Case management system covering social care, early help, early years and education
- Browser-based case management system covering Early Years, Education Management.
- Browser-based case management system covering Children's social care.
- Browser-based case management system covering Adult social care.
- Data warehouse to enable business intelligence.
- Finance modules to enable financial assessment, charging, payments.
- Citizen engagement portals.
- Integration between modules ensures information flows effectively
- Effective integration reduces duplication and saves practitioner time
- Compliant with all relevant UK legislation.
£800 to £900 per user per year
SystemC Healthcare Limited
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Services are available to extend the functionality of existing services (so an existing user of Liquidlogic LCS might wish to implement and integrate the EYES Education Management solution, for example).|
|Cloud deployment model||Private cloud|
|Service constraints||For all web based Liquidlogic applications, the client uses currently supported versions of Chrome or Microsoft IE . We would recommend the system requirements as specified below.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Standard Service Desk support hours are 0900 - 1730 hours Monday to Friday, excluding Bank Holidays. We operate to a range of Service Levels for responding to faults/incidents, which differ depending on the component/module of the solution in question.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Liquidlogic provides support via the Liquidlogic helpdesk (including the JIRA™ online call logging system). We have a priority based service, the details of which depend on the component/module in question, to ensure that the response and resolution is aligned with the severity of the problem.
We offer a standard support service (with tailored SLAs depending on the component/module) for each product. This way we know that all customers receive a standardised support service.
We provide an account manager (and in some cases a service delivery manager and/or a clinical specialist) who has access to technical, cloud, or other support resource as required.
On-site support is not usually needed, but may be chargeable if required.
|Support available to third parties||No|
Onboarding and offboarding
Liquidlogic will work closely with the customer’s service teams and/ or third party suppliers to implement the solution. Full project plans and PID documentation is provided. We provide on-site training (train the trainer) use documentation relevant to the solution being implemented including eLearning packages.
We deploy a team of implementation specialists which will include the following roles:
- Program/Project Manager/s
- Product specialists
- Data migration specialists
- Integration specialists
- Reporting/BI specialists
- Training specialists
- Change management specialists.
|End-of-contract data extraction||Data extracts can be written by the customer or by Liquidlogic (at additional cost).|
Liquidlogic works with the customer to produce a high level Exit Strategy document and Exit Plan which details the methodology for data / service transition from the system. This will be actioned at the end of the contract. These documents would be expected to include:
• The management structure to be employed at contract end.
• Detailed description of both the data and service Transfer/Termination processes
• Scope of the Services to be provided at contract end
• Any Charges payable for the provision of Termination Service
Liquidlogic's standard approach towards the extraction of data at the end of the contract is to ensure that the customer has the tools and access to the data such that the customer has the capability of extracting its own data without automatic recourse to Liquidlogic. We will provide support to the customer in performing any such extraction activities, and if required we will be happy to provide services to more actively assist the customer in undertaking these tasks. This would be at additional cost and a quote for this would be provided by Liquidlogic.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The whole solution can be accessed online via mobile devices. Offline apps are available which provide a specific set of features to support offline practitioners.|
|Accessibility standards||WCAG 2.0 A|
|Accessibility testing||End users have provided feedback regarding their usage of the system with their preferred accessibility software. This feedback has been used to further enhance the solution.|
|What users can and can't do using the API||Liquidlogic provides a suite of APIs to carry out the most common functions required for integration with third party systems. Each API is backed by a detailed specification.|
|API documentation formats||
|API sandbox or test environment||No|
|Description of customisation||Through configuration tools, including Customer-defined workflow builder.|
|Independence of resources||Services are based on flexible and scalable server designs layered onto virtualization technologies. Allows horizontal scaling and vertical scaling to be implemented as required. All services are built from multiple servers so appropriate levels of scaling can be applied to specific areas to ensure application performance is maintained. The majority services delivered are from logically separate servers per customer ensuring no impact between competing needs of different customers. Where applications are multi tenanted, multiple design features prevent the impact of one user population upon another and we monitor all services proactively to anticipate and prevent problems before they occur.|
|Service usage metrics||Yes|
The service metrics used will depend upon the component/module purchased. Typically however they will include:-
- System / service availability (uptime)
- System / service incident response & resolution times
- System / service performance
- RPO / RTO timings for disaster recovery
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||We will prepare the data for take-off, and if required, as an Additional Service, export data from the System to external data files. We will provide support to the customer in performing any such extraction activities, and if required we will be happy to provide services to more actively assist with undertaking these tasks. This would be at additional cost and a quote based on scope of service for this would be provided by Liquidlogic.|
|Data export formats||
|Other data export formats||XML|
|Data import formats||
|Other data import formats||XML|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Please see the Terms and Conditions document for the Service Level Availability criteria and Service Credit information should the guaranteed availability levels not be met.
|Approach to resilience||Available on request.|
|Outage reporting||All outages are recorded as part of the incident management process and should a problem be detected then the service desk will inform the customer as required.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Access restrictions are controlled by the customer via RBAC/AD facilities. All roles have granular permissions management to enable precise control over permissions. Two-factor authentication as an option.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Lloyd's Register Quality Assurance Ltd|
|ISO/IEC 27001 accreditation date||08/12/1999|
|What the ISO/IEC 27001 doesn’t cover||All areas of the business are covered|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||
• IG Toolkit assessment (current compliance V13 2015/16).
• NHS IM&T Security Manual
• NHS Confidentiality Code of Practice November 2003;
• Caldicott Principles as defined in the Caldicott Manual).
• DoH Records Management NHS Code of Practice 2006.
• Data Protection Registration
|Information security policies and processes||
Liquidlogic adopts a proactive approach to Quality and Security Management consistent with the broad principles of ISO/IEC27001 series, ISO9001 ITIL and industry leading practices. Liquidlogic proactively identifies the industry and customer related legal and/or regulatory security requirements and incorporates these into the Integrated Management System Information Security Management System. Compliance is monitored by external and internal audits, security monitoring and process reviews. All personnel, whether employees, contractors, consultants or visitors, are required to comply with the Quality and Security guidelines, procedures and mechanisms and to confirm compliance annually to ensure that the Security guidelines, procedures and mechanisms are observed in the performance of the company's activities
Liquidlogic has a Information Governance and Compliance Manager who reports to the company at Board level.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Configuration and Change Management processes are managed in line with ISO27001, using the JIRA IT Service Management tool. The configuration and Change Management area of JIRA is visible to our customers, allowing them to see raised Requests For Change (RFCs) and track their progress. As part of the approvals process, a Risk Assessment is performed to reduce the likelihood of a potential security impact.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||We subscribe to multiple vendor , supplier and government ( NHS Digital CareCERT) security advisory emails and all advisories are assessed for risk and applicability to our technology and services and remedial action as required is scheduled accordingly based on this assessment. Routine patches are typically applied quarterly with any deemed higher risk applied out of normal cycles as required based on the risk assessment.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||We proactively monitor server and firewall activities for any unusual or unexpected activities that may indicate a potential attempt to breach the service. Should any such attempt be identified then appropriate remedial action will be taken in line with the assessment of the risk , typically this will include blocking source IP addresses as well as reporting to UK authorities.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
Users report incidents using the ITIL3 aligned ITSM, JIRA. The Service Desk has full online capabilities for raising, recording and monitoring issues including real time SLA management.
We have pre-defined processes in cases such as System Down situations which trigger internal business alerts to ensure the correct teams are on hand from the start.
Users can view the progress of any issue online with real time updates and create filters and dashboards of information recorded in the system and export data when required. Reports can also be provided to the customer on a monthly basis.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||New NHS Network (N3)|
|Price||£800 to £900 per user per year|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|