RPM Business Communications Ltd

Patient Contact/Contact4Business

RPM’s ‘Contact’ provides cloud telephony functionality and technology with extensive and fully manageable features which give you complete control over your communications estate, whether you’re a single or multi-site environment with handset, mobile or desktop users.

Features

• Access to online portal and complete system awareness
• Choice of softphones, desktop phones or mobile users
• Applications - Integrated screen-pop, voicemail and cloud fax services
• Call queuing, opt out and auto call back
• Estimated wait time and call queue position
• Real-time call centre analysis
• Call recording - all calls or on demand, stored on-line
• Disaster recovery and call guard fraud protection
• Voicemail-to-email, fax-to-email or email-to-fax (cloud mail)
• Language translation services

Benefits

• Ability to take calls on any device, anywhere
• Call recording access for dispute resolution and training
• Data security and fraud detection and prevention facilities
• Reduce abandoned calls
• Take steps toward a paperless environment and reduce carbon footprint
• Disaster recovery and operational continuity
• Inclusive maintenance within monthly rentals
• 24/7 access to online portal to make configuration changes
• 24/7 access to RPM support team
• Free of charge calls to UK local/national/mobile destinations

£24.00 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@rpmsols.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

214929108387965

Contact

James Lupson
0333 6006 999
info@rpmsols.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Non essential portal access may be limited out of hours due to planned maintenance.
• System requirements:
  • Dedicated or compatible IP network required
  • Minimum bandwidth requirement of 100Kbps per user

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1-5 working days, depending on the priority of the query.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: RPM provide a dedicated service response centre staffed by qualified personnel. Our aim is to provide a prompt, positive and professional response to your call or email if you require technical advice or should your cloud system develop a fault. First line support is available via email or over the phone 24/7/365. For any major faults or system failures RPM aims to respond within 1 working hour. We regularly inform the status of a raised support query and provide a support ticket reference. Any updates to this support reference are emailed to the specified contact.; ; We provide Service Desk and Account Management Teams. Support engineers answer the phones in the RPM Service Desk and perform first stage fault analysis. If they are unable to resolve the incident will be escalated to Tier 2 and Tier 3 technical support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-site training is fully inclusive within the system purchase cost and is usually provided by the RPM engineers installing the solution. Additional remote training can also be provided. User guides are provided.; ; General queries and guidance can be directed to our operations and support teams.; ; A named account manager will also be assigned to your account to support you and provide responses on any questions in the first instance.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Our online admin portal is a secure online space giving customers complete visibility of the assets that we manage for them. This information can be easily downloaded for extraction into excel. Our monthly ebill information which is sent out to the customer via email also includes a breakdown of the communications estate in a PDF format.
• End-of-contract process: Unless the customer provides notice according to the terms and conditions then there contract will continue all services. ; ; All hardware is included within the price of the contract. This can include, but is not limited to, handsets, headsets, expansion modules, PCs, monitors, PC peripherals, PoE switches, Cat5e cabling/sundries and routers where applicable. Software licenses for the use of the cloud platform are non-transferable. Routers supplied by RPM for dedicated network services are not included within the price of the contract and we expect these to be returned at the expense of the customer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We provide a bolt on App which can be added as an option. ; The mobile soft client app allows a user to make and receive calls on a mobile device, as well as accessing key settings for their service. It provides all the same functionality as the desktop soft client.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Customers can inform us of any CRM or other types of database which they would like to interact with the cloud software. This could include the integration and 'screen-popping' of customer information as they call into the system, which then appears on the end users desktop. We also allow the implementation of some automated download services for call recordings, as well as development on updates to cloud storage services for call recording back-ups.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users have the ability to move 'widgets' around on the home screen in an order which suits them best. Users have full control over call flow features and schedules. This means at any time of the day they can program a change to the system and adapt where incoming calls are answered. These schedules are programmed to activate automatically, which means pre-defined events (such as training dates, bank holidays, lunch modes etc.) can all be scheduled in advance. Voicemail, voicemail-to-email and auto-attendant messages can be altered. User presentation ID can be changed, which can be a user ID, the site main number or withheld completely.; ; Administrators have access to the full feature set of the platform, including the statistics and call recording sections. Each application user can also be given access to their own portal which offers completely separate widgets based around individual statistics, call history and login/logout features for call groups.

Scaling

• Independence of resources: Management of our SLA's are in accordance with customer numbers and staffing numbers. Staff headcount and resource are kept to levels which outweigh customer demand.

Analytics

• Service usage metrics: Yes
• Metrics types: The standard system comes with historical call statistics 'out-of-the-box' which is accessible for up to the previous 12 months. This highlights the number of inbound/outbound calls, and can be filtered by specific hunt groups, users or sites. For an advanced call reporting 'call centre' experience, an additional comprehensive call centre package is available. This integrated software (also cloud-based, accessed via web pages) offers granular detail on call flow and user activity, as well as real-time wallboards, reporting and agent status if required.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: BT OpenReach

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: A number of the feature pages within the platform have blue 'export' icons which allow you to download a list of the data relevant to that page. This could include user info, hardware info or call statistics and recordings.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Service Availability and other measures with the SLA relate to the core service and does not include access or local CPE elements.; ; If a Service is partially available then the Unplanned Downtime shall be calculated in equal proportion i.e. if a service is 50% available then the unplanned downtime will be calculated as: [50% x elapsed period of the incident]. Availability Measurement Period: 3 Calendar months.; ; User subscriptions will be available 99.95% of the time.; ; Graphical User Interface (GUI) will be available to end customers 99.9% of the time.; ; Auto-Attendant, Call Recording and Unified Messaging subscriptions will be available 99.0% of the time.; ; Not included:; - Outages which are deemed by us to be the result of matters outside of direct control; - Planned or emergency maintenance; - User error; Notes: Core functions are part of the Switching infrastructure, transmission equipment and core network, the service that supports call routing and termination.; Non-Core functions include the network Support Systems, access to any relevant portals and feature based services such as Call Plans, Call diverts, Auto Attendant and Call Recording; PESQ score target for G711 is 4.1 and G729 is 3.7
• Approach to resilience: Core service is hosted across 2 data centres based in London and Manchester. Data is replicated between the two to protect against loss of information or service disruption. The underlying core network is based on BT Openreach fibre connectivity with both 'business care' level added to the IP connection and 'care level 4' on the circuit, which is the highest level of response for faults. Cloud-based services are accessible by our support department 24/7 and therefore calls can be routed to disaster recovery locations in the event of a fault or unforeseen circumstance. This provides reassurance with complete operational continuity options available round-the-clock. With leased line connectivity RPM can also implement a backup service.
• Outage reporting: For major service outages to the core network RPM can contact the affected customer's via email. Updates on the severity and estimated fix time can also be directed to the point of contact for each affected site. We; also utilise our social media presence to highlight any issues which may have occurred at a national level.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access to our platform is typically provided on a secure and dedicated network with firewall restriction and QoS-enabled routers. End user access to the features and underlying software is protected via username and password credentials via a secure web interface.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyd's Register Quality Assurance Ltd
• ISO/IEC 27001 accreditation date: 29/04/17
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The underlying network and infrastructure operators have deployed an Information Security Management System Manual (ISMS) which meets and is certified to ISO 27001:2013. It is supported by numerous policies and processes including but not limited to the following:; ; Information Security Policy; Information Security Incident Policy; Acceptable use policy; Access Control Procedure; Backup Plan; Business Continuity Plan; Confidential Data Policy; Data Protection Policy; ; The Reporting structure is from employees or customers to the Information Security Manager to the Information security Forum which is attended by several Directors and heads of departments. The Information Security Forum meets monthly to review all security incidents and events and corrective actions are agreed and tracked at this forum.; ; To raise awareness there is also access to a computer-based training platform for Security Awareness which is repeated annually. Line Managers have a responsibility to ensure their staff are aware of and follow these policies.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change Control Process covers changes made to operational systems, to mitigate the risks and impacts that any change has and ensures good communication at all stages. ; Change Management ensures changes to core infrastructure and services are performed and implemented correctly.; Best practice guidance, aligned to ITIL (OGC), recommends that the starting point for any change should be a review of generic questions or the ‘seven Rs’. ; A risk and impact assessment is carried out for each change this involves detailing the assets under change.; The Change Advisory Board (CAB) has a representative from each impacted business area.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our network utilise failure mode effects analysis process, conducting regular, systematic assessments of vulnerabilities to determine the necessity of safeguards, countermeasures and controls, monitoring for changes to maintain an acceptable level of risk. Includes identifying key information assets and subjecting them to specific risk assessments, assessing exposure to a list of common threats and vulnerabilities, maintaining risk registers, implementing technical, policy, business continuity and management initiatives;; Each patch is assessed and deployed accordingly: ; High - Urgently.; Medium - ASAP.; Low - time permitting.; Our network utilise many Vendor sources and industry RSS feeds, CERT, Ubuntu and Debian. Member of CiSP.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our network utilise GPG 13 guidance. There is a pre-built Security Information & Event Management Solution (SIEM) to identify potential compromises. If a compromise is found it is investigated. A Security Incident is raised to track the investigation, root cause and solutions if required to rectify or improve the situation. There is a response to incidents as close to real time as practicable.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our network operate an Incident Management process which has numerous pre-defined sub groups of staff designated for particular products or scenarios. It can be initiated by any member of staff and is managed by the 24/7 Network Operations Centre (NOC). Any incident is reported by the customer to the Service Desk, it is recorded in a customer relationship management tool (CRM) and an Incident report is produced after root cause analysis has taken place. Any Incident reports are made available to end users via pdf.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  LED office lighting throughout nationwide offices. Electric vehicle swap overs since March 2022 where possible.
• Tackling economic inequality:

  Tackling economic inequality

  Reduced working hours for all staff and introduced annual automatic salary increases.
• Equal opportunity:

  Equal opportunity

  We are committed to equal opportunity and diversity.
• Wellbeing:

  Wellbeing

  Reduced working hours for all staff and introduced annual automatic salary increases.

Pricing

• Price: £24.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@rpmsols.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.