FDM plc is one of the UK’s leading print and mail companies. Our hybrid mail solution, Hi-mail®, allows you to print & post all of your documents directly from your PC, Laptop, Smartphone or Tablet for up to 70% less than your existing print and postage costs.
- Live Document Tracking
- Custom Print & Mailing Profiles
- Document Automation Flow
- Built in Document Library
- Same Day Mailing
- Document Archiving
- Dedicated Support Portal
- Group, Team and User Management
- Granular MI Reporting
- Brand & Document Control
- Safe & secure data encryption
- Save up to 70% on your print and mailing costs
- No set-up costs - only pay for what you send
- Fully scalable for teams big and small
- Fully detailed, itemised reporting on a user-by-user basis
- NHS HSCN Approved
- Simple pricing structure and volume discounts
- Free support and technical assistance
- Built by industry experts for over 25 years
- Specialists in Local Government & Public Sector requirements
£0.34 to £1.16 per unit
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||Minimum system requirements: Windows XP / OSX Mountain Lion or above. Minimum 5mb Hard Disk Space|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Average response times Mon - Fri = 18 minutes.
Average response times Sat - Sun = 30 minutes.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.0 AA or EN 301 549 9: Web|
|Web chat accessibility testing||Live web chat has been tested by regular users with assisted technologies.|
|Onsite support||Onsite support|
We provide a fully featured support service as standard to all clients which allows users and administrators to access a range of technical support options including:
Online and offline documentation.
Live web chat services with a technical engineer or user support agent
Web support ticketing service
Email support ticketing service
Telephone support service
Dedicated Account Managers are also assigned to each client to manage their requirements and can also provide an additional level of support.
All clients receive the same level of support at no additional cost.
|Support available to third parties||Yes|
Onboarding and offboarding
Initial account set-ups are completed by the Hi-mail support team with a range of onsite training, online training and user documentation options provided for all new accounts.
An initial consultation is undertaken with each new account to determine the best method of training solutions and then these are customised to suit each clients needs.
These includes quick start guides, user guides and administrator guides in both PDF and online formats as well as an E-Learning suite of services that allow users to learn at their own pace whilst being guided through the key features of the software.
|End-of-contract data extraction||All data can be extracted by Account Administrators using the built in user interface or by request from one of the Hi-mail Technical Engineers.|
At the end of a contract FDM will initiate our end of contract procedure in accordance with our Data protection Procedures and ISO27001 guidelines.
This process is managed by the clients dedicated Account Manager and ensures that all data is securely destroyed and documented.
In accordance with Principle Five of the Data Protection Act 1998, FDM ensures that all personal data, in any format is retained for no longer than necessary. All data classified as ‘Confidential’ (i.e all raw client personal data) is retained by FDM for a period of three months, after which it is deleted beyond recovery, unless specifically requested by the client to retain the data for a longer or shorter period.
Data that is classified as ‘Restricted’ is retained by FDM according to purpose and requirement. When managing all information classified as ‘Confidential’ or ‘Restricted’ on behalf of a client, the relevant FDM Client Account Manager is considered the ‘Data Owner’ and therefore responsible for it’s handling in accordance with this policy.
Data in both electronic and printed formats must be deleted or destroyed according to the schedule as outlined in our ISO27001 Data protection procedure policy which is available on request.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The virtual print driver is only available on desktop devices. Users of mobile and tablet devices must use either the web-portal upload option or the network folder upload options unless connected to a remote working PC.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
|Accessibility testing||Our interface has been tested by regular users and industry standard tools with assistive technology turned on.|
|Description of customisation||
Administrators can customise a variety of features and accessibility options within the service for each user, account, sub-account or user group.
Each user is also assigned a profile that can be customised to enable them to adjust the working interface of the software to their specific needs.
|Independence of resources||The Hi-mail service has been built to be fully scalable and has sufficient measures built in to ensure that users are not impacted by increases or spikes in usage. These include a range of partitioned hybrid servers, dedicated high-speed fibre connections and scalable database architecture.|
|Service usage metrics||Yes|
The Hi-mail service monitors all account usage and a variety of reports can be exported at any time by users with sufficient administrative access.
More detailed server reports can also be requested from the Hi-mail Technical Support team as required.
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||All data can be exported from a variety of reporting functions within the software. Filtering and search features allow users to look up specific criteria of data from their account history and export these for local download.|
|Data export formats||CSV|
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Hi-mail's uptime is monitored 24 hours a day using a 3rd party software monitoring service and is available to view online at any time.
System availability is guaranteed at 99.9%
|Approach to resilience||This information is available upon request.|
Hi-mail is monitored 24 hours a day by 2 separate systems. Together these systems provide us with a range of downtime reporting services including:
Detailed email notifications
Log file recoding and notification system
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
All management interfaces and support channels are restricted to authorised personnel only.
Users who require access to management interfaces must be requested and approved by a Hi-mail engineer or senior Account Manager who can then grant access. Access is then restricted by either VPN connection, 2-factor authentication or 3 part password system.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BM Trada|
|ISO/IEC 27001 accreditation date||November 2017|
|What the ISO/IEC 27001 doesn’t cover||All operations are covered by ISO27001|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||Self Accredited|
|PCI DSS accreditation date||Re-accredited May 2018|
|What the PCI DSS doesn’t cover||Nothing relevant to this service.|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||FDM is fully accredited to ISO27001 standards and is regularly audited to ensure continued compliance. We are also accredited to Information Governance Toolkit level 2 and HSCN compliant.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||FDM's research and development process runs on a bi-annual basis and is governed by our data protection and ISO27001 and ISO9001 policies. Our change management process includes processes for new development testing, risk analysis and security considerations for each new development stage. This is then backed up detailed change log documentation which is made available to all clients at least 4 weeks prior to any new software deployments.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||FDM's network and services are monitored by a third party security service that remotely apply all patches as soon as they become available ensuring that our services are kept up to date and protected from all potential threats.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
FDM's services are monitored 24/7 by a Cisco ASA firewall and threat defence system that logs and alerts us to all suspicious activity including (but not limited to) unknown or failed login attempts, failed network access attempts and suspicious IP address activity.
Our third party security monitoring partners also monitor our network 24 hours a day and have engineers on hand to deal with any potential threats or compromises within 30 minutes.
|Incident management type||Supplier-defined controls|
|Incident management approach||
All incidents are assessed on potential data security and risk to service criteria. Users can report incidents using and of the document technical support methods and are then logged for future reporting.
All incidents are then investigated within 30 minutes of initial notification for source and solution. Incident reports can be provided upon request.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Connected networks||New NHS Network (N3)|
|Price||£0.34 to £1.16 per unit|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Initial account set-up, user set-up, document testing, document assessment, training materials and user guides are included in the free trial. There is time limit on the free trial as all accounts are placed in 'Test mode' to allow you to trial the system for as long as needed.|
|Link to free trial||https://www.fdmplc.com/hi-mail-sign-up-now/?source=G%20Cloud%2010|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|