Alphatec Software's ClaimControl is an award winning incident, claims and insurance risk management SaaS solution that helps you efficiently manage all incidents, all types of claims, policies and more in a single, simple to use system.
The solution is written specifically for the insured organisations benefit
- Integrated diary action system with built in workflow
- Document and image management
- Ability to add fields and workflows
- Detailed financial and insurance planning reporting
- Automatic highlighting of potentially fraudulent claims
- Highly configurable solution - ClaimControl fits your organisation
- Client / Partner / Schools Portals
- Integrated First Notification of Loss with Automatic Notifications workflow
- Complete audit trail of changes
- Supports home working and hot desking
- Reduces administration costs, saving you time and freeing up resources
- Real-time visibility and evidence on all incidents and claims
- Proven industry track record of fast, efficient and configured implementations
- Reduction in claims/incidents due to improved visibility of trends
- All corespondance, policy documents and photographs are at your fingertips
- Automatic service levels, escalation and jackson reminders ensures claim progression
- ClaimControl is continually enhanced to meet your needs
£110 per person per month
Alphatec Software Ltd
0845 680 1911
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
During normal Support Hours on weekdays we respond
To level 1 and 2 queries within 15 mins
To level 3 and 4 queries within 4 hours
Weekend support for users is not provided as standard but can be provided at an agreed cost.
The system is monitored and supported 24/7/365.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
We provide a single level of support for all our users.
This support is included in the cost of the subscription. Each account is allocated a primary account manager and primary support contact.
|Support available to third parties||Yes|
Onboarding and offboarding
Alphatec use our expertise in dealing with hundreds of organisations to help guide new accounts through the process of configuring and setting up their account in order to gain maximum benefit.
As part of the implementation process we provide onsite training or online training depending organisations preference.
There is also user documentation available as well as in application helpin a number of the modules.
|Other documentation formats||Online on certain modules|
|End-of-contract data extraction||
Over 97% of ours users have never unsubscribed, choosing instead to extend their subscription but for anyone who does wish to end the contract we will supply all of their information in .CSV format with all of the relevant linkages to allow them to relate it.
All of the information in ClaimControl always belongs to the client, unlike in some other claims systems we have had users migrate from.
|End-of-contract process||At the end of the contract the user is required to give notice of wishing to end the contract. At that point in time we will start discussions with them to agree a date when they want us to supply their information to allow them to have a seamless transition. We will then discuss the informational needs and will supply them with their information on the day they want it delivered and once they confirmed receipt of the information we will revoke their access to the account. If they would like us to we will hold their data on the system for up to 2 weeks to allow them to ensure they have everything they need for moving forward and will then confirm with them that we are going to delete their information from ClaimControl permanently. The information will then be deleted. At all stages we will work with the client to help ensure the move is as simple and easy for them as possible.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
The mobile and desktop services are identical but the system has been designed to be responsive so that the screen rendering takes account of the size and form factor of the mobile device being used.
Certain add-on applications are not available for the mobile as yet:
1. The bulk document and image uploader
2. MS Word Add-In
|Accessibility standards||None or don’t know|
|Description of accessibility||At the moment the the system has no specific audio alternative or media alternative for disabled users. The system has been designed using standard HTML5 front end and therefore most browser accessibility enhancements and features will work with the system.|
|Accessibility testing||No interface testing with users of assistive technology has been carried out|
|Description of customisation||
Users are able to add new fields, values and options. They can even specify what types of clams these appear on.
Unlike many systems these user defined fields also become part of the data they can report on enabling this information to be used productively - immediately.
The organisational structure can be configured by the user as can all organisational specific values in drop downs throughout the system.
Any users with administration access can also customise what features and functions the users have access to even down to very specific actions within areas of the system (e.g. admin access users can configure what roles exist and what any users in each role can do).
|Independence of resources||Resource utilisation is monitored and flexed to ensure the system operates quickly and smoothly for all users.|
|Service usage metrics||Yes|
|Metrics types||Users can themselves report on the various metrics including user use of the system, number of incidents / claims recorded etc.|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Other data at rest protection approach||In addition to the above the network and database are also both secured and the users password credentials are encrypted.|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Users can export their data in a number of ways including Excel, PDF and CSV (simplified excel)|
|Data export formats||
|Other data export formats|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Other protection between networks||We also implement a number of additional security measures to ensure security of both the system, the communication and the users data. e.g. we implement secret key authentication on all pages to protect users from cross site scripting.|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
The applications are monitored 24 hours a day, 365 days a year, with 24 hour support at network, developer and DBA level.
We guarantee 99.9% up time. We do not provide refunds.
|Approach to resilience||This information is available on request|
|Outage reporting||Through our web site, e-mail alerts and twitter.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Access to management interfaces is secured and in addition, the feature group and features are enforced such that even if communication were compromised the protection cannot be circumvented|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Public key authentication (including by TLS client certificate)|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||Our Datacentres that host and operate ClaimControl are accredited|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||
We work closely with our data centre provider who are the UK's most accredited cloud company to ensure our clients data is both physically and digitally secure.
At the application level all system upgrades are reviewed for functionality, resilience and informational security at both the design and pre-test code review stages. This helps ensure that security is considered as much a part of the system as functionality.
|Information security policies and processes||
All releases are subject to security assessments based on the following criteria:
a) New or Major Application Release – will be subject to a full assessment prior to approval of the change control documentation and/or release into the live environment.
b) Third Party components – will be subject to full assessment after which it will be bound to policy requirements.
c) Point Releases – will be subject to an appropriate assessment level based on the risk of the changes in the application functionality and/or architecture.
d) Patch Releases – will be subject to an appropriate assessment level based on the risk of the changes to the application functionality and/or architecture.
e) Emergency Releases – An emergency release will be allowed to forgo security assessments and carry the assumed risk until such time that a proper assessment can be carried out. Emergency releases will be designated as such by a Director or appropriate manager who has been delegated this authority.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
All change management is managed through our change management system Jira and Confluence.
All source changes are managed through source control.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||This information is available on request.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||We have threat detection and DDoS protection within the datacentre and also have the application configured to provide logging and automatic notification of both errors and unauthorised behaviours.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
Users can report incidents by e-mail or by telephone to our support team. We have documented processes in place for common events (e.g. user access etc).
All support incidents are logged in Jira our incident management system and tracked through the SCRUM broads.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£110 per person per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Terms and conditions document||View uploaded document|