Start taking bookings online
Create a custom online booking page, benefit from automated SMS, Email & Voice reminders, and reduce appointment no-shows by up to 90%.
Highest security levels: Our standard
We follow the Principle of Least Privilege (PoLP). Only our Customer Support Staff have access to your account data, simply to perform their role in managing your requests. This access is logged and audited. No client data can be accessed by other members of staff. Every Sign In Scheduling employee has completed mandatory data compliance and is required to sign a Data Protection Agreement (DPA) when joining us. Data protection training is performed annually.
Control who handles data with user permissions
With Sign In Scheduling, you can assign different permission levels to each user so that employees can only access and change what they’re allowed to. You can also use your SSO Identity Provider (IdP) to securely authenticate the users on your account. We can use metadata from your IdP to grant permissions and access controls within Sign In Scheduling. This means that employees don’t need to remember certain passwords, and you can onboard and offboard staff members centrally. All passwords are stored encrypted and salted, and never in plain text, securing and protecting passwords stored for future authentication.
GDPR
Sign In Scheduling complies with the EU and UK General Data Protection Regulations.
HIPAA
Our tools can help your organization comply with regulations such as HIPAA.
CCPA
Our software is fully compliant with the California Consumer Privacy Act.
PCI DSS
We maintain a secure payment processing environment and comply with the Payment Card Industry Data Security Standards.
DSP Toolkit
We are listed on the NHS Data Security and Protection Toolkit under code 8KL47.
ISO 27001
Sign In Scheduling has been certified by BSI to meet the International Information Security Standards and is registered under IS 705787.
Vulnerability scanning & penetration testing
Sign In Scheduling is built to be secure from its foundations up and is continually tested. Our systems are subjected to automated vulnerability scanning on a weekly basis, and major items identified during these scans are acted upon immediately. Our systems also undergo manual penetration testing annually by CREST Certified penetration test experts. We’re happy to send you our Security Whitepaper and more information upon request.
AWS Hosting
Our services are hosted in Amazon’s Secure Data Centers across multiple availability zones with warm-standbys to provide emergency backup systems. Backups are automated, isolated, and encrypted. Amazon’s data center operations have been accredited under ISO 27001, SOC 1, and SOC.
Third Parties
Sign In Scheduling uses some third parties to provide certain services such as sending emails, SMS, and voice calls, as well as synchronizing calendars. All data in transit is encrypted. We audit all data that is shared with third parties annually, and we have GDPR Compliant Data Processing Agreements in place with all of them.
Highest level of encryption
All data is encrypted using the industry-standard AES-256 algorithm provided by Amazon’s RDS systems. Sign In Scheduling can only be accessed over HTTPS, with automatic HTTP redirects in place. 10to8’s HTTPS certificate is RSA 2048 bits (SHA256withRSA), and supports TLS 1.2. Find out how our enterprise scheduling system will fit into your organization. Book a discovery call today.
Contingency planning & disaster recovery
You can rest assured that we have Business Contingency Plans in place to restore Sign In Scheduling systems in case of catastrophic failures. Tested and audited regularly, these include Data Center failures, Database failures and Server failures. Our systems are robust and reliable; Our server uptime is 99.95%.
