Maxxima MVT
Maxxima VMS is a cloud-based Vendor Management System that automates a client’s temporary staffing process. This provides auto-matching, enhancement to the quality of workers and suppliers, and management of all client’s workflow requirements.
Features
- Real Time Reporting
- •Cloud based solution – remote access
- •Dedicated Progressive Web App
- •Dedicated service/platforms facilitating seamless direct/non-direct-engagement of locum workforce
- •Dedicated recruitment, on-boarding and time-sheeting and reporting portals
- •Implementation, change management, business process re-engineering
- •Account managers responsible for compliance, performance, account & supplier management
- •End-to-end recruitment, on-boarding, time-sheeting and self-bill administration
- •Full management report suite supported by bespoke reporting tools
- •Integrated with current processes and systems delivering a seamless service
Benefits
- •Control of roles and reporting data
- •Rate control/rate-escalation approval; multiple rates allowing for overtime and weekend
- •Supply chain management to help reduce rates
- •Large-scale savings, rate reductions, cost management & efficiency gains
- •Increased transparency and compliance allowing effective planning and reduced risk
- •Allows flexibility to adapt to changing demand and market conditions
- •Improved financial processes including self bill invoicing, reporting and accruals
- •Single System and service provider covering all staff groups
- •Greater visibility empowering better performance management of suppliers
Pricing
£1 to £25 a unit an hour
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 4 8 0 6 9 9 6 3 1 7 6 0 4 8
Contact
MAXXIMA LIMITED
Kosar Parveen
Telephone: 02074561486
Email: bid.team@maxximagroup.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- The system can be used stand alone or as an extension to other system such as - bank management software, timesheet entry solutions, back office accounts and payroll software.
- Cloud deployment model
- Private cloud
- Service constraints
- Our service operates in line with a pre-planned comprehensive maintenance schedule. Constraints include software access via approved browsers only.
- System requirements
-
- Browser access – google chrome, IE 11, Microsoft Edge
- Access to pdf reader for some functions
- Clients' needs can influence system requirements; scoped on implementation
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- We acknowledge with 2 working hours, resolve low-level issues within 24 working hours, medium-level issues in 48 working hours and technical issues within 14 working days.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- We provide each client with an account manager and dedicated team. They deal with all first-line support queries and day-to-day management and running of services. They are supported by a dedicated technical team for escalation of any second-line queries.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
• Team available to understand requirements
• Implementation team available to configure and setup the solution
• In portal help menu can be used to add training / FAQs
• On site training offered - Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
-
- Word
- CVS
- Visio
- End-of-contract data extraction
-
Data can be extracted via system exports already available, or can be requested as a change request. We discuss exit planning from start of service so we establish expectations and agree processes. We can export data in a standard csv format via secure email. Alternative formats and processes may be available.
With respect to retention of data, clients will determine the appropriate retention periods. - End-of-contract process
- From receipt of a notification of intent to terminate, our Account Manager will arrange a review meeting, followed by a resolution meeting and an exit meeting, where an exit plan is agreed and then executed. This will be conducted over a 12 week period and will ensure full delivery during , with agreed milestones and deliverables agreed for all stages. After 12 weeks any additional service or support will be provided at charge agreed during the exit plan. We will provide client with a copy of their data, in a manner reasonably requested and give access to our staff to help securely transfer client data.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Chrome
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Mobile app has the following functionality
• create vacancies
• submit candidates for review against vacancy
• review candidate and create assignment
• enter timesheets
• approve timesheets
• mobile notifications available when: new vacancy added, new candidates submitted, new timesheet for approval, timesheet approved - Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
- Account Manager works with clients to set up service and relevant API during implementation. Any API changes are logged with Account Manager, who works with systems engineers to facilitate changes. Data may be imported /exported through HTTPS via the user interface or using our bespoke Integrator.
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
• Users interfaces can be customised
• Users can customise their own search pages
• Portals can be branded
• Reports for users can be customised
• Vacancy workflows can be cutomised
• Pay and charge rates can be customised
• The system can be customised by form of change requests using our change process by Zeel Solutions
• Cost centres can be customised
• Custom fields can be added
Scaling
- Independence of resources
-
Users are set up with data access according to the data they need to see only, enabling a control on demand of resources.
As a software-as-a-service, the solution automatically and transparently handles scaling and redundancy based on SLAs governing performance and availability.
The solutions uses Microsoft Azure and can be setup to use load balancing and scaling options.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We provide fully bespoke metrics, configured/designed during implementation with client input.
The system provides:
Workforce management and planning
Integrated reporting throughout the process allowing budgetary/spend controls and oversight
Supplier management; dedicated supplier dashboards
Supported by a suite of MI including:
–Fill-rate reports
–Accrual reporting
–Direct engagement uptake reports
–Commission reports
–Payment files including breakdowns of VAT payable (invoices/self-billing to suppliers, proforma invoicing on behalf of client, PO management reporting/tracking)
–Savings reports
–Tenure-Reporting
–Exception reporting
–Multiple/other bespoke reports
The tool facilitates tracking/reporting of:
–Vacancy Rates
–Time-to-Hire
–On-boarding
–Cancellations
–Gaps
–Approval-chains
Reportable by:
–Grade
–Specialism
–Cost-centre
–GL Code
–Supplier
–Site
–Department
–Reason-codes - Reporting types
-
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Multiple exports available in csv and other formats. Reports are also available with data which can be downloaded to csv and other formats.
Datasets also available to use to download data.
Change request service also available if required for further data. - Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Other
- Other protection between networks
-
Control by IP lockdown
SSL - Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
-
Control by IP lockdown
SSL
Availability and resilience
- Guaranteed availability
- We aim to provide a service accessible 24/7, excluding emergency maintenance windows (if taken during hours of 5am-8am GMT) if required. We offer clients a KPI of 99% availability. Service credits would be agreed during contract negotiations.
- Approach to resilience
- The solution is hosted in Microsoft Azure and has all the assurances of the Azure white papers. Live Geo replication of the database is in place in the event of a DR, the website is backed up daily to an azure storage account; this can be used for trouble shooting and in the case of a critical error can be switched over to a read-write db. The database is also continual SQL Log backups, giving us point-in-time recovery for the database. Futhermore, the database has a weekly full backup to the azure storage account. The website has a daily backup to azure storage in case of rebuild required.
- Outage reporting
- We communicate any issues clearly and quickly. Our onsite staff ensure reporting. We use email notifications and online portal to ensure ongoing communication throughout any outage.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
-
The system can be completely configured so the data is driven by need to access basis.
The system can be locked down for reporting, user access to screens by read, write, edit and delete permissions.
Multiple roles can be created to allow bespoke access and assigned to users and groups.
Report groups can be created and allocated to users.
Data is driven and locked down for viewing on reports, and screens.
Users access can be further defined by location/client for timesheet approval, vacancy approval and rate escalation approval. - Access restriction testing frequency
- At least once a year
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- CDL Group
- ISO/IEC 27001 accreditation date
- 18/12/2021
- What the ISO/IEC 27001 doesn’t cover
- To our understanding nothing is not covered, and CDL ensure this on inspection.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- ISO 27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Our suite of policies underpin our ISO27001 and CyberEssentials accreditation. Our Information Security Management System has processes for all governance and security aspects, including staff training, data protection and retention, data transfer, hardware and access procedures. Senior Managers (e.g. HR, IT, Operations) form our Information Governance committee, which reports to the Board, ensuring a whole-group and multi-role focus, and reviews performance and procedures.
Procedures for suspected/ actual information security incident (including near miss) mandate how each staff member should report, and what action is needed.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
Change management via our internal methodology which combine scrum, waterfall and agile methodologies of project-delivery/development.
Change process includes a requirements-capture to understand the requirement and business processes involved in the change. We produce a Functional Change Request which outlines details of the change and the impact on functional processes/system-functions.
Change is developed and deployed to a development environment for internal testing. Once signed-off the change is deployed to sandbox for client sign-off.
Once signed-off a date is agreed with the client for upgrade of change to Production. Support is then updated internally with the change process so client is supported. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Our data centre team manage the security and vulnerabilities of the network and inform us of any such case. These are then actioned immediately with a devised plan of action carried out in conjunction with advice from the network team and the data centre team.
Our Azure offering is also monitored for any vulnerabilities by our network and implementations team. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- We have live auditing and reporting from our datacentre and azure to identify any risks or compromises.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Zeel Solutions are compliant with ISO9001 standards conforming to risk register and completion.
We also conform to GDPR stipulations for data breach notifications.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Our Group-wide initiative, Champions of Change, focuses on combating climate change as well as recycling and waste reduction, community engagement and carbon footprint and sustainability initiatives. To ensure our operations minimise environmental impact, we:
• Contribute to the NHS Net Zero plan by achieving fewer patient attendances and journeys
• Train our staff to implement and deliver sustainability activities
• Produce office/location-specific recycling and energy saving plans
• Deliver inductions/onboarding completely electronically, removing paper/ink usage
• Produce electronic versions of patient communications
• Have Environmental Champions across the Group to discuss and disseminate initiatives, i.e. encouraging greater recycling whilst people are working at home.
Clean Air Commitment: Where possible, we encourage green business travel options for staff where appropriate, including:
• Using public transport
• Car-sharing
• Use of digital solutions
• Working from home
• Cycle to work scheme - Covid-19 recovery
-
Covid-19 recovery
Since the pandemic outbreak in 2020, we have worked extensively with clients to deliver innovative service-models to support rapidly-changing priorities. Since January 2021, our staff have delivered:
• 800,000+ covid tests
• 19,000+ PoC tests
• 30,000+ LFTs
Our work to support local and national recovery Covid-19 impact has included:
• Supported workforce delivery to provide healthcare services to NHS Trusts (including Nightingale hospitals), e.g. short-notice cover for staff sickness/absence to ensure continuity of healthcare-delivery
• Developed remote and digital services to support NHS clinical services and alleviate waiting-time pressures
• One of our clients created a pool of 300+ volunteers willing to support in response to COVID-19’s first wave. They were struggling to manage this large additional workforce and scheduling duties. As part of our social-value commitment, we offered to manage this new bank of volunteer staff for them, using skills/infrastructure we already had in place. This resulted in a joint partnership where we also provided marketing time to ensure volunteer opportunities were advertised. As a result, the client could utilise this volunteer-workforce to its full potential, positively impacting its wave-1 Covid19 response.
• As a government-approved provider of Covid testing, we were instrumental in supporting universities with their student/staff testing-programmes (c.100,000 tests) to support attendance at lectures and for students to return home.
• Supported our clients, as a government-approved provider of vaccinations, to deliver Covid vaccination programmes through supplying volumes of appropriately-trained staff, to NHS frontline staff and patients at NHS locations, community centres and within Nightingale Pods. This included managing the complete workforce-delivery of these venues.
• Supplied Life Sciences staff to pharmaceutical and clinical research organisations for vaccine development and trials.
Where onsite presence is required, COVID safety protocols are adhered to at all times, including social distancing, PPE and face masks utilised. - Tackling economic inequality
-
Tackling economic inequality
Support in-work progression, help people move into higher-paid work by developing relevant skills:
All staff attend three-monthly appraisals, with objectives to meet CPD requirements. Worker-development is promoted through our development-programme; one-to-ones/appraisals ensure:
• Areas-for-development are highlighted
• Defined personal-objectives/goals are met.
Crucially, we use this time to discuss/facilitate additional skills/training. As well as mandatory training, we offer access to additional CPD courses, including 200+ RCNi-approved training modules.
Understanding in-work progression issues affecting market/industry/sector: Our Insights team help us maintain an innate understanding of in-work progression issues, for our market and within our organisation. We use this information to highlight areas of concern/best-practice across the market, internally, and within individual contracts to review policies/processes to ensure progression/development-pathways support sustainable workforces. - Equal opportunity
-
Equal opportunity
Equality/Diversity/Inclusion (EDI) is at the heart of our approach. With everyone we meet in our work, we consciously consider the need to:
• Eliminate discrimination
• Advance equality-of-opportunity
• Foster good relations.
We:
• Champion people’s differences and their positive impact on our organisation/work
• Encourage inclusion of diverse experiences/backgrounds/knowledge/skills to enrich us
• Create environment of dignity/respect/inclusion; diversity thrives free of bullying/harassment/victimisation/discrimination, individual differences/contributions are recognised/valued
In all work/settings, we strive:
• To represent local society
• For clients/patients/employees/stakeholders to feel respected/valued
• To provide accessible services that respect each individual’s needs and do not exclude anyone.
In Due Regard to Equality duty, we highlight our expectation that staff treat each other and patients as equals. We take complaints of bullying/harassment/victimisation/discrimination extremely seriously, dealing with such acts as misconduct under grievance/disciplinary procedures; serious complaints may amount to gross-misconduct and lead to dismissal.
We have a dedicated post-holder heading up EDI, leading strategies and working with HR/leadership-teams to:
• Deliver EDI-related strategic goals
• Provide expert guidance/advice across business-cycles.
Our account-management/dedicated teams work closely internally/with clients, to continually review processes, including Recruitment/Retention/Pay/Development to ensure they reflect equity/equality, diversity/inclusion within/across all workplaces/contracts. - Wellbeing
-
Wellbeing
Leading a fulfilling/healthy/balanced life is central to our culture. During difficult times we ensure staff have accessible support in formats suited to them e.g. Social-Media, an onsite presence, peer-support networks, drop-in sessions and phone/online access as well as specific health programmes, activities/sessions, and our WellbeingWay healthy lifestyles App. We continue to use innovative, wide-ranging services to connect/support our staff.
Regarding the Six Standards of Mental-Health; we:
1. Adopt a ‘people-first’ approach and have developed Four Pillars of Wellbeing (mental/physical/financial/social) offering initiatives e.g. Wellbeing-Champions and a Wellbeing calendar.
2. Proactively design culture, driving positive mental-health outcomes, including workload-management/actively encouraging staff to ‘switch-off’ after working-day. We give access to mental-healthcare pathways, with appropriate specialism/intensity/support as employees move through each stage.
3. Promote open culture around mental-health. Our sister-companies include specialist mental-health recruiters and counselling-providers, giving an inbuilt openness towards mental-health. Our “get-to-know-your-senior-managers” communications include managers’ personal experiences of mental-health/coping-mechanisms, demonstrating that employees are not alone.
4. Increase organisational confidence/capability, an ongoing process.
5. Provide mental-health tools/support: access to support-networks, including MIND-trained Mental-Health First-Aiders; 24/7 Employee-Assistance-Programme; SilverCloud online-CBT; Access-to-Work service delivered by specialist-advisors, with tailored support for mental-health difficulties at work.
6. Increase transparency/accountability through internal/external reporting.
In every contract we build appropriate engagement so workforce help decide issues to prioritise, via surveys, one-to-one-discussions, focus-groups and training-workshops.
Engagement activity regarding physical and mental health is an ongoing process. We measure staff engagement quantitively, via number of staff who respond to specific initiatives, and quantitively, via formal/informal engagement which sees us record comments/observations/suggestions for improvement.
Pricing
- Price
- £1 to £25 a unit an hour
- Discount for educational organisations
- No
- Free trial available
- No