Block Solutions Ltd

Clinical Workspace Service (VDI)

Block’s Clinical Workspace is a cloud-based virtual desktop service that gives care workers access to all the clinical systems, information and tools they need to provide safe, effective care services securely from any location.

Features

• Secure remote access to clinical applications using any device
• Supports a wide range of clinical systems and devices
• Rapid deployment
• HSCN connectivity included
• Meets Clinical Risk Management standards (DCB0129)
• Complete managed service based on pre-defined SLA and XLA
• Self-service portal can be used to quickly deliver required change
• Multi-factor authentication included
• Simple, predictable per-user per-month cost model
• All features are listed in the Service Description

Benefits

• Access clinical information and support tools from any location
• Deliver a secure and effective remote working solution
• Drive estates rationalisation programmes
• Support the delivery of new services and initiatives
• Provide an effective Business Continuity Plan (BCP)
• Reduce staff travel time and costs
• Reduce IT issues and delays
• Optimised for clinical systems and processes
• Deliver an assured and compliant desktop
• Support locum and agency staff

£89.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidManagement@block.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

182325133668946

Contact

Jenna Horton
01270446707
BidManagement@block.co.uk

Service scope

• Service constraints: Subject to a non-chargeable service scoping exercise
• System requirements: Full system requirements are detailed in the Service Description

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Block's response times vary based on priority:; ; Priority 1: 30 mins; Priority 2: 30 mins; ; (P1 - P2 SLA (24x7 including bank and public holidays); ; Priority 3: 2 hours; Priority 4: 4 hours ; Priority 5: 1 day ; ; P3 – P5 SLA (08:00 – 18:00, Monday-Friday, excluding Bank and public holidays)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: 24x7x365 Technical Support; Customer Success Manager (available on request)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User guide; Onsite user onboarding service (additional charge)
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customer migration of data from the service; Data migration service provided by Block (chargeable)
• End-of-contract process: Data is migrated to customer defined location. Once completed all customer data is deleted from the cloud platform. ; ; Full off-boarding documentation can be provided to the customer on request.

Using the service

• Web browser interface: Yes
• Using the web interface: Logon to the service; Change their password for the service
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Tested and approved at GP, Practice Management and IT level within the NHS.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Each user accesses a dedicated virtual desktop that runs on Microsoft Azure cloud services.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: Email notifications are distributed as usage is nearing the subscribed limits, whilst regular Customer Success meetings are held where adoption and usage is discussed.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft, VMware, Cisco

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • User profile data
  • User documents (if stored within the service)
  • Virtual machine gold images
  • Cloud infrastructure services
• Backup controls: Files stored within the service can be restored using the self-service portal (or by logging a service request)
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99% Uptime SLA
• Approach to resilience: Service deployed across multiple datacentres in multiple UK public cloud regions. ; Within each datacentre, the service is deployed across a minimum of 3 nodes within an availability set.
• Outage reporting: Block will provide a public dashboard which sets out the platform availability and response times that is real time, but providing a real time 30 day historical view. ; All outages are reported via the Block Operations Centre (BOC)

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: N/A
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 29/04/2022
• What the ISO/IEC 27001 doesn’t cover: Block are fully compliant
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Blocks security management system is based on ISO 27001, with regular internal and external audits. ; Security is the responsibility of our CEO.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Block’s ITIL aligned Change and Configuration Management process encompasses changes regardless of size or complexity:; • Changes are recorded, evaluated, prioritised, planned, tested, implemented, documented and reviewed within Service Now;; • Changes are recorded against the configuration items;; • Availability of the infrastructure, protecting from disruptive changes, unacceptable or unaccounted security risks.; The process recognises three types of changes:; • Standard – records service requests and internal changes (i.e. low or no operational impact). ; • Normal – needs technical sign off. ; • Emergency – required for implementation immediately, used for critical issues where quality or degradation of performance may occur.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Block’s approach to vulnerability management extends the life of a customer’s environment and increases the value of the technology investment with regular software updates and upgrades.; In the event a critical severity alert is identified the Operations Centre will raise a P1/P2 Problem record and work with the customer to resolve immediately.; In addition, Block also carry out regular regression testing whilst also monitoring zero day release threats. Block provides hardware and software updates through our service.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Block provide proactive monitoring of the environment capturing all events that are or have potential to become Incidents, these are automatically logged into the Service Management system for triage. ; Block monitors the health of the components in the Azure environment by fully utilising the built-in Azure Monitor toolset, polling the appropriate hardware and software health statistics that provide immediate insight into potential issues. ; Monitoring data is alerted upon where immediate action is required allowing for a quick response, whilst also being collected and retained for visual representation of key trend analysis, performance indicators and compliance status.
• Incident management type: Supplier-defined controls
• Incident management approach: Block utilises an ITIL aligned Incident Management process. Incidents are managed according to the process, encompassing all failures, faults, bugs and security risks across the supported infrastructure. ; Incidents are raised through the following channels: ; • Telephone – 0844 9671644 or 0344 9671644 (local rate); • E-mail – support@block.co.uk; • Via Service Now; ; Customers are provided with a Live Dashboard which displays all open, closed incidents and their success against SLA’s. In addition to this the customers Service Manager produces a written report with a detailed analysis of the incident management performance.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Microsoft Azure (cloud)
• How shared infrastructure is kept separate: A virtual network dedicated to each customer, with each network protected by network security groups (NSG), and firewall services.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The service runs within Microsoft Azure datacentres

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We aim to deliver reductions within Scope 1 and 2 through efficient utiisation of real estate, increasing energy efficiency, prodcuring 100% renewable electricity, increasing hybrid working and engaging with customers and employees on our sustainability strategies.; ; We aim to deliver reductions in Scope 3 by working up- and down-stream with our supply chain to drive emissions reductions in product use, operations, and supply chain. We believe that digitisation and a move to the Cloud is a fundamental enabler of sustainability and at the heart of our transformative services,; ; We also work to the following principles: ; - Encourage and actively incentivise the use of cycles, promoting the benefits (saving time, saving money, promoting physical and mental health, etc.); - Encourage the use of public transport throughout our organisation.; - Participation within our salary sacrifice electric vehicle scheme throughout our organisation to support them in making greener travel choices.; - Work with our suppliers and their transport, logistics and distribution partners to minimise deliveries, ensure efficient routes and drive overall reductions in mileage and associated emissions in the delivery of goods.

  Tackling economic inequality

  We understand that a resilient supply chain is dependent on a series of initiatives that combine to increase the capacity for resistance to and recovery from disruption. ; ; We work closely with our supply chain to manage and monitor supply both in and outside of the UK. Along with long-standing direct manufacturer/vendor relationships, we also hold several diverse direct distribution partnerships, from SMEs to global manufacturers, enabling a multisource supply strategy that minimises the risk of any kind of supply disruption.; ; To support a cohesive and well-integrated supply chain, we also proactively seek opportunities for collaboration throughout the supply chain. Through this, we are able to deliver increased efficiency, value, education, and innovation in support of optimal resilience. We work, wherever possible, with suppliers on the codesign of services; on training, education and awareness, and in managing and reporting on combined contract performance. We also seek to innovate on the use of disruptive technologies such as automation and AI, along with leveraging green technologies such as Cloud and Smart Buildings to drive efficiency and quality for maximum value and return.; ; We have continually evolved out delivery methodologies to ensure scalability and futureproofing. Our methodologies ensure an efficient, productive and sustainable apporach to delivery that operates on a 'continous improvement' basis to ensure an 'always modern' approach. We offer benefits through the intelligent and innovaive use of technology to promote collaboration and make easier the ability to adopt modernised delivery activities.; ; We hold the ISO27001 certification, to which Supply Chain Assurance is captured as part of our Annex A controls. We have a robust and documented process, ensuring we assess all suppliers on the basis of confidentiality, integrity, and availability; as well a contractual obligations and regulatory requirements, such as DPA18 and GDPR.

  Equal opportunity

  We consider it our responsibility to be proactively tackling the many social inequalities facing out society. We believe this begins with inclusion, and a life-long commitment to equality; both within our own workforce and so too in those we partner with.; ; We collaborate with local organisations and community groups to offer our people's time and expertise through initiatives such as careers coaching, developing interview skills, providing work experience placements, and delivering talks within specific disadvantaged or minority groups. This can help people further from traditional routes of employment to explore the potential of careers in tech and IT, along with developing soft skills such as interviewing, helping to strengthen the confidence and abilities of those who may have not had access to this type of learning otherwise. ; ; We ensure our job descriptions are easy to understand, not over-specified, or doscouraging to applicants. Salary banding is published wherever possible. From research, we know that more than 80% od disabled candidates feel their biggest barrier to emplyment is finding truly disability-friendly employers. This feeling is also carried amongst many moniroty grous, so we advertise our vacancies through platforms that target specific groups, such as DiverseJobsMatter, InclusionLondon and Evenbreak. ; ; There is a recognised skills gap within IT that is only becoming more significant. Our aim is to improve skills within the workforce through our Apprenticeship Academy, staff training and the encouragement and sponsorship of gaining industry-recognised qualifications. Out training approach is multi-faceted and accommodating to those with additional learning needs. Through a blend of vendor-led training, technical content delivery, hands-on training, lab working, professional body certifications, and soft skill development; our peopl are supported in developing a robust and comprehensive base skillset with the opportunity to increase their earning potential through regular revies and performance-led promotion.

  Wellbeing

  Wellbeing is a fundamental part of our people-centric culture. Our ways of working have been designed to provide the optimum working practices along with the education, enablement, and resources to empower our people to take the very best care of their wellbeing and mental health. We encourage our workforce to take care of their mental and physical health whilst also developing a community of acceptance and removing the stigma of mental health. Delivered through our project methodology by our trained and qualified People & Experience team, each year we raise awareness of physical and mental health through a series of wellbeing workshops and webinars supported by regular communication campaigns in partnership with specialist organisations and charities. This includes initiatives such as fitness challenges, mindfulness, resilience workshops, and incentives designed to reward those taking positive actions for their physical and mental health.

Pricing

• Price: £89.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Standard trial period is available for 5 users for 14 days.
• Link to free trial: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/blocksolutionsltd1589460165162.blk-clincial-workspace?tab=Overview

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidManagement@block.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.