Welfare Call (LAC) Limited

Electronic Personal Education Plan

Welfare Call offers a Cloud based electronic personal education plan (ePEP) solution in an effort to improve both the quality and quantity of PEP’s, but also to make the PEP completion process more streamlined and user friendly


  • Cloud-based platform; secure, accessible and appropriate access 24/7
  • Set up and maintenance of children and stakeholders records
  • Quality assurance facility
  • Inbuilt reporting and analytics
  • Automated notifcation and alerts
  • Document upload facility
  • eForm designer
  • Tutorial videos/ training programme
  • Child friendly interactive features


  • Cyber Essentials, WCAG, AA and AAA compliant cloud-based solution
  • Reduced administration through outsourcing of data management
  • Improved quality of Personal Education Plans
  • Improved completion rates for Personal Education Plans
  • Improved information sharing and better safeguarding
  • Bespoke eForms to me local requirements
  • Easy adoption of system for new users
  • Engaging the ‘Voice of the Child’ in the PEP


£37.83 per person per year

Service documents

G-Cloud 10


Welfare Call (LAC) Limited

Chris Armitage

01226 716333


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Not applicable.
System requirements Not applicable.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Please refer to customer service charter.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Please refer to customer service charter.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Please see Service Description.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Provided to customer in encrypted format.
End-of-contract process Please refer to Service Description.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None.
Accessibility standards WCAG 2.0 AAA
Accessibility testing Not applicable.
Customisation available Yes
Description of customisation Bespoke Home Page and Reporting/Analytics.


Independence of resources Not applicable.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Secure Portal
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Please refer to customer service charter.
Approach to resilience Not applicable.
Outage reporting Not applicable.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels 2FA and username and password.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Cyber Essentials
Information security policies and processes Please see Customer Service Charter

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Management defined change control process.
Vulnerability management type Supplier-defined controls
Vulnerability management approach NCC Group penetration testing. Continual deployment of patches.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Anti Virus software.
Incident management type Supplier-defined controls
Incident management approach Please refer to customer service charter.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £37.83 per person per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑