BTS Holdings plc

Cloud Atereo Patient Service Finder App

Atereo Patient Service Finder delivers savings by cutting staff and other costs in switchboards and contact centres.
Giving access to a directory of services tailored to their current location, date and time, reducing the number and duration of calls to the organisation and improving the customer experience.

Features

  • Up to date Directory
  • Location based information
  • Easy to find and digest information

Benefits

  • Easily manage all Directory information
  • Reduce the number of calls to call centres etc
  • Provide customers with better experience
  • Easy to access information

Pricing

£6,000 to £17,000 a licence

  • Education pricing available

Service documents

Framework

G-Cloud 12

Service ID

7 7 1 0 9 9 6 0 2 5 1 4 6 4 7

Contact

BTS Holdings plc Jon Kendall
Telephone: 02084019000
Email: tender@bts.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Switchboard and call centre solutions.
Cloud deployment model
Private cloud
Service constraints
Mobile app can only be deployed on Android and IOS devices
System requirements
Access to customer data for regular updates

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support is normally 4 hours response, Monday to Friday 08:30-17:30

Support is not offered at weekends
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support is provided Mon-Fri 08:30-1730 (excluding English Bank Holidays).
Support outside of these working hours can be provided as required customised to each customer requirement.
Each customer also has a dedicated Account Director
Support available to third parties
Yes

Onboarding and offboarding

Getting started
BTS provide onsite training and complete documentation regarding the service.
The initial import of data is completed as part of the initial configuration of the solution.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
BTS can provide a complete export of data in an agreed format (XLS, XML, CSV etc.)
End-of-contract process
The customer app is disabled and any customer data is deleted from the Cloud (following any agreed export of data).

Using the service

Web browser interface
No
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile (Smart Phone and tablet) devices only.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
The service can be customised to show customer logos and define which fields are shown in the search results and detailed results.
Customisation is completed through a PC application.
Administrators can complete customisation

Scaling

Independence of resources
The solution is segmented to ensure that each customer has sufficient resources for their demand

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is exported by BTS and provided to the customer as part of the service
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLS
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • XLS

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
If (other than by reason of material default by the Customer) the Contractor fails to complete the Works, or any separately priced part thereof, by the Completion Date or any agreed revised Completion Date, and the Customer shall have suffered a loss, the Customer shall be entitled to deduct from the Contract Price, or relevant part thereof, by way of liquidated damages ½% for each week between the Completion Date or revised Completion Date and the actual Completion Date, but the amount so deducted shall not in any event exceed 10%, and such deduction shall be in full satisfaction of the Contractor's liability for the said failure. The Contractor and Customer agree that such sum is a genuine pre-estimate of the Customer’s loss arising from such delay.
Approach to resilience
Service resilience is defined for individual customers and is based on their specific requirements.
Outage reporting
Email Alerts to customers

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Access to management interfaces and support channels is restricted to client PCs on the Customer's network using a company to company VPN.
Access restriction testing frequency
At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Our Information Security Policy has been developed following the guidelines of ISO 27001 (formerly ISO 17799), 'Information Technology - Code of Practice for Information Security Management'. All staff receive training on this policy which is monitored and reported against as part of our ISO 9001 accredited QMS.
Information security policies and processes
Our Information Security Policy has been developed following the guidelines of ISO 27001 (formerly ISO 17799), 'Information Technology - Code of Practice for Information Security Management'. All staff receive training on this policy which is monitored and reported against as part of our ISO 9001 accredited QMS.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
BTS uses a Prince 2 based changed management process to assess the impact of changes on both service deliver and security
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
All our services are reviewed for potential treats and weaknesses both during design and throughout operational life.

Where a potential threat is identified, patches are applied as soon as reasonably practical.

We monitor alerts from National Cyber Security Centre and receive notification from both Microsoft and Symantec.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Where necessary we monitor user activity and access to ensure users can be made accountable for their actions and to detect unauthorised activity and access that is either suspicious or is in violation of security policy requirements.
Incident management type
Supplier-defined controls
Incident management approach
All security incidents must be reported immediately to Line Manager and the Resources Director who will:
• Acknowledge receipt of incident report
• Place incident on BTS Issues List for review at Management Review Meeting
• Copy incident report to relevant 3rd Party organisations
• Conduct initial investigation of reported incident
• Review relevant security procedures to prevent recurrences
• Initiate any disciplinary procedures that may be required
• Report back to individual reporting the incident, Management Review Meeting and any other interested parties informing them of outcome of the investigations and any procedural changes that are to be implemented

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£6,000 to £17,000 a licence
Discount for educational organisations
Yes
Free trial available
No

Service documents