The service is for the provision of residential home management software to any council run homes within the network using the G-Cloud framework. Caresys is split into 3 key facets which can be taken as a mixture of any or individually
- Purpose built hardware provides proof of attendance (clocking in).
- Configurable user interface allows for customisation depending on requirements.
- Standard Microsoft Windows convention compliant (consistent and intuitive user interface).
- Supports 3rd party integration via XML.
- Self-Service Reporting.
- ‘Multiple Document Interface’, allowing multiple forms to remain open simultaneously.
- Extensive service user and care worker records.
- Mobile point of care solution for task and activity capture.
- Streamline business processes and ensure visibility across the organisation.
- Flexible management reporting including business KPIs and care quality auditing.
- Assess and control staffing costs and ensure efficient working.
- Streamlined invoicing processes produce easy to understand invoices.
- Access the system from anywhere using a range of devices.
- Reduce exposure of Risk to SU and to the Business
- Mobile solution improves quality of care records whilst increasing efficiency
- Access person centred care information at point of care
- Mobile improves communications, sharing of important actions between staff
£90 per unit per month
Advanced Business Solutions
08451 60 61 62
|Software add-on or extension||No|
|Cloud deployment model||Hybrid cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||For all priorities clients should expect to receive confirmation that an Incident has been raised via email within one hour. Clients may also receive additional information or be contacted by a Support Professional within this hour, depending on the priority of the incident raised.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||WCAG 2.0 AA or EN 301 549 9: Web|
|Web chat accessibility testing||Advanced has the option of using the Live Agent Web Chat facility within Salesforce. Salesforce makes use of technology that is compliant with Section 508 of the Rehabilitation Act of 1973 and is committed that all users regardless of disability are able to access their applications. It has been tested with assistive technologies such as such as screen readers that either audibly read the text on the site or translate the text into braille.|
|Onsite support||Yes, at extra cost|
Advanced will provide a multi-tiered telephone based Service Desk, supporting our services in-line with the Clients Terms and Conditions.
Our Service Management processes are based on the ITILv3 framework and ISO 20000 standard for IT Service Management.
Advanced have multiple support offerings based customers' requirements ranging from our standard offering of normal business hours to our premium service which is available 24/7 365 days per year via the following means:
• Customer Portal
All support will be provided by remote access in-line with the clients own security policies. Onsite support can be provided subject to contract and may incur additional cost.
As part of Advanced’s continual improvement plan, periodic service reviews will be scheduled with the client to review the ongoing support services; to include the support model and agree any relevant changes.
Support or Service Levels are agreed with the customer at the Service Design phase to ensure that we're able to provide a service that meets their business requirements. Our standard offering for application support consists of the following target response times.
Priority 1 - 1 Hour
Priority 2 - 4 hours
Priority 3 - 8 hours
Priority 4 - 24 hours
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||A full consultative approach is taken and appropriate training is given in line with the go live. Ultimately Advanced understand that every customer is different and will tailor the methodology around the needs of each individual home/council. You can see our Service Definition- ‘Caresys Standard Implementation Roadmap’ for our recommended approach to an implementation of all modules.|
|End-of-contract data extraction||Written into any contract is an exit clause. We are able to run through a number of options with the customers and provide a tailored archiving solution that suits their needs.|
|End-of-contract process||A contract extension will be offered to continue using the software, if this is not signed an ‘out of contract’ service will continue (without explicit cancellation from the customer) which will be charged at an unfixed rate.|
Using the service
|Web browser interface||No|
|Application to install||Yes|
|Compatible operating systems||Windows|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Dedicated mobile solution available for point of care usage|
|Accessibility standards||None or don’t know|
|Description of accessibility||Via Citrix|
|What users can and can't do using the API||Our API allows integration with 3rd party systems to allow a master system to feed data into our application for read only usage, reducing data duplication and transcription errors. Allows for integration with 3rd party CRM. Our API does not allow full access to the system but is extensible allowing for additional data and functionalities as required.|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||
- Configurable core terminology replacement.
- Assessment templates fully configurable by end user.
- Customisable invoice layouts can be customised by service provider on request.
- Configurable security and access permissions.
- Mobile task definitions and workflows can be customised on request.
|Independence of resources||We run resource management profiles ensuring no single user can adversely impact another user.|
|Service usage metrics||Yes|
|Metrics types||We can provide metrics around data size, usage and audit.|
|Reporting types||Reports on request|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Grosvenor Technology & SAP|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||There are a number of built in exports for 3rd party finance systems. These can be run by end users with sufficient privileges. Additional exports can be developed by the supplier as required. Extracts for ETL reporting/BI performed from a dedicated reporting database. Datasets also available through CSV exports.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||Other|
|Other protection within supplier network||Robust backup policy with regular restore tests. Physical security restricts access to hardware and disks.|
Availability and resilience
|Guaranteed availability||We undertake to provide a minimum of 99.95% availability. Although we do not always need it, we do set a contractual maintenance window of 4 hours per month, set in the small hours of a night. There are many users already on the infrastructure and we have proven to deliver at this level to them. The Managed Services environment has been purpose built between two active/active data centres for High Availability and resiliency to failure.|
|Approach to resilience||
Data is synchronously replicated between the two centres using Microsoft and web technologies including Hyper-V Server virtualisation and SQL Availability Groups. With the technology enabling a real time replica to be created at an alternate location, it provides operational continuity in the unlikely event of a partial or complete failure of either centre.
Communication lines between the data centres, N3 and the Internet are resilient, with diverse points of presence, and have the ability to link to other data centres within the Advanced Group.
Data is then in turn backed-up using Dell DR4100 Disk Backup Appliances, de-duped and then replicated in the alternate data centre. A full weekly backup is taken and a daily differential backup, each one being automatically verified with any inconsistencies automatically and immediately flagged to our team of database administrators.
A combination of the data centres’ significant infrastructures and our active/active operating model therefore delivers a flexible, robust and proven approach to disaster avoidance and resilience and provides a high degree of business continuity
|Outage reporting||In Line with our High Severity Support Incident Process, should the service become unavailable the customer will receive both a verbal and written notification of the outage. A verbal update schedule will be agreed with the customer who will also receive written updates for the duration of the outage. The written update will include details of any progress made and the time of the next update. Following the outage a root cause analysis (RCS) report can then be made available to the customer on request. A copy if our HSSI process, Email notification and RCA report template can also be made available on request|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||
Desktop Application: Users require a unique username and password to access the application.
Mobile Application: Devices must be authorised through the administration portal. Users log in through username and password.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI|
|ISO/IEC 27001 accreditation date||15/04/2014|
|What the ISO/IEC 27001 doesn’t cover||All Advanced operations are within scope of the certificate.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||Information Governance Statement of Compliance (IGSoC) V14, L3, 100%|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||Other|
|Other security governance standards||IGSoC Version 14|
|Information security policies and processes||Advanced have implemented IS policies to cover Data Security, Information Security Systems, Acceptable Use, Data Protection, Patient Data, Mobile Working, Access Control and Monitoring. These are all outlined in our InfoSec Manual and supported by in-depth Policy statements. Key processes have been developed and implemented which include, but are not limited to, Secure transfer of data, access provisioning and incident reporting.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||The configuration and change management process ensures operational systems, services and application software are subject to change control. All staff are responsible for submitting completed change requests to the change authorisation board (CAB) using the change request form. Change requests forms, before submission to the CAB must be peer reviewed and pre-authorised by the appropriate system service owners and or business stake holder. All changes are recorded, tested and verified prior to implementation, (where possible), and are communicated to relevant members of staff and users as appropriate.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Vulnerability management is an essential component of Advanced Information Security Program and the process of vulnerability assessment is vital to effective vulnerability management. The vulnerability assessment process provides visibility into the vulnerability of critical assets deployed in the IT Infrastructure. The process comprises of identifying critical systems, their corresponding owners, vulnerability scanning on regular basis, determining and assessing potential vulnerabilities, documenting and establishing a time line to remediate critical vulnerabilities.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Advanced complies with protective monitoring in line with GPG 13.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Incident management control objectives are defined within our ISO 27001:2013 certified Information Security Management System and the procedures for Incident management are aligned to ITIL v3 industry best practice.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£90 per unit per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|