Looking Local Limited

ScanStation

ScanStation is an Android app enabling customers to self-scan documents to support a range of government services; housing benefit, CTR, bus passes, blue badges etc. A combined software and furniture solution, ScanStation ensures quality images every time, can integrate with any back-end system and is a simple, accessible customer-focused solution.

Features

• Dual Android app and secure furniture solution
• Enhanced camera functionality ensures quality images every time
• All files are delivered with corresponding metadata
• Integrated with Anite GIM - can integrate with other solutions
• Enables UPRN (NLPG Unique Property Reference Number) real-time look-up
• Complies with data protection/information security regulations
• Ability to generate PDFs from individual image files
• Uses the latest tablets to ensure longest shelf life
• App can be deployed anywhere there is wifi
• No personal data/images are saved on the device

Benefits

• Reduces face to face contact / enables self-service
• Supports all services that require scanned supporting documents
• Shortens the end-to-end application timeframe
• Per scan saving of £3.66 (council customer service centre model)
• ROI calculator available to show savings potential
• Year on year savings
• Simple, non-technical, accessible app on known technology
• PDF generation from individual image files eases handling multi-page proofs
• Potential for 80% of supporting documents to be self-scanned
• Enables advocates/family/friends to progress claims on applicants behalf

£10,000 to £40,000 a instance a year

Service documents

• Pricing document (pdf)
• Service definition document (pdf)
• Terms and conditions (pdf)

Framework

G-Cloud 12

Service ID

670210949425893

Contact

Looking Local Limited

Guy Giles

0845 434 8540

guy.giles@lookinglocal.gov.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Support does not extend to the hardware that is procured by the customer nor their consumed web services that the app calls on to operate.
• System requirements: Device lockdown software is required for the tablet

User support

• Email or online ticketing support: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: As part of our commitment to provide first class support, our proposals include the provision of “1st Line Support” throughout the life of the solution. This will be a call centre number that customers can ring 24/7/365 to report issues that pertain specifically to the performance of the app only. Detailed response times would be covered in our SLA although they are generally between 2 business hours and 24hrs depending on the severity of the issue, and recovery times of 4-8 business hours - again depending on the severity or the issue. The costs for this support are included in the licence costs. Each deployment comes with a dedicated technical manager to handle support requests, identify the issue and update stakeholders on progress in a timely fashion. Customised, higher levels of support are available on request and costed based on needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: End users are expected to use the service unassisted. Customers are provided with user documentation
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: Google Docs
• End-of-contract data extraction: No data is kept on the system
• End-of-contract process: Licence includes the use of the app across unlimited devices. Additional costs are incurred if the process flow of the app is altered in any way.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: Yes
• Compatible operating systems: Android
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: It is an Android tablet-only experience
• Service interface: Yes
• Description of service interface: The user-facing service is a dedicated Android app accessed via a compatible device (i.e. tablet) using an intuitive, accessible user interface.; ; Management information (i.e. reporting) and QR code management is available to customers via a browser using an intuitive, accessible user interface.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Not applicable in this instance
• API: No
• Customisation available: Yes
• Description of customisation: Branding and wording can be customised as part of the initial licence on behalf of the customer. Process flow customisation is also available and charged at our standard day rate. ; There are no user customisable areas of the solution

Scaling

• Independence of resources: The app runs on a single device. The maximum amount of users at any given time is 1

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics are available to customers via a dedicated management console. This covers real-time reporting on scan submissions and pages scanned (by date/service area/evidence type/location), device information, session data, popular service areas and evidence types
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Never
• Protecting data at rest: Other
• Other data at rest protection approach: At rest there is no data
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: No data is held on the service
• Data export formats: Other
• Other data export formats: No data is held on the service
• Data import formats: Other
• Other data import formats: No data is imported to the service

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Device resides on buyer's network.
• Data protection within supplier network: Other
• Other protection within supplier network: N/A. Data does not reside on our network.

Availability and resilience

• Guaranteed availability: Not applicable in this case by virtue of the app running on customer devices
• Approach to resilience: Not applicable in this case by virtue of the app running on customer devices
• Outage reporting: Not applicable in this case by virtue of the app running on customer devices

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Not applicable in this case
• Access restriction testing frequency: Never
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: IP restriction

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: No
• Security governance approach: Not applicable in this case by virtue of the app running on customer devices
• Information security policies and processes: Not applicable in this case by virtue of the app running on customer devices

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We use a change management tracking service called Jira to ensure that any configuration or change management requests are accurately documented, prioritised and carried out in a timely fashion. We use version control to decide whether the change constitutes as step change in the fabric of the solution and carry out regular penetration testing if the change presents a potential security issue.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We are members of a number of accredited bodies, including the Cyber Security Information Sharing Partnership (CiSP), that share information on new or emerging security issues. Any potential threats presented are assessed for severity either by our CTO or by a third party CHECK or CREST accredited body and acted upon accordingly.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: This question does not apply in this case
• Incident management type: Undisclosed
• Incident management approach: Customers can report incidents via our 24 hour telephone support helpdesk, via our incident reporting software or via email to the Technical Support Manager. Most incidents do fit a common type and have appropriate processes in place to deal with them. Non-common incidents are dealt with on an adhoc basis and followed up with an incident report to the stakeholders depending on the severity

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £10,000 to £40,000 a instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document (pdf)
• Service definition document (pdf)
• Terms and conditions (pdf)