Saadian Technologies UK Limited

Mhub

Mhub is an information sharing service that has been developed to enhance the processes within Multi Agency Safeguarding Hubs (MASH). It is designed around MASH principles; Information Sharing, Joint Decision Making, Co-ordinated Intervention. Mhub is offered as OFFICIAL or OFFICIAL SENSITIVE SaaS or in a private cloud based on IaaS.

Features

  • Ability to use and view across multiple agencies within MASH
  • Developed around the common principles of MASH
  • Full audit trail of all actions, outcomes and decisions
  • Notifications sent directly to agency partners
  • Shared team calendar for appointments and meetings
  • Incident reporting
  • Automated reminders for information submission
  • Hosted on private cloud, Official and Official Sensitive environments
  • Configurable implementation process
  • Detailed management information collected as part of operations

Benefits

  • Single view of an incident or concern across the team
  • Information sharing -better sharing between partners enables better safeguarding
  • Joint decision making -more informed decisions
  • Co-ordinated intervention -better, stronger information sharing leads to earlier intervention
  • View incidents or concerns by status or threshold
  • Secure partner communication
  • Co-ordinated meetings and events with a team shared calendar
  • Highly configurable user interface
  • Critical reporting on key trends around case types etc.

Pricing

£6000 per server per year

Service documents

G-Cloud 9

193663734984083

Saadian Technologies UK Limited

Jennie Jablonski/Joe Hussey/Cliodhna McGuirk

020 73978502

sales@saadian.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints No
System requirements
  • The system requirements are closely linked to your business requirements
  • We work with you to understand your business requirements
  • We then recommend appropriate computing resources to ensure accessibility/scale/performance

User support

User support
Email or online ticketing support Email or online ticketing
Support response times High Severity- service outage- 1 hour
Medium Severity- partial outage- 4 hours
Low Severity- minor request- 5 days
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels High  - Our highest Service Level response is reserved for complete Service Outage.
It is expected that the reporter will communicate directly via Email or
Telephone for this type of outage. Our service desk will respond within 1
hour and provide subsequent updates every 1 hour (if required). The
escalation level is immediate and the target fix is as soon as possible

Medium - Our second highest Service Level response is reserved for partial outages or interruptions. It is expected that reporter will communicate directly via Email or Telephone for this type of outage. Our service desk will respond
within 4 hours and provide subsequent updates every 4 hours (if required).
The escalation level is after the initial target fix time and the target fix is
within 8 hours.

Low - Our third Service Level response covers enquiries, minor issues and change requests. It is expected that the reporter will communicate directly via Email for this type of issue. Our service desk will respond within 5 days (if
required) the target fix date will be the next schedule release for agreed
upon change requests).
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started As part of the on-boarding process we would propose an implementation plan that sets out our approach to platform configuration, deployment and accreditation (if needed). This will be provided under Our Cloud Support Services (Mhub Consultancy)
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats MS Word
End-of-contract data extraction One of the our key principles is that you maintain ownership and control of your data. This means that we make it easy to return your data to you in a format that can easily be re-used. On termination, we will provide you with an extract of your data in CSV or XML format.
End-of-contract process When customers are off-boarding with us, we would agree a format for the return of your data with you. We will then decommission the service and securely delete all data held by us (if we are managing the service for you).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The software service has been designed to be responsive to device type so the mobile service functions in the same way as the desktop service with the primary difference being screen layout.
Accessibility standards None or don’t know
Description of accessibility We provide a number of the WCAG 2.0 AA and WCAG 2.0 AAA requirements but not yet all of them
In summary, we provide text alternatives for non-text content, alternatives for video, presentation does not rely solely on colour, keyboard users are not trapped, clear keyboard focus, consistent use of menus, icons and images, detailed help and instructions is provided and the application has a logical order with clear headings
Accessibility testing None
API No
Customisation available Yes
Description of customisation Buyers can configure:
- The geographic areas of interests
- The organisations that are part of the MASH
- The types of concerns that are managed as part of the MASH
- The thresholds for different case types

Scaling

Scaling
Independence of resources The service is configured to use load balancing and clustering techniques to ensure that demand upon the service is spread evenly over computing resources and to reduce the impact upon the users

As part of the onboarding process Saadian will work with the buyer to fully understand their usage expectations to ensure that the required resources are available as the service usage grows

Analytics

Analytics
Service usage metrics Yes
Metrics types We provide a range of service metrics such as:
- Application logins ( e.g. frequency, role etc.)
- Case load
- Performance (number of overdue cases etc.)
- Notifications
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Access to Data is strictly controlled by the Saadian Information Security management system. Policies and processes are in place to ensure that only those with a valid need to access data are allowed and technically able to do so
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The service has functionality built in that will allow users to export data
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • MS Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Other
Other protection between networks Data in transit is encrypted. Network connectivity between the buyers network and Saadian services is configured based on the buyers security requirements e.g. private network or public sector network.
A full CHECK compliant ITSHC is commissioned to ensure security of the connection
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Saadian operate an Information Security Management system (including an administrative user Syops) that strictly limits who can access the data
ITSHC are conducted on the service at regular intervals to identify any potential security risks

Availability and resilience

Availability and resilience
Guaranteed availability We can agree availability levels for the service with you - this determines
when the service must be available and limits unplanned downtime (but allows for planned maintenance windows).
Availability is closely linked to infrastructure configuration because we
need to make sure the right infrastructure is in place to support the
expected levels of availability.
Approach to resilience Load Balancing The service is accessed through a load balancer that direct traffic to available nodes. This ensures a consistent level of response and single points of failure
Application Monitoring: Application monitoring is configured for all servers and nodes to monitor the performance of physical servers and their specific applications and services. This helps Saadian understand and address problems before they cause full disruption
Clustering: Service Nodes work in clusters that share customer states and information in real time. This allows the service to fail over to another cluster if there is a disruption
Disaster Recovery: DR environments and plans can be put in place in accordance with customer needs to ensure that the service can be recovered in the case of a disaster
Outage reporting Application monitoring tools can be configured to send regular reports and automatic notifications of outages or disruptions

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access to management and support interfaces is controlled by a strict role based access policy. The service is developed in accordance with our ISO27001 compliant Access control Policy
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations CHECK Penetration Tested

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Saadian understands that Information security is not only a technical issue, but a business and governance challenge also. As such the security of information and other critical organisational resources is treated as a priority throughout the company.

Saadian have an executive appointed Information Security Manager and an Information Security Management system with policies that extend beyond the technical aspects to include critical business processes.

Executive Management is invested in Information security and receive reports on security performance and breaches
Information security policies and processes Saadian understands that Information security is not only a technical issue, but a business and governance challenge also. As such the security of information and other critical organisational resources is treated as a priority throughout the company.

Saadian have an executive appointed Information Security Manager and an Information Security Management system with policies that extend beyond the technical aspects to include critical business processes.

Executive Management is invested in Information security and receive reports on security performance and breaches

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Saadian configuration and change Management processes are based upon ITIL best practices and consists of a set of documents, processes and routines that form part of Saadian IT Service Management
Vulnerability management type Undisclosed
Vulnerability management approach N/a
Protective monitoring type Supplier-defined controls
Protective monitoring approach Protective Monitoring is supplied by a third party to GPG 13 standard
Incident management type Supplier-defined controls
Incident management approach The Saadian Incident Management process is based upon ITIL best practices and consists of a set of documents, processes and routines that form part of Saadian IT Service Management

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)

Pricing

Pricing
Price £6000 per server per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑