360 Virtual School Solution
Our complete Virtual School solution covering attendance, attainment, progress, safeguarding, ePEP, analytics and consultancy assists Local Authorities & Virtual Schools in the monitoring and improvement of outcomes for vulnerable cohorts including; Children in Care (CiC/CLA/LAC), Children in Need (CiN), those on Child Protection, EHCP/SEN plans and Youth Justice.
Features
- Cloud-based platform with embedded 2FA providing secure access 24/7
- Daily attendance data collected via live calling and/or API extraction
- Interactive Management Information dashboards updated with real-time data
- Interoperable with multiple platforms and 3rd party databases
- Use to engage Senior Management, Social Care and Ofsted
- Inbuilt reporting suite/dashboards provides analysis of data in real-time
- Analytical, Strategic, and Operational Dashboards
- Covers attendance, attainment, progress, safeguarding, ePEP, analytics and consultancy
- Dedicated helpdesk/consultancy team to aid end users
- Fully managed system on behalf of LA/Virtual School
Benefits
- Guaranteed increase in reliable/accurate attendance, attainment, progress and safeguarding data
- Reduced administration tasks and costs through outsourcing of data management
- Improved information sharing between Social Care, Education, Virtual Schools/LAs
- Improved reporting/statistical analysis - determine where interventions are needed
- Single, complete solution for Virtual Schools to address complex challenges
- Improved completion rates for Personal Education Plans
- User friendly, intuitive interface meeting accessibility needs of all users
- Improved safeguarding of vulnerable children
- Increase in Ofsted inspection rating
Pricing
£2.82 to £3.26 a unit a week
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
1 9 6 0 1 9 9 9 8 1 7 0 8 4 2
Contact
Welfare Call (LAC) Limited
Andrew Henderson
Telephone: 01226 716333
Email: bidmanagement@welfarecall.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- None - We conduct all updates and maintenance activities outside of core business hours to minimize disruptions. With our commitment to reliability, we guarantee a 99.9% uptime for our services, ensuring uninterrupted access for our clients.
- System requirements
-
- Internet access
- Connection through a current supported internet browser
- Individual corporate email address
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Response times for support requests:
Priority 1: The entire system is completely inaccessible - response within one to two business hours.
Priority 2: Operation of the system is severely degraded, or major components are not operational and work cannot reasonably continue - response within two to four business hours.
Priority 3: Certain non-essential features of the system are impaired while most major components remain functional. - response within 12 business hours.
Priority 4: Change requests or issues that are cosmetic and/or have little or no impact on the services - response within 24 business hours. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Welfare Call provides all its clients with the same high-quality support and aftercare. Each client we work with will be allocated a dedicated account manager who will act as the central point of contact for first line support and specialist advice. Wherever possible an account manager will remain with a client for the duration of the contract ensuring a familiar and trusted contact with an in-depth knowledge of a client’s requirements. As a minimum account managers will hold review meetings with clients every 4 months (termly) to ensure the service/software is fulfilling the requirements of the client.
Additionally, our Service Desk Agents are also available and contactable during our standard Business Hours. Agents are trained to assist with all technical and support queries and remain in contact with the client until the query has been resolved.
Welfare Call provides several different support methods including; support helpdesk, online remote training, user documentation, training videos, webinars, phone support etc.
As a hosted provision our technical team take full responsibility for the configuration, maintenance, updates and support of the cloud service for the duration of the contract. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Welfare Call typically require just a single face to face ‘kick-off’ meeting with the client in the first week following contract commencement. The meeting normally covers:
• Walk through of the implementation plan
• Information we require from the Authority e.g. issuing of core data, setting of clients’ protocols, list of pre-approved users to be set up
• Data migration/import structure requirements
• Discuss chosen data collection methods
• Demonstration of the service in full
Our implementation process for new clients is relatively straightforward as:
• Our robust plan is underpinned by a comprehensive methodology and principles that is tried and tested with over 100 local authorities
• No local installation of software is required
• Our collection and reporting system, processes and procedures are finely tuned supporting best practices and aligning with legislation
• Our system requires minimal configuration
• Our system is intuitive and easy to use, so user training is straightforward
All clients are offered onsite or remote training along with user documentation/training manuals, training videos and the ability to join webinars and forums. Additionally, clients can liaise with their allocated account manager directly for support along with our dedicated helpdesk/customer support team. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Clients are able to access and download their data throughout the contract. Alternatively data can be provided to the client at the end of the contract by encrypted data transfer on request or as part of the planned Exit Plan. Clients are supported through the process of exporting any required data from the system
- End-of-contract process
-
Contract exit options form part of the contract definition and are discussed with the client both at the start and end of the contract to ensure that all statutory obligations, valid at the time, can be accounted for. On official request by the client we will hard delete all data and ensure this is destroyed in line with GDPR guidelines and regulations.
Depending on the level of additional work required (and the timescales associated with these requirements) there may be additional charges applied to cover any technical involvement or additional I.T development.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None - Welfare Calls platform has been designed and developed to fit mobile devices and smart devices
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- Welfare Call offers every client a dedicated customer portal, hosted in the cloud, providing comprehensive account management capabilities. Within this portal, users can conveniently manage their account details, update their two-factor authentication method, modify security questions, review access logs, and utilize the integrated secure messaging service for various purposes such as requesting support, submitting data updates, or accessing help materials.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
-
The interface undergoes rigorous testing with assistive technologies catering to visual impairments, including reversed colours, high contrast, and grey-scale modes, along with compatibility checks with screen readers. Our development team employs a suite of tools to proactively identify and rectify accessibility issues during the code production phase.
Furthermore, we offer alpha and beta testing environments, which undergo internal testing by our development team and validation by a select group of clients. Should you wish to participate in our alpha and beta testing programs, we encourage you to reach out to us directly for further details and involvement opportunities. - API
- Yes
- What users can and can't do using the API
- Our technical support team will provide documentation on how to connect to the Welfare Call/Wonde API. This will involve instructions on how to use the service and the rules of engagement. The API reads data directly from an education providers MIS relating to the children and young people we are required to monitor on behalf of the client. This data is subsequently fed into our database to enable access to our clients.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Welfare Call provides pre-approved client users the ability to customise certain aspects of the system/service as follows:
• Option to include additional calls/alerts to Social Workers and Carer to enhance safeguarding
• Ability for clients to run bespoke reports, on demand, using real time filters to ensure that only the relevant data that the client requires is exported
• Bespoke XML exchange services whereby agreed data sets are automatically delivered to clients
• All reports accessible can be download in a variety of formats at the client’s discretion e.g. XLS or CSV format
• Personalised/bespoke analytics ‘Dashboards’ to draw the client’s data together
• Clients can set up their own notifications/ reference points within the system to highlight any safeguarding concerns
• Clients via the ‘Data Extract’ facility can also export several core data fields directly from our system in order to build their own ad-hoc reports
• Clients can set up their own report schedule to receive reports on set dates/times and covering a period of their choosing
Scaling
- Independence of resources
-
We monitor the performance of our dedicated servers multiple times every hour including measuring redundancy, load balancing and bandwidth which are automatically scalable on demand. This ensures that we have a service that is available to clients 24/7 that can meet any demand. Additionally we also monitor page load times and report generation times against a pre-set baseline to ensure we maintain the same levels of accessibility all year round.
The service benefits from a denial of service mitigation process to minimise the effects of one user's actions on other users.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Examples of service metrics which Welfare Call provide include but are not limited to: uptime statistics, system usage and performance, user login audit trail and data access audit.
Additional bespoke reports of service metrics are available on request. - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Authorised client users have the facility to export data relating to the vulnerable cohorts we are required to monitor covering attendance, attainment, progress and safeguarding. This is achieved via the Welfare Call web portal which clients can access 24/7 during the contract duration. Filters can be applied to any of the reports contained within the reporting suite and exported in a variety of different formats e.g. xlsx, xml, csv, pdf, docx
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- XML
- JPEG
- XLSX
- DOCX
- PNG
- JSON
- B2B (Capita Export)
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XLSX
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Other
- Other protection between networks
-
Secure, encrypted email (via Egress and Welfare Call's secure messaging system) is used every time confidential or personally identifiable information is exchanged.
Users of out of date or unsupported browsers are blocked from accessing the system to prevent potentially insecure transfer of data.
Data will only be sent to recognised, authorised and registered email addresses. - Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Our data centres boast a 3-minute response time from their technical team responding to service outages 24/7/365 and guarantee 100% uptime on their network connectivity. This allows us to achieve very high rates of availability reflected in the uptime reports. Uptime is monitored from multiple locations, at the data centre, an independent 3rd party and our own internal team. Metrics measure performance, availability and system capacity 24/7/365 allowing proactive planning of service platform resources. Contracts are agreed taking into account client agent access times which typically extend well beyond the working day. Service affecting maintenance is scheduled for the early hours of the morning to minimise disruption from planned work. Service affecting issues in core business hours are prioritised and addressed immediately.
The service is penetration tested monthly allowing us to respond quickly to any emerging vulnerabilities affecting uptime.
The service minimises downtime due to malicious activity by using a network of load balanced Web Application Firewalls to protect it from common and emerging threats. - Approach to resilience
-
The service is run on a virtual platform making it independent of the underlying hardware. The virtual platform service is hosted in a tier 4 data centre and is configured for high availability with N+1 redundancy at all levels: dual redundant internet connections, dual load balanced firewall with DDOS mitigation service, dual power feeds with dual UPS and backup generators, redundant disk storage arrays in mirrored storage arrays and virtual compute provision. The service is resilient to failure of any component without interruption. The service configuration is replicated in a separate, geographically remote data centre with live data updates keeping the services synchronised. Backups are also taken hourly with daily backups stored at the other data centre and secure offline backups created and managed by Welfare Call.
The service also uses a network of load balanced Web Application Firewalls to protect it from malicious actions and emerging threats. The private networks the services run on are protected by dual load balanced firewalls with DDOS mitigation service and individual servers each have their own firewall locking down services and can only permit access from known sources. Our networks have NIDS/IDS services monitoring network traffic and actively blocking anything identified as malicious. - Outage reporting
-
Performance and service availability are monitored in the data centre, internally and using independent 3rd parties. Data centre technicians respond to service outages or performance issues 24/7/365. If performance, capacity or response times exceed thresholds or if the service is unavailable key senior staff are automatically notified and the event is logged. The incident response team use documented, tested procedures following NCSC guidelines. The team is also responsible for communication with clients and stakeholders ensuring that everyone is informed.
Where outages are planned, application banners notify users in advance, detailing services impacted and the expected times and duration of the interruption. Banners are displayed for at least a week before the outage where possible.
Clients can view progress notifications for current outages on the website which runs on a separate platform in a separate location to maintain independence. Additionally we also notify clients of potential outages in our half termly newsletters. Dashboards are also available for clients to view current and historical availability.
Scheduled service upgrades are planned regularly and executed out of hours, usually between 2am and 4am when records show fewest users on the system, to minimise the necessity for downtime during office hours.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Other
- Other user authentication
- We use a multi factor authentication process. Clients can make this mandatory for all agents with access to their data. Options include one time partial password, partial secret phrase, and one time code using an Authenticator App
- Access restrictions in management interfaces and support channels
-
Welfare Call has implemented four levels of access restrictions:
1. User Types: limiting the basic user’s interface and access rights e.g. read/write rights
2. Client: limiting what services are available to the user e.g. attendance monitoring, ePEP, Analytics
3. Individual Permissions: ability to limit/restrict a specific user to specific elements of a service
4. Master Client: settings limiting the client options - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Other
- Description of management access authentication
-
As Welfare Call provides a 'managed service' whereby we take the onus on the management of the system on behalf of the client, system administration and management access is restricted to Welfare Call employees alone. Administration activities by our staff are secured by username, password and 2 factor authentication (as mandatory).
System administration is controlled by username and password and Public Key Authentication over a secure link that is over an encrypted VPN
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- British Standards Institute (BSI)
- ISO/IEC 27001 accreditation date
- 14/06/2023
- What the ISO/IEC 27001 doesn’t cover
- Everything outside of the cloud hosted environment
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 25/10/2022
- CSA STAR certification level
- Level 3: CSA STAR Certification
- What the CSA STAR doesn’t cover
- Everything outside of the cloud hosted environment
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- ISO 14001
- ISO 9001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Other
- Other security governance standards
-
- Cyber Essentials Plus accredited
- Abide by the 14 Cloud Security Principles as set by the NCSC - Information security policies and processes
-
Welfare Call maintains its security policies, processes and procedures to match that of its datacentre's security standards i.e. in line with ISO 27001.
We systematically review and update our documentation on a regular basis taking into account any emerging threats, security risks and changes in law and legislation. Additionally, we maintain a risk register which provides a systematic and structured method of recording all risks that threaten both Welfare Call and its clients.
Any identified risks (both internal and external) are reviewed at senior management meetings alongside our DPO and Compliance Manager, Head of I.T Development and Head of I.T Networks.
New policies and changes to existing policies are made in line with ISO 27001. Any development is in line with, but not limited to, the following legislation: The Data Protection Act (2018)/GDPR, The Computer Misuse Act (1990), Freedom of Information Act 2000, ISO 9001 and ISO 27001 standards.
If you have specific questions relating to aspects of our policies, please contact us with details of your request.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Following ITIL guidelines and the ISO 27001 framework, a ticket is logged for every change request to record all actions and decisions taken. A timestamped repository of code changes is maintained, associated with each developer. Code is automatically checked before submission and changes are reviewed by a senior developer. Development is carried out in a secure, local environment and undergoes security and usability testing prior to being made live. A secure code framework is used for new developments ensuring features/functionality automatically benefit from pre-tested security. NCSC, NIST and other guidelines are referenced to ensure configuration changes follow best practice standards.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Code is developed within a secure framework. 3rd party CREST approved annual penetration test is carried out with monthly updates. Annual Cyber Essentials Plus assessment is completed.
A subscription to the National Vulnerabilities Database creates actionable tickets for developers to check potential risks.
Automated software update checkers alert technicians to security updates. NIDS and HIDS solutions use machine learning to detect and block identify issues.
Continual development and deployment practices allow a quick response to any issue found. Infrastructure patches/updates are applied within 14 days. Security issues can be actioned in less than an hour. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
High availability web application firewalls block malicious attempts to access or compromise the service. The service network is protected by redundant firewalls with DDOS mitigation. Network and Host Intrusion Detection services report issues found.
All workstations and servers have Anti-Virus software installed with on access scanning.
Identified issues are proactively managed by the incident team to remedy any issues soon as possible. A full incident review is created to record the incident and any remedial action taken to prevent recurrence.
Risk assessments are carried out periodically and recorded in the risk register. Policies and procedures are updated accordingly. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Incidents are triaged by the incident response team, verified and processed according to their severity.
Processes for common events are defined in our standard operating procedures with business continuity plans maintained for different scenarios. For less frequent events there are set guidelines to follow to allow the incident to be managed effectively.
Users can report incidents via phone, email or secure messaging. All staff undergo cybersecurity training to help identify potential incidents.
Automatic monitoring services send alerts of incidents to senior staff. Incident reports affecting client services are provided by secure email to nominated contacts agreed with the client.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Welfare Call is committed to reducing its carbon emissions and aligning with the Net Zero Carbon Strategy - our aim is to make sustainability, resilience and carbon minimisation
central to all our actions.
Where applicable we are also working to reduce our residual waste, maximising the use of recyclable materials and
increasing recycling rates. We also take into consideration the energy efficiency rating of any new equipment which is bought.
Our premises have recently installed solar panels and energy efficient lighting in an effort to reduce our carbon footprint.
Additionally, Welfare Call is committed to using low emission company vehicles to deliver its services and promoting the use of video conference meetings wherever possible. We also promote car-sharing and cycle to work schemes.Tackling economic inequality
As a company, we support over 100 local authorities in England from our offices in Barnsley, South Yorkshire. Our offices are physically located in an LSOA where 8/10 deprivation indicators are rated at 2 or 3 (including employment & education).
Welfare Call work with a number of local colleges and recruitment agencies to develop apprenticeship opportunities.
Our commitment to the apprenticeship programme is well founded within our business model with several apprentices subsequently going on to obtain full time positions within our company.
80% of Welfare Call’s staff live locally, so there is genuine community engagement and a corporate interest in the creation of sustainable employment opportunities and local regeneration to tackle the high levels of deprivation in Cudworth ward.
Welfare Call has grown to employ over 100 people across various roles in business for individuals with a wide range of education and skill levels.
Training is offered to staff based on needs and CPD identified through the annual appraisal process, and advancement is very strongly supported and encouraged.
We support local community initiatives. An example of this is demonstrated by our annual event to support local hospices whether that is to raise funds via a coffee morning, dress up/down day and/or collecting and donating toiletries. We have also hosted at least 2 events whereby we donated to local food banks at Christmas for the Salvation Army who were supporting local communities living in poverty.
Should the need arise, we would utilise local suppliers to support our service provision to assist with promoting local employment initiatives and supporting the local community.Equal opportunity
Welfare Call is committed to supporting equal opportunities and has therefore pledged itself to the Armed Forces Covenant. We recognise the hard work and sacrifice shown by members of the Armed Forces and are committed to ensuring that individuals who serve have the same opportunities for employment as others. We are committed to a fair recruitment and selection process that does not place any individual who is a Reservist, a veteran or a family member at an unfair disadvantage. As Welfare Call is part of the Defence Employer Recognition Scheme (ERS) Bronze award we encourage other suppliers to support Defence and inspire others to do the same.
Additionally, Welfare Call is disability confident committed. We commit to ensure our recruitment process is inclusive and accessible. We will offer an interview to disabled people who meet the minimum criteria for the job. We also anticipate and provide reasonable adjustments as required to support any existing employee who acquires a disability or long term health condition, enabling them to stay in work.
Welfare Call is also committed to providing the same opportunities to young people who are identified as vulnerable e.g. in care and care leavers. We commit to ensure that our recruitment process is inclusive and accessible. We will offer an interview to young people who are identified as vulnerable who meet the minimum criteria for the job.
Welfare Call also has an equality and diversity policy which is embedded across the whole company. We want to create a supportive and inclusive environment where our staff can reach their full potential and care is provided without prejudice and discrimination. We are committed to a culture where respect and understanding is fostered and the diversity of people’s backgrounds and circumstances will be positively valued.Wellbeing
Welfare Call has pledged itself to the mental health at work commitment implementing the 6 standards across our workplace, those being: to prioritise mental health in the workplace by developing and delivering a systematic programme of activity, proactively ensure work design and organisational culture drives positive mental health outcomes, promote an open culture around mental health, increase organisational confidence and capability, provide mental health tools and support (we have implemented a Employee Assistance Programme via Health Assured), increase transparency and accountability through internal and external reporting.
Welfare Call has also implemented the 'Thriving At Work' mental health standards within our workplace.
Additionally, we also promote safe, active travel and non-motorised means of getting to work e.g. cycle to work schemes, to help encourage a healthier workforce.
Welfare Call is company that has a strong belief in authenticity and recognises the importance of wellbeing. Specialist trained colleagues will refer individual employees, with specific needs, for risk assessments, workstation assessments or remote worker assessments to be undertaken by the HSO. Once these are complete, recommendations and suggestions are made for consideration. Appropriate adjustments regarding office equipment could include sit-stand workstations (adjustable desks), office chairs with additional lumber support and/or arm rests, office headsets for the hearing impaired, anti-glare screens, ergonomic mouse and keyboard and footrests. Other suggestions could be extra breaks, the opportunity to stand and/or walk and stretch, an accessible car parking space, changing the lighting above a desk, offering flexible working and/or changing an employee’s working shift, hybrid working and offering phased returns to those who are returning from a long-term absence. Managers maintain that each adjustment is reasonable, practical and kept up-to-date. At the heart of our culture is the desire to give employees permission to take care of themselves.
Pricing
- Price
- £2.82 to £3.26 a unit a week
- Discount for educational organisations
- No
- Free trial available
- No