing management systems
  • Homefinder UK savings on temporary accommodation costs
  • Mobile platforms facilitate channel shift
  • Flexibility for business customers to repurpose platform
  • Automatic free upgrades to latest version


£420 to £2075 per licence per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

9 4 3 7 1 7 3 3 4 8 2 5 2 3 4


Home Connections

Ninesh Muthiah

07984 884 343


Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
  • Service hosted in Home Connections private cloud
  • Accessible by any standard office device

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response within 15 minutes during working week hours
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Tested with disabled applicants
Onsite support
Onsite support
Support levels
Home Connections will provide an account manager to cover business and technical issues for onsite meetings and online support as part of the overall support fee. All tickets are prioritised and dealt with according to the published and agreed service level agreement with each customer. Home Connections technical staff will also support and liaise with third party providers, where required, to resolve issues. Agreed KPIs are monitored and reviewed regularly.
Support available to third parties

Onboarding and offboarding

Getting started
Comprehensive onsite end-user training or train the trainer course at each customer location is provided at start-up. Comprehensive user manuals are provided for every component of the system. Web-ex and remote training is also available together with video user training guides.
Service documentation
Documentation formats
End-of-contract data extraction
A data extraction or removal plan is set in place at the start of each project and users can extract via our standard data extraction processes.
End-of-contract process
Extraction of customer data via standard methods is included as part of the contract. Holding data in Home Connections systems after the end of the contract will be chargeable at standard rates.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
No significant differences.
Service interface
Description of service interface
The service interface is a web browser and does not need any installation. It has been tested on all common browsers, including mobile, with no significant differences
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Tested with disabled and autistic applicants
What users can and can't do using the API
API allows setup of applicant data and property loads and the update of property and applicant profiles and statuses; access property advert information and obtain information about end-user progress through a business process.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
There is a significant degree of customer ability available to the client on all Home Connections services. The following are a few examples of the areas of customisation: Content and themes on websites and e-forms can be edited, created and customised. The configuration settings for advertising, shortlisting and letting can be customised. Status workflows and reporting can be customised.


Independence of resources
Home Connections maintains a virtualised platform which allows us to add server and processing capacity as required. Our data centre allows instant scalability of internet bandwidth.


Service usage metrics
Metrics types
Service uptime, system responsiveness, system load, ticket response times, KPI performance.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported into Home Connections via a web service, XML data interface based on a structured XML schema or via a documented CSV interface.

Data can be exported from Home Connections via daily batch updates or real-time webservices.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Our internal network is protected by ACL rules and access to this network is limited to an IPsec VPN with limited privileged user accounts.

Availability and resilience

Guaranteed availability
Service availability is set at 99.99% and monitored on a daily basis. Planned maintenance occurs outside of working hours after notice has been served. Where guaranteed availability levels are not met users are compensated according to proportionate levels of support fee as agreed in the contract.
Approach to resilience
Information available on request and is part of the Business Continuity Plan.
Outage reporting
Instant updates to customers via email alerts and a public dashboard with further regular status updates as required. Follow up phone conversations with customer account managers will be arranged as required.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access to management interfaces is restricted to limited known personnel with strict enforcement of credential updates. Service system access is defined by superusers and managed by a detailed matrix of defined roles and privileges.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • ISO 9001 to cover Quality Assurance
  • ISO27001 Audit May 2017; Accreditation in June 2017

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Home Connections follows the security policies and procedures set out in ISO 27001.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes to information systems, software and resources are managed according to a formal change control process ensuring review, test and release in a controlled manner and through life cycle. Changes are risk assessed against potential security impact. Configuration and change approval is documented and audited. Software changes are managed through version control. Users affected by significant change are informed and SLAs updated accordingly. Established procedures are in place for recovering from unsuccessful change.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scans are run on a regular basis via third party vendors and our internal teams to identify and log all potential threats with detailed reports for management review and action. High scoring vulnerability areas are targeted for improvement in order to continuously reduce the surface area for attack. Patches, updates and fixes can be applied rapidly in line with agile and continuous release processes because of our total control or ownership of all aspects of our information infrastructure and ecosystems.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Software monitoring tools enable continuous and protective monitoring of infrastructure environment and our software ecosystem. Based on accurate auditing logs, regular alerts of potential unauthorised traffic, monitoring of network infrastructure status changes, monitoring of internal activity, temporary connections, session user activity, backup status and critical events management reports are produced regularly to assess and intervene to mitigate newly identified risk areas. Continuous daily monitoring ensures rapid identification and response to risk and incidents.
Incident management type
Supplier-defined controls
Incident management approach
Our predefined incident management process is described in the BCP. End users are offered multiple channels to report incidents - via phone, mail, text etc. The service desk identifies, prioritises and engages in remedial action and escalates as required. Continuous monitoring generates regular reports and instant alerts. A full incident report after major incidents details the history, symptoms, service desk response, workarounds, longer-term fixes and service upgrade plans.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£420 to £2075 per licence per month
Discount for educational organisations
Free trial available
Description of free trial
One month trial period is available on request via a trial system to cover key aspects of functionality of selected popular services.

Service documents

Return to top ↑