OCC MarketPlace provides a resource directory covering organisations supplying adult and children's care and support services. Optional features include eBrokerage; NHS Data Syndication; Ofsted Integration; SEND compliance; Online Financial Assessments: Online Client Financial Statement; Online Needs Assessment for Clients and Carers.
- Search and Categorisation
- Electronic Payment for Services
- User Feedback and Ratings
- Vacancy Listings
- Support Planning
- Online Financial Assessments
- NHS Data Syndication
- Online Needs Assessment
- Electronic Payment for Services
- User Feedback and Ratings
- Vacancy Listings
- Support Planning
- Integration with back office systems
£32000 per licence
- Free trial available
Oxford Computer Consultants
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Office hours support are same day response|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
We supply packs of service days from 5 days to 50 days and costing from £5,341 to £40,352 excluding VAT.
We provide a cloud support engineer where necessary.
|Support available to third parties||No|
Onboarding and offboarding
We run in-house and on-site training events for all of our products. We have created and refined standard training sessions but also often to deliver training tailored to a specific client’s needs. As a result of this, we have highly experienced training staff that have fine-tuned the various techniques and materials we make use of in our training delivery.
Our training sessions are built around a set of core outcomes, decided upon through consultations with our clients, and delivered through a series of well-defined modules.
The trainer makes use of slides to guide the session but spends most of the time demonstrating and guiding activities within the product. Training packs for each attendee consist of printed hand-outs with clear guidance covering the course content, as well as electronic copies of the slides and other training material, ensuring that the client gets the most out of the event and can review everything at their convenience. Each OCC MarketPlace implementation is dependent upon which modules that the Council has chosen to purchase. Courses include: OCC MarketPlace Administration, Data Migration and Brokerage. In addition, we provide full documentation online and in pdf format for OCC MarketPlace and its modules.
|End-of-contract data extraction||
Overnight, all data within the OCC MarketPlace database is transformed into a data mart that is suitable to report against. By default, the data mart is accessible through Microsoft SQL Server Reporting Services (SSRS). Individual reports can be defined using Microsoft Report Builder 3.0 by Council staff with the correct privilege. These report definitions can be accessed through the administration pages by Council workers with the correct permissions and access control levels.
Alternatively, we can supply a database dump of the data.
|End-of-contract process||All data is owned by the client and OCC will supply data extract at no additional cost.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||We present the same functionality to both mobile and desktop users|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
The system is designed to be accessible to as wide a range of users as possible supporting Conformance Level AA. By working closely with the customer’s web teams and their style guides we provide a tailored and responsive browser interface that is available on devices ranging from smart phones to desktops.
In consultation with a visually impaired user, we have been testing and optimising our User Interfaces (UIs) to provide more support for blind and partially sighted users. This includes both direct support for screen readers and improvements to keyboard navigation.
Our testing has focused on the JAWS screen reader, but the solutions we are adopting are general in nature and we expect them to work with other accessibility products.
|What users can and can't do using the API||
The system comes with integration with our Supplier and Contract management database, with the ability to include up to date cost, availability, quality, and outcomes information. We offer an open standard Web Service API to allow interfacing with other data sources, such as existing public health, targeted directories and GP referral systems. The architecture will allow aggregation of data to regional and national directories.
OCC MarketPlace is designed to work with a number of live data sources and to be published in a variety of ways.
Services can be created and maintained in external stand-alone systems databases that populate the OCC MarketPlace; such as SPOCC for housing related support, or ContrOCC for social services. Systems from any number of LAs could contribute. OCC supplies the following elements:
• LA Contracts Database(s)
• Directory and Directory Web Services Layer Modules
• OCC MarketPlace
Service data is transmitted from these systems, in a common format, to a central web service. The web service accepts the standardised service data and caches it in a central directory database, optimised for fast response to common queries. Importantly, safeguarding information is transmitted from contract systems to MarketPlace allowing services to hide in the case of issues.
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||TBC|
|Independence of resources||
The servers are monitored regularly to ensure that the server is performing within acceptable tolerances and smooth running of the sites on these servers. Monitoring is carried using a third party monitoring utility called Site24x7 (www.site24x7.com) and the infrastructure team are notified of any occasions where the thresholds below are exceeded.
In the event that capacity thresholds are continually exceeded:
• For SaaS services, OCC will alter the configuration to increase capacity as part of standard maintenance.
• In all other circumstances, possible changes are discussed with the customer along with costs.
|Service usage metrics||Yes|
|Metrics types||We use a combination of system performance tools and logs aswell as Site24x7 to monitor performance and availability|
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||No|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||
OCC MarketPlace supports exports through the use of Microsoft SQL Server Reporting Services. In this way power users can define reports that end users can run and export their data in the following formats: PDF, CSV, XML,Word, Excel.
Alternatively, the user or downstream systems can retrieve data in JSON or XML by way of a WebAPI.
|Data export formats||
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||
Availability and resilience
Standard service level agreement for hosting solutions is 99.5% availability outside of maintenance windows, 365 days a year, 24/7.
As a minimum systems run at a single geographic location with hardware redundancy but no active replica in place to automatically take the place of a failed platform.
During any calendar month, where there is failure to meet one or more of the agreed Service Levels, a Service Credit may become payable by the Service Provider. Service Credits will only be applicable to IT infrastructure and end user support services as detailed in paragraph 6.2 above. The credits available are as below:
• 2% of the monthly charge if the Availability is less than 99.5% over a calendar month or whatever is specified in the Hosting Agreement Appendix.
• 5% of monthly charge if the Availability is less than 98% average over a calendar month.
• 5% of the monthly charge if the Incident Management SLAs are not met on 10% more of incidents.
Service Credits are agreed with the client and refunded quarterly
|Approach to resilience||Available on request|
|Outage reporting||OCC monitoring is carried out using a third party monitoring utility called Site24x7 (www.site24x7.com). This provides a public dashboard. API and email alerts that can be made available on request.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Available on request.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||SGS|
|ISO/IEC 27001 accreditation date||Since 30 July 2012|
|What the ISO/IEC 27001 doesn’t cover||All controls are included in our statement of applicability.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||We have a board level director responsible for security and hosting is included as part of our ISO27001 scope and therefore is audited as part of this.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||In order to track all activity on the server, if someone logs onto a server in order to make ANY CHANGES on the server or site related configuration (e.g. DNS records), this is recorded in the Change Control Log. The log entries are not hugely detailed but should provide enough information to allow sufficient investigation to be carried out if there is a subsequent site incident.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Available on request.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Available on request.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Available on request.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£32000 per licence|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
We include a fully featured white label MarketPlace site with Hosting and maintenance. We also include onboarding including making sure the LA’s CQC data is migrated.
Branding and custom configuration is not included.
There is a 4 month free trial period.
The above price is for a medium sized LA.
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|