GP Liaison Services

Software as a Service

Our company specializes in analyzing large, disparate datasets to improve workflows, reduce costs, optimise transportation, and provide demand optimisation insights through our dashboards. We offer actionable business intelligence to help businesses make informed decisions and drive efficiency.

Features

• Real time driver tracking
• Automated data ingestion
• Supplier Invoice Ingestion
• Remote Access
• Generative AI functions
• Workflow optimisation
• Transport Route Optimisation
• Demand Planning and optimisation
• Modelling and scenario simulation

Benefits

• Improved route planning
• Improved demand planning by linking transport to demand
• Analysis and reduction of supplier spend
• Enhance workforce productivity and efficiency
• Optimise operational processes and workflows
• Heatmap modelling and population statistics
• Workflow variation and quality modelling
• Baseline modelling vs optimal modelling
• Turnaround time quality monitoring and measurments

£995.00 to £40,000.00 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aturner@dahgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

197766163118156

Contact

Andrew Turner
07525732921
aturner@dahgroup.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: MFA required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 120 minutes during normal workings hours, Monday to Friday 08:00 to 18:00. We do not operate at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Each client engagement is allocated a project manager, who is available at the contract cost. The contract manager's role will be to support the client and their end-users throughout the lifetime of the engagement. This will include regular meetings to review insights, support to deliver data normalisation, and collaborative working to ensure insights are meaningful and support the specific needs of the client's end-users. The project manager will be responsible for on-boarding end - users at the start of each contract and off-boarding at the end of the project. Regular training will be provided throughout the project.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: 1. Welcome Email: Upon contract award, clients receive a welcome email containing login credentials and a link to access the data tools, this includes the MFA process.; 2. Initial Meeting with Account Manager: Clients are assigned a dedicated account manager who schedules an initial meeting to understand their specific requirements and objectives.; 3. Tailoring Data Outputs: The account manager works closely with the client to tailor the data outputs to their specific needs, ensuring that the insights provided meet their objectives.; 4. Onboarding Training: Clients receive onboarding training sessions to familiarise themselves with the data tools, including how to navigate the platform, interpret visualisations, and utilise the various features effectively.; 5. Ongoing Support and Training: We are committed to providing continuous support and training, ensuring that clients always feel reassured and confident in their use of the data tools, and that the insights generated remain valuable.; 6. Feedback and Follow-up: Regular check-ins with the client are not just scheduled but actively encouraged to gather feedback, address issues, and make necessary adjustments to the data outputs. This ensures that clients feel heard and involved in the process and that the data outputs continue to meet their evolving needs.
• Service documentation: No
• End-of-contract data extraction: The account will assist clients with the data extraction process and provide any necessary support or guidance. Multiple data export options such as CSV, Excel, PDF, or integration with cloud storage services like Google Drive or Dropbox. We will allow clients to select specific data sets, time frames, or formats for export, ensuring they only receive the data they need.
• End-of-contract process: The end of the contract process is included in the agreed contract cost, so long as the appropriate notice period has been adhered to.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Data outputs and visualisations can be adapted to the client's requirements. Users working with their project manager can use the Generative AI function embedded within the data insights tabs, enabling clients to test various scenarios, analyse trends, and make informed decisions without compromising privacy or data security. This helps clients customise and refine their data outputs to better suit their specific needs and objectives.

Scaling

• Independence of resources: 1. Auto-scaling will automatically adjust the number of compute resources in response to changes in demand. This ensures that our service can handle increased user load without affecting performance.; 2. Load Balancing: Incoming traffic can be distributed across multiple instances. This ensures that no single instance is overwhelmed by high demand and that users are routed to the least busy instance.; 3. Monitoring and Alarming: Use monitoring and alarming to continuously monitor our service's performance and automatically scale resources in response to changing demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: For clients to export data from their systems into our data lake depends on various factors such as the volume of data, frequency of updates, and technical capabilities of the client. When onboarding a new client we will work with their technical team and agree how data is ingested. The most common approach is to use a secure web interface that support various file formats such as CSV, JSON, XML.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Xml
  • Json
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Xml
  • Json

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We understand the importance of reliable access to critical data and insights. That's why our insights dashboard, hosted on AWS, is guaranteed to be available.; 1. AWS Hosting:; Our insights dashboard is hosted on Amazon Web Services (AWS), providing a robust and scalable infrastructure for reliable performance.; 2. High Availability Architecture:; We have designed our architecture with redundancy and failover mechanisms to ensure the high availability of the insight’s dashboard.; 3. Service Level Agreement (SLA):; This includes uptime commitments and response time guarantees.; AWS guarantees a minimum uptime for its hosted services, including EC2 instances, S3 storage, RDS databases, and more.; I. EC2 Instances: Monthly Uptime Percentage of at least 99.99% for Amazon EC2.; II. S3 Storage: Monthly Uptime Percentage of at least 99.99% for Amazon S3 Standard, S3 Standard-IA, and S3 Glacier storage.; III. RDS Databases: Monthly Uptime Percentage of at least 99.95% for Amazon RDS Multi-AZ deployments.; IV. Similar uptime guarantees are provided for other AWS services such as Amazon Route 53, AWS Lambda, and AWS Elastic Beanstalk.; 4. Service Credits:; After the first 2 hours of the outage, the client will be refunded for every 1 hour of unavailable access to the dashboard.
• Approach to resilience: Our architecture is hosted within AWS, whose data centres are designed with resilience, ensuring high availability and reliability. This includes:; ; 1. Redundant Power Supply:; ; AWS data centres are equipped with redundant power supply systems, including backup generators and uninterruptible power supply (UPS) units, to ensure continuous operation even during a power outage.; 2. Redundant Networking:; ; AWS data centres are connected to multiple internet service providers (ISPs) and have redundant network paths to ensure continuous connectivity. ; 3. Geographic Redundancy:; ; AWS has multiple data centre locations worldwide, allowing customers to deploy their applications and data in multiple geographic regions.; 4. Fault Tolerant Architecture:; ; AWS uses fault-tolerant architecture, which includes the use of redundant hardware components and automated failover mechanisms.; 5. Data Replication and Backups:; ; AWS offers data replication and backup services, such as Amazon S3 for object storage and Amazon RDS for databases, to protect data against loss and corruption.; 6. Security Measures:; ; AWS data centres are equipped with multiple layers of physical security, including 24/7 monitoring, biometric access controls, and security guards. ; 7. Compliance and Certifications:; ; AWS data centres adhere to industry standards and certifications, such as ISO 27001, SOC 1/2/3, and PCI DSS.8.
• Outage reporting: As an SME, we are committed to providing our clients with reliable, high-quality services. In the event of a service outage, we follow these steps to report and monitor the situation:; 1. Proactive Monitoring:; We employ proactive monitoring tools to continuously monitor the performance and availability of our services hosted on AWS.; 2. Immediate Response:; Upon detecting a service outage, our team is immediately alerted, and we begin investigating the root cause of the issue.; 3. Timely Communication:; In a service outage, we promptly notify affected clients via email, phone calls, or other preferred communication channels.; 4. Detailed Status Updates:; We provide regular status updates to keep clients informed about the progress of the resolution efforts. This includes updates on the root cause of the issue, estimated time to resolution, and any workaround solutions available.; 5. Post-Incident Analysis:; After resolving the service outage, we conduct a thorough post-incident analysis to identify the root cause of the issue and implement preventive measures to minimise the risk of similar incidents in the future.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We implement several measures to restrict access to management interfaces and support channels, ensuring that only authorised personnel can access them:; ; 1. Role-Based Access Control (RBAC): We use RBAC to control access ; 2. We use MFA, requiring users to provide multiple forms of verification before gaining access. ; 3. Audit Trails and Logging: We maintain detailed audit trails and logs of all access attempts to management interfaces and support channels.; 4. Regular Access Reviews: We conduct regular reviews of access rights to management interfaces and support channels.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: We are Cyber Essentials accredited and moving to Cyber Essential plus. Our cloud partners are ISO/IEC 27001 accredited. We will begin achieving ISO/27001 certification within the next 12 to 18 months. Our architecture sits within AWS, which is ISO/IEC 27001 certified.
• Information security policies and processes: Our Information and Security Policies and Processes document outlines the framework for maintaining the security and integrity of our information assets. It includes data protection, access control, incident response, and regulatory compliance. To ensure staff and systems are compliant, we employ a multi-faceted approach:; ; 1. Staff Training and Awareness: We conduct regular training sessions to educate employees about security policies and best practices. This ensures that all staff members understand their roles and responsibilities in maintaining security.; 2. Access Control: We implement strict access control measures to ensure that only authorized personnel have access to sensitive information and systems. This includes user authentication, role-based access control, and regular access reviews.; 3. Monitoring and Auditing: We continuously monitor our systems for any security breaches or policy violations. Regular audits are conducted to ensure compliance with security policies and to identify areas for improvement.; 4. Incident Response: We have a well-defined incident response plan to quickly respond to and mitigate any security incidents. This includes procedures for reporting incidents, investigating their root causes, and implementing corrective actions.; 5. Regular Review and Update: Policies and processes are reviewed and updated regularly to reflect changes and best practices, ensuring that security measures remain current.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration Management: ; 1. Determine which configurations are necessary for the software to function correctly.; 2. Ensure that only authorised changes are made to the configurations.; 3. Keeping records of the configurations and any changes made.; 4. Regularly check the configurations to ensure they meet the required standards and function correctly.; Change Management: ; 1. Logging a change request, which includes the change's reason and impact.; 2. Assessing the change for potential impact.; 3. Authorising the change if deemed necessary.; 4. Carrying out the change in a controlled manner.; 5. Tracking the change’s progress and its effects on the system
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We continuously assess potential threats to our services through automated monitoring, threat intelligence feeds, and industry alerts. High-risk threats are prioritised for immediate action. We rapidly deploy security patches and updates to our services.; Priority is given to critical vulnerabilities requiring immediate attention.; We gather information about potential threats from various sources, including AWS Security Center and Firewall Security Providers.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We ensure that events are monitored and logged. Alerts are set instances such as failed login attempts with alerts set to notify personnel. Should an instance become life, we follow the Identify, Protect, Detect, Respond, Recover model to remediate the instance properly. Within our AWS-hosted environment, several real-time monitoring functions, including Cloud Trail, Guard Duty, AWS Config, Security Hub, Inspector, IAM and Trusted Advisor, are used to identify and mitigate risk. We respond to incidents upon notification immediately and provide updates to clients within 120 minutes.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Within our Information Governance Quality Policy, we have the ISP_015 Security and Data Breach Policy; this policy ensures compliance with ISO/IEC 27035:2011 standard and mitigates the risk of security incidents on service delivery. Incidents are reported using Document ISP_016 Data Breach Incident Management Reporting Form. Document ISP_017 Data Breach Investigation Post Mortem From is used to provide an incident report.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  1. Optimising Transport and Logistics for Healthcare: We work closely with the NHS to optimise transport and logistics services within the healthcare ecosystem. By streamlining transportation processes, we help reduce the CO2 footprint of NHS vehicles, contributing to a healthier environment and a more sustainable future.; ; 2. Improving Laboratory Testing Workflows: With over 1.2bn diagnostic tests carried out every year, the CO2 impact of plastics within the NHS laboratory environment is substantive. Our data modelling and demand management tools improve laboratory testing workflows, ensuring specimens are tested correctly the first time. This increases the efficiency of laboratory operations and leads to faster patient diagnosis. By reducing the number of samples rejected by the lab, we help more patients receive timely and accurate test results, ultimately improving patient outcomes. The impact of improving first-time diagnostic rates means that less plastic is incinerated by the laboratory.

  Tackling economic inequality

  Paying Above the National Minimum Wage; We are committed to fair and ethical employment practices. We pay all our employees, including interns, above the national minimum wage, ensuring they receive fair compensation for their work.; As a remotely based company, we can employ staff from across the UK. By providing remote job opportunities, we contribute to job creation and economic growth in various regions, helping to build stronger and more inclusive communities nationwide.; We are dedicated to delivering value beyond our services, making a positive difference in the healthcare sector and the wider community.

  Equal opportunity

  Creating Employment Opportunities and Supporting Graduates:; We proudly offer an internship program to help graduates gain valuable work experience and develop their skills. Our program provides opportunities for recent graduates to gain hands-on healthcare experience, helping them kick-start their careers.

  Wellbeing

  Addressing Social Deprivation: We include instances of social deprivation within our data and insights models to better inform local teams about areas where support is needed most. By analysing data on social deprivation, we can better allocate resources and support to areas with higher levels of social need, ensuring that all patients receive the care and support they require.

Pricing

• Price: £995.00 to £40,000.00 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aturner@dahgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.