Azeus UK Limited

AzeusCare Case Management System

AzeusCare is a highly flexible person and family-centric, birth-to-grave case management application suite. Designed for use in local authorities, CCGs and third-sector organisations it supports case recording, provisioning, service delivery management and finance management for children’s social care, adult social care, non-clinical health and community health services.

Features

  • Integrated Children, Adult and Family Case Management System
  • Hospice and Care Home Management
  • Integral Finance Management module for Care Act 2014 compliance
  • Remote Working in online/offline modes
  • Customer self assessment via public facing portals
  • Provider management and interaction via public-facing portal
  • Controlled partner access to records via public-facing portal
  • Integrated document management store
  • Integrated Open Source Reporting tool & real-time dashboard reporting
  • Inbuilt Statutory returns for NHS Digital and Department for Education

Benefits

  • Compliant with statutory requirements (Care Act, Children and Families Act)
  • Fully integrated modules with seamless interface
  • Intuitive and easy to use
  • Flexible and adaptive to local requirements
  • Promotes remote working in online and offline modes
  • Enables service users to access their own records
  • Encourages information sharing amongst professionals
  • Supports workforce organisation and task allocation and workflows
  • Supplies extensive reporting capabilities and output types
  • Encourages inter-systems integration with inbuilt API

Pricing

£150 per user per year

Service documents

Framework

G-Cloud 11

Service ID

4 2 0 4 6 3 7 6 9 0 3 3 1 4 5

Contact

Azeus UK Limited

Eleanor Jim

020 8004 5937

ukpresales@azeus.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
N/A
System requirements
  • Desktop/Laptop requirements:
  • 2GB RAM, dual-core 2 GHZ, 7.9 inch 1024x768 resolution
  • Windows 7/8/10 with IE11, Edge or Chrome
  • Mobile Requirements:
  • IOS 9+ iPad Pro/iPad Air, iPad Mini
  • Android 5.1+ 7.9 inch tablet 1024x768 resolution
  • Windows 10 Surface 3/Surface Pro 3 tablet
  • Other requirements:
  • PDF, MS office compatible document and spreadsheet viewer/editor
  • Any SMTP and POP3/IMAP compliant mail server

User support

Email or online ticketing support
Email or online ticketing
Support response times
Questions will be responded within 1 business day
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Each customer is assigned an Account Manager. He/she manages the ongoing contract, any amendments or additions to any aspect of it, provides general customer engagement, new product information and guidance and the provision and pricing of any new or additional business, technical, project management, user training and consultancy services as may be required by the customer. The services of the Account Manager are included gratis for each customer.

Application Support is provided via the medium of the Help Desk for the ongoing maintenance and support of the licensed application(s). Such support also covers the management of the delivery to the customer of upgrades to the application. The cost of Help Desk support is included in the application licence.

Our Standard Support includes access to the Help Desk which can be contacted via telephone or email during office hours. All issues raised will be logged in our online tracking system JIRA to which the customer also has access and which is available 24/7.

Our Enhanced Support extends our Help Desk support hours to provide 24/7 support if desired and may include onsite visits. The cost of extended support is negotiated with the Account Manager.
Support available to third parties
No

Onboarding and offboarding

Getting started
Prospective customers should contact Azeus UK to discuss their service requirements. It should be noted that we offer, in addition to cloud-based services, on-premise hosting if required.

On completion of the contract signing, a project manager will be assigned and Azeus UK will prepare the cloud-based instance or local environments according to the customer’s specifications.

For new customers, Azeus UK will provide data migration and implementation services to assist in moving from the existing system to AzeusCare with a view to enabling the customer to have complete ‘ownership’ of their new system.

The following services are offered:

1. Business Process Consultancy and System Configuration,
2. Data Migration,
3. Ad hoc Reports and Recording Templates development,
4. User training (hands-on and eLearning).

Azeus UK supplies an extensive resource library to customers which is regularly added to and maintained/updated. These resources include: 1. Release Notes, 2. Technical Set Up Guides, 3. User Guides per module, 4. Training Guides and Training Needs Analysis Templates, 5. Entity Relationship Diagrams, 6. Maintenance and Support Policies and Procedures.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
MS Word
End-of-contract data extraction
To terminate a subscription, the customer must inform Azeus UK via a written request at least ninety days in advance of the specified date for termination. Upon request for account termination by either party, all remaining payments (if any) must be cleared.

On an agreed date Azeus UK staff will generate an XML extract file containing the complete case record. (XML is an open standard format which can be easily used to facilitate data import to another system if needed.) Should there be a need for a user friendly format, we provide a tool (XSLT) to transform the XML into HTML.

Using this tool Azeus UK will dump all case data and make it available to the customer for secure download via SFTP (secure FTP). The customer will be provided with the instructions and the certificate required in downloading the output files. The customer will be given an agreed timeframe (usually 30 days) to download the output files before the records are purged.

On the agreed date, Azeus UK will then destroy the customer's data and release all resources that were allocated to the service.
End-of-contract process
Azeus UK will supply within the price of the contract a) the data dump described above and b) the most recently updated version of the documentation as follows: System Architecture Diagram, Entity Relationship Diagram, Logical Data Model, Database Size Report (i.e. number of records per table and total database size in GB), XML schema definition for archived records. At additional cost Azeus UK can provide the following services where it is expected that data from AzeusCare will be migrated to a new system: Data Quality Review, Bulk data cleansing/correction, Data Conversion in accordance with a customer defined format. At the customer's explicit request and for further negotiated cost, the time for which the system can remain online after the termination date can be extended if required.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
AzeusCare's Mobile Application provides a sub-set of functions from the Case Management Application and can be used in either online or offline mode. It is essentially a recording device with capability to synchronise data with the server. Case records can be downloaded in whole or in part, core data updated, forms and case notes completed for either persons or families. Digital signatures and photographic 'evidence' can also be captured.

In addition, the application provides for the completion of Care Act financial assessments and for the calculation logic to apply whether or not the mobile device is connected to the internet.
Service interface
Yes
Description of service interface
AzeusCare is a web-based suite of applications which sit on an Oracle database. The suite comprises a case management application, public-facing portals and an online/offline mobile application the user interface being written using Java (Java 6 server side). AzeusCare uses the Open Source JasperReports as the main embedded reporting tool alongside an in-house reporting tool developed by Azeus.
Accessibility standards
None or don’t know
Description of accessibility
The AzeusCare CMS application, as well as the public-facing portals, are accessible via web browser. They were designed and tested to comply with the WCAG 2.0 AA standards.
Accessibility testing
The AzeusCare CMS application is compliant with assistive technologies compatible with MS operating systems such as Dragon Naturally Speaking and JAWS Screen Readers.
API
Yes
What users can and can't do using the API
Our standard API enables users a) to interface AzeusCare with third-party systems (including the capability to search and retrieve basic person information as well as generating and retrieving data extracts) and b) to create and update case records via the generation of compatible electronic forms which can be completed outside of the system independently and then checked in once completed.

API access is executed via web services. Our system monitors all API transactions. This includes requiring user authentication and creating an audit log for all transactions. Furthermore, API transactions pass through our Role-Based Access Control framework to ensure that record access is restricted to authorised users.

For security reasons we do not provide APIs for:
- User account Administration
- Amending system configuration
- Merging person records or performing error correction
- Workflow record approval
- Performing bulk record updates
- Deleting any record
- Direct creation of person records (this is to avoid duplicate person records from being created)
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
AzeusCare offers significant levels of flexibility in the customisation of the applications using the in-built tools provided, all of which are under access rights to authorised administrators:
- Recording Templates: create and amend existing forms,
- Workflow Management: set up and configure workflow tasks and/or embed in recording templates,
- Rules Engine: configure rules for financial computations for RAS, financial assessments, foster carer payments etc.,
- System Parameters: configure system-wide behaviours,
- Employee, Post and Team management: set up system accounts and team structure,
- Function rights and data security: set up role-based access control,
- Financial/accounting codes: set up background codes, authorisers, budgets,
- Reports Design: design and create reports,
- Reports Management: set up reporting schedule and recipient list,
- Dashboard Reports: set up queries and access rights,
- Standard Letters: set up templates for data merging,
- Directories: populate professional, provider, carer and organisations directories,
- Reference Code Tables: populate drop-downs,
- Flags and Alerts: set up rules for generation against case records,
- Dictionary Management: manage spellchecker,
- Address Management: manage address uploads,
- Workload Management Analysis Tool: manage caseload intensity scores,

Note that local branding can be applied to portals and output types also.

Scaling

Independence of resources
Azeus hosts the AzeusCare instance for each customer on a dedicated infrastructure that is carefully designed and based on the expected number of users. By providing each customer with a dedicated set of servers and storage devices based on the computed client load, our solution guarantees that each customer is physically and logically separated from other customers, with resources exclusively reserved for each customer. Should there be an increase in demand from the current users of the system, effectively increasing the expected workload capacity required by the infrastructure, the system can be configured to be scalable vertically and horizontally.

Analytics

Service usage metrics
Yes
Metrics types
AzeusCare provides extensive service metrics enabling analysis of how and when system users interact with the applications suite. These are presented in an on-screen audit facility (with multiple filter and drill-down options) from which detailed reports can be derived. This complies with Data Protection Act requirements. Reporting on case records can be executed via the embedded JasperReports tool and the proprietary query tool, powered by Saiku, which provides real-time dashboard reporting. Note that all field-level data in locally-created recording templates can be captured by reporting tools.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
AzeusCare provides a) a standard function for extracting all case data for a single case record into a XML output file and b) a PDF output of the same for subject access request purposes. Should there be a need for a user-friendly format, we provide a tool (XSLT) to transform the XML into HTML.

For data on case load and performance, the system provides output reports in PDF and XLS formats. We also provide an ad hoc query tool for user-defined queries and extract data into CSV or XML format.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • PDF
  • XLS
Data import formats
  • CSV
  • Other
Other data import formats
XML

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The guaranteed system availability is 99%. Where the annual uptime percentage drops below 99% within a total Service Year (i.e., the preceding 365 days from the date of an SLA claim), the customer is eligible to receive a service credit equal to 0.5% of the annual service charge for each percentage below the committed availability. Note the annual service charge does not include ad hoc or pre-paid consultancy, training or project management service types.

No credits are offered if a customer is in arrears with payments or has insufficient balance to continue using Azeus cloud services during the qualifying claimed credit period for at least 10 calendar days.

The maximum total credit for the yearly billing period, including all guarantees, will not exceed 5% of the customer’s total chargeable fee for the eligible credit period (i.e. yearly billing cycle in which the most recent unavailable event included in the SLA claim occurred) nor can a credit amount in excess of 5% be carried over and applied to future fees.

The Account Manager service provides the means through which a claim can be made, account management meetings occurring quarterly.
Approach to resilience
Azeus UK implements a comprehensive backup strategy that keeps redundant backups of system data and its configuration. Backups are scheduled daily to ensure availability of data and will typically be kept for 14 days. A disaster recovery environment is available and is prepared in case a disaster occurs on the production site. The disaster recovery environment will be capable of taking over the operations from the production site if needed. Azeus UK will restore services to normal operations within 24 hours.

Our system infrastructure is designed to provide varying levels of availability to fit the customer's resilience requirements. The disaster recovery site is hosted on a geographically separate data centre with a system and server configuration that is identical to the production site.

The design can be adjusted to a strict resilience requirement with redundancy configured such that there is no single point of failure in the production setup or a more budget oriented approach where regular backups are configured and specific servers can be configured with hot or cold-standby configurations. The frequency of backup and replication can be configured to the customer's needs.
Outage reporting
Our service includes a Nagios server for monitoring the system. The monitoring service is configured to check if the system is up and to monitor performance and system-related parameters such as CPU utilisation, RAM utilisation and available storage space on servers. Thresholds are set so that Nagios will automatically generate an email alert should any threshold be breached. Email alerts are sent to the Azeus System Engineer for appropriate action. Data from Nagios monitoring is also used to monitor system usage and to inform future capacity planning.

For any scheduled downtime (e.g., maintenance or system upgrade) Azeus UK will inform the customer ahead of time (at least 1 week ahead except for emergency maintenance) and schedule the activities, where possible, outside of office hours.

Azeus UK provides a report for all system outages which includes the following:
1. Date and time when the outage was detected
2. Date and time of when Azeus UK first responded
3. Impact analysis
4. Contingency measures implemented
5. Date and time of when service was restored
6. Results of the post-mortem review of the incident.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
The AzeusCare applications support role-based access to all areas of the system and outputs (including reports). This includes administrator functions which can be delegated 'downwards' to other posts as required. All administrator activities are audited with the same level of granularity as other user types. Direct database access is handled independently.

Note that AzeusCare's unique Data Security module extends the role-based access via enabling control over who may see/update/delete specific data types irrespective of whether the user has rights to the areas or case types via standard function rights.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
3/8/15
What the ISO/IEC 27001 doesn’t cover
The following are inapplicable to Azeus UK as these are handled either by a third party (e.g., cloud hosting partner) or by another Azeus subsidiary (e.g., Azeus Systems Philippines, which is where the software is developed). It should be pointed out, however, that our hosting partner is ISO27001 accredited and our development house follows the principles of that accreditation:

- Physical security perimeter
- Physical entry controls
- Securing offices, rooms and facilities
- Delivery and loading areas
- Equipment siting and protection
- Supporting utilities
- Cabling security
- Equipment maintenance
- Removal of assets
- Security of equipment and assets off-premises
- Secure disposal or reuse of equipment
- Administrator and operator logs
- Clock synchronisation
- Secure development policy
- Technical review of applications after operating platform changes
- Secure system engineering principles
- Secure development environment
- System security testing
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
The AzeusCare team operates a formal Information Security Management System (ISMS) which is based on BS779 pt.2 and ISO17799 and accredited under the ISO standard 27001. It addresses the following areas: Quality, Performance Monitoring and Review, Policy and Procedures, Managing External Relationships, Financial Management, Strategic and Business planning, Human Resource Development and Service Innovation. There is a nominated Chief Security Officer (CSO) who ensures that Azeus UK staff members are aware of the importance of meeting customer, as well as statutory and regulatory, requirements. The Chief Security Officer also ensures that staff members contribute to achieving Azeus UK’s Information Security Objectives and ensures a) that the information security policy and objectives are in line with the strategic direction of the organisation, b) that they are fully integrated into the organisation’s processes and c) that resources needed for the ISMS are available. Further, the CSO ensures that communication covering the importance of effective information security management and conformance to the ISMS requirements is in place, that the ISMS achieves its intended outcome(s), that direction and support is available to staff and that continual improvement is promoted. This is evidenced in the company’s recent preparation for the General Data Protection Regulation (GDPR).

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Azeus UK tracks a range of system configuration settings (e.g. application, server, network, firewall, etc). During initial setup, we apply our standard configuration process (which includes server hardening) prior to release for customer use. Subsequent changes are then tracked and undergo our internal change management processes which includes impact analysis to system security and stability. Changes are first tested in an identical test environment before being rolled out to the production environment.

Azeus UK manages only the server-side configuration which includes OS security patches and server-side anti-virus updates. We expect the customer to maintain the configuration of all client-side devices.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Security testing is a key aspect in the overall development process for the AzeusCare Applications Suite. The system undergoes regular and methodical vulnerability scanning on both the application and the infrastructure in line with the requirements of the Digital Service Standard. Regular In-house testing ensures we are building and maintaining a body of expertise in the developer pool. Independent vulnerability scans are also often conducted by our customers for additional assurance. Potential and current vulnerabilities are made known by these scans. Appropriate rectification for these vulnerabilities are then handled in a timely manner dependent on the severity of the vulnerability.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
In conjunction with our hosting provider (who applies the Cloud Security Principles) our monitoring strategy embraces the NCSC's 10 Steps to Cyber Security. This strategy includes both technical and transactional monitoring, as appropriate, informed by previous security incidents and our remedial actions. Our incident response plan comprises 1. Make an initial assessment, 2. Communicate the incident, 3. Contain the damage and minimize the risk, 4. Identify the type and severity of the compromise and protect the evidence, 5. Notify external agencies and recover systems, 6. Document the incident. Response times will be dependent upon the severity and its impact.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Azeus UK uses JIRA (our online tracking system) to communicate, manage and report on all incidents. We provide authorised customer representatives access to our JIRA system in order to promote transparency and they can engage in the workflow from initial logging to resolution. Feedback on all incidents is available here.

Incidents are classified as critical, high, medium or low and are responded to within our response time commitment and resolution timeframes. Critical and High incidents will usually be followed by an internal Causal Analysis meeting and the appropriate updating of documentation and/or process.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)

Pricing

Price
£150 per user per year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Prospective customers may have up to 30 days free access to specific modules in order to test out functions and assess their applicability to current needs. We offer a standard 'sandpit' environment with a suitable dataset to enable real-life working scenarios to be managed.
Link to free trial
Please contact Azeus UK

Service documents

Return to top ↑