Equifax Ltd

Single Person Discount and Empty Homes

Local Authorities are reviewing their approach to establishing Council tax reductions and business rates. In order to increase revenue generation, drive better results, and reduce costs, Equifax provides the ideal fit for purpose robust solution, to help focus resource and offer a volume based cost benefit.

Features

  • Equifax has vast experience of delivering regulatory aligned SPD eligibility
  • Equifax has vast experience of delivering regulatory aligned EH status
  • Established and effective service evidenced by adoption across UK Council’s

Benefits

  • Easily navigable solution identifies where SPD claims can be removed
  • Ensures individuals previously eligible for discounts are still entitled
  • Allows the Council to provide services to the correct individuals
  • Allows the Council to cleanse data at time of review
  • Provide the number of high/medium risk properties a glance
  • Provides a property ranking so focus is on high risks
  • Enables Council to build up a wider view of EH
  • Refreshed data provided back to keep the Council current

Pricing

£0.12 a unit

  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

7 5 1 5 2 9 1 7 4 4 7 2 7 6 7

Contact

Equifax Ltd Julie Hewitt
Telephone: +44 7805 450839
Email: public.sector@equifax.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No
System requirements
Access provided by a supported browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
No, email responses are the same at weekends. User support is 24/7.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The service will be accessed via a standard browser so minimal impact on current infrastructure. We would not anticipate requiring technical support however we would work with any organisation to overcome any potential issues.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Once users have been set up we will engage with the buyer to assess what the training needs are and how best they can be fulfilled. Training options include on site / webinar / train the trainer. Full user documentation can be provided and the system has an online help facility which users can refer to at any time.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
This is an online service which utilises the data provided only when requested by the user. There will not be any data held by Equifax beyond what is legally mandated for audit and compliance purposes.
End-of-contract process
Once the contract period has ended the account will be deleted so no users can log on in the future. All costings would be clearly marked on the contract which would be agreed at the outset of the arrangement and no further costs will be incurred outside of that.

Using the service

Web browser interface
No
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Reader View is available
Service interface
No
API
No
Customisation available
No

Scaling

Independence of resources
Equifax websites are widely used by a wide variety of organisations within the UK and as such have a scalability built in so there is always capacity to cope with additional demand.

Analytics

Service usage metrics
Yes
Metrics types
Equifax can provide usage information based on the actual volume of requests. These can show the volume of and type of reports requested and also details of the request such as user who performed the request, time and date and details of what was input.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Results from the enquiry will be shown on screen and users can then print or create a .pdf of the results for reference. Should batch requests be submitted these will be provided in .csv format.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Services typically run at around 99.5% availability. Buyers can liaise with Equifax at the outset of a contract to agree on SLA's and what refunds the buyer would be eligible for should the service run below the agreed SLA.
Approach to resilience
This information can be made available on request.
Outage reporting
A public dashboard (on the log on page) will be provide information on any known upcoming changes to the products and services. In the case of outages we will communicate the issue and the progress (along with expected resolution times where available) to buyers via email.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Confidential. We are happy to discuss in further detail with the Equifax Security team.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
29/05/2018
What the ISO/IEC 27001 doesn’t cover
Not applicable.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire Systems, Inc.
PCI DSS accreditation date
10/07/2020
What the PCI DSS doesn’t cover
Not applicable
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We follow ISO 27001 best practice, which ensures we comply to various regulations regarding data protection, privacy and IT governance. All employees have to read, acknowledge and sign the information security policy when they join the company. All employees are vetted using previous employment references and internal credit checks as part of the application process. We operate a mandatory induction training programme for all new starters, which includes a detailed study of the company’s information security policy, standards, practices, and the employee’s obligations under that policy framework. All employees have to sign non-disclosure / confidentiality agreements and have clearly defined terms and conditions of employment. There is also a clearly defined and communicated disciplinary process in place. Any specific security requirements over and above the general company ones are included within job descriptions.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team.
Vulnerability management type
Undisclosed
Vulnerability management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team.
Protective monitoring type
Undisclosed
Protective monitoring approach
Confidential. We are happy to discuss in further detail with the Equifax Security team.
Incident management type
Undisclosed
Incident management approach
Confidential. We are happy to discuss in further detail with the Equifax Security team.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0.12 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
For a limited time or an agreed volume of reports Equifax would be willing to provide to trial of the full service in order for an assessment to be made by the supplier of its suitability.

Service documents