Wider Plan Ltd

Wider Wallet Employee Benefits Hub

Wider Wallet provides simple, cost-effective, online access to your choice of a wide range of employee benefits. The hub is easily customised to reflect your branding and culture. Staff rewards, staff discounts, HR documents, employee wellbeing and salary sacrifice schemes are easily included. Our fully-managed service is offered as standard.

Features

  • Customisable to reflect your branding and values
  • Easily extended to include additional employee benefits
  • Employee communications available with your branding
  • Staff discounts reflect individual user preferences
  • Online management information
  • Online user satisfaction (NPS)
  • Remote access (including mobile devices and tablets)
  • Easy onboarding with short lead time
  • High security
  • Single sign-on available

Benefits

  • Fully-managed employee benefits administration reduces payroll and HR workload
  • Salary sacrifice benefits including cars, cycles, parking and holidays
  • Support your CSR policy with payroll giving and green cars
  • Increase employee engagement: access to wellbeing portal and staff rewards
  • Total reward statements available to enhance employee perceptions
  • High capacity freephone employee helpline and email helpdesk
  • Dedicated account management
  • Bespoke employee registration questions enable automatic user validation
  • Flexible benefits with customisable options
  • Designed to accommodate widespread and segmented workforces

Pricing

£2 to £3 per person per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

620832372078002

Wider Plan Ltd

Alison Chalmers

08006127550

tenders@widerplan.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No
System requirements Internet access required for users to have full benefit

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Employee helpline typically answered within 30 seconds, emails typically answered within 2 hours, dedicated account management for employer. There are no services at the weekend.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels We operate freephone helplines and an email helpdesk for employees, 8am to 6pm Monday to Friday.

Employers are assigned a dedicated account manager and provided with direct contact details.

The software is designed to be intuitive. We provide clients with full support in order to implement an employee benefits package which meets their organisation's needs. Clients rarely require technical support but our in-house developers and account managers assist wherever required.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The client's account manager will work with the client to understand their core aims, their workforce demographics, their existing employee benefits offerings and their current means of communicating with employees.

Having gained a good understanding of the client's requirements, the account manager will help the client to select the employee benefits which are best suited to their workforce. They will then agree the specifics for each benefit stream and provide an implementation plan. Clients often choose to phase in the launch of their employee benefits and this is easily accommodated.

A demo Wider Wallet site is then provided to the client, complete with their branding and chosen benefit streams. The client accesses the site online and provides approval prior to access details being circulated to their employees.

Wider Wallet and the individual benefit streams are all accompanied by FAQ documents but most users find they can use the intuitive software without any need to refer to these.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Clients may require a schedule of users (their employees) at contract end, including details such as name, payroll number and benefit selection details.

The client's account manager will liaise with them to confirm their requirements. Schedules are provided on request in a mutually convenient format, with encryption available where data is sensitive.
End-of-contract process We are pleased to have exceptional client retention rates and most of our clients simply renew with Wider Plan when their contract expires.

Where a client chooses to move their employee benefits to a competitor, their account manager works with them to arrange a smooth transition. We are flexible in accommodating short-term contract extensions to avoid any gaps in provision.

Where a client wishes us to provide data to a third party, we are able to do so following their authorisation.

The end-of-contract service is included within our standard pricing and there are no additional charges.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The Wider Wallet Employee Benefits Hub can be accessed via desktop or mobile devices.

The same functionality is available through both routes.
Accessibility standards WCAG 2.0 A
Accessibility testing We have not performed interface testing but our online services are used by over 200,000 individuals and we have no reports of any accessibility issues.
API Yes
What users can and can't do using the API An API is available to enable users to access their Wider Wallet account via single sign-on.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Clients can customise Wider Wallet to include their logo and colour scheme. Clients select which employee benefits they wish to include in Wider Wallet, tailoring it to their specific workforce.

Where the client uses Wider Plan to fulfil the individual employee benefits, further customisation is available at this level. For example, where clients use Wider Rewards as a staff incentive scheme within Wider Wallet, they can set their own criteria and their own selection of rewards.

Wider Wallet can also be used to provide staff with a way of accessing the employer's in-house information, such as a staff handbook, HR, forms or event announcement.

Customisation is handled by the client's account manager and a demo site is provided for their approval prior to launch.

Scaling

Scaling
Independence of resources We supply over 100 large public sector organisations and it is business-as-usual for us to run large scheme events such as launches and roadshows, with no impact on website performance.

We monitor our services in real-time so, in the unlikely event of capacity issues arising, we are able to take prompt action to upscale resources from our web host.

Analytics

Analytics
Service usage metrics Yes
Metrics types The client's account manager liaises with them during the implementation period to agree management information requirements. typical requirements include take-up rates split by department or site of work, most popular employee discounts, number of logins per month, and relative popularity of the different employee benefit streams chosen by the employer.

We offer a flexible service and are able to accommodate reasonable requests for bespoke reporting.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach Our in-house protection consists of physical access control requiring a key fob to enter the building. Our systems are all secured through user accounts which are restricted via permissions.

The external hosting server requires physical access to devices and is restricted to authorized personnel only. There are card readers and biometric access required to enter the facility which is guarded by a fully fenced perimeter and.

The systems are SSAE16 compliant.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Clients usually have no need to export data directly from Wider Wallet. Data requirements more commonly apply to the individual employee benefits which the client has chosen to offer within Wider Wallet.

Export facilities vary but typically data is provided either as an export from the client's online account or via the account manager.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% assured by contractual commitment
Approach to resilience Available on request
Outage reporting An email alert will be sent out to advise of any unexpected outages of the Wider Wallet.

A warning is shown on the website in the event of planned maintenance. Maintenance is generally carried out during the lowest visitor times, such as early in the morning.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Username and strong password enforcement
Access restriction testing frequency At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Cyber Essentials
  • ISO 9001:2015

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Cyber Essentials
Information security policies and processes We hold a current Cyber Essentials certificate that we have renewed annually since 2015.

We operate a detailed Data Protection Policy which is consistently updated, our staff are trained in the important of ensuring data is used correctly and not divulged to third parties, a signed contract is agreed before employment. We only hold data which is essential for the operation of the scheme. The full policy is available to clients on request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All software components and changes to these components are tracked through source control management software. Each change to any code is reviewed by at least two developers and also tested using automated tests. Changes are tested for security and functional issues and only released live when approval has been reached and tests have passed.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We test internal software on a quarterly basis, this test involves a vulnerability scan and a penetration test of core services. If a threat to a service is identified, a patch will be written and deployed within a day for high threat issues and within a week for low threat issues. Threat issues are notified by monitoring OWASP and reviewing Common Vulnerability and Exposure (CVE) entries.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Potential compromises are identified by monitoring of firewalls, application server activity and through proactive penetration testing. If a potential compromise is identified, depending on the severity of the incident after investigation; either the compromise is patched or passed through the data protection policy process. Severe incidents will be responded to immediately whilst less severe incidents would be resolved within 48 hours.
Incident management type Supplier-defined controls
Incident management approach A pre-defined set of processes for dealing with common incidents is available for use in the event of an incident occurring. Depending on the type of incident, we have a variety of reporting routes for notification of key personnel. For internal incidents notification is via email alert or direct communication with the appropriate member of staff. After incident reports are received and they are sent via email to senior management.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £2 to £3 per person per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A demonstration version of the Wider Wallet employee benefits portal is available for a free trial.

There is a limit of twenty guest registered accounts on the trial version, for up to 30 days.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑