Chronicler

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Chronosoft Chronicler, part of the Chronosoft suite, streamlines incident management by integrating with Orchestrator, Locator, and Medstat. Orchestrator optimises workforce management, Locator enhances geospatial capabilities, and Medstat specialises in out-of-hospital care reporting. The suite's API library ensures seamless integration with external software, significantly improving operational efficiency and decision-making processes.
Cloud deployment model: Public cloud

Hybrid cloud
Service constraints: Our service is designed to ensure high compatibility and optimal performance across a wide range of hardware and infrastructure configurations.

To maintain the highest standards of service quality and security, we schedule regular planned maintenance windows. These are strategically planned to minimise disruption and are always communicated well in advance to ensure full transparency and allow for adequate planning.

Additionally, our support system is tailored to assist with various hardware environments, ensuring that all users receive effective and efficient assistance. This approach ensures that there are no constraints on the usability and functionality of our service, facilitating seamless operations.
System requirements: Windows, Linux or Mac Operating System License

Chrome, Edge, Firefox or Safari installed on machine

Own machines and associated hardware for use.

User support

Email or online ticketing support: Email or online ticketing
Support response times: At Chronosoft, we prioritise efficient and effective communication through our email ticketing support system. Upon receiving a customer query, our team acknowledges it within the SLA-specified time, ensuring prompt attention.

The query is then assessed and directed to the appropriate specialist who reviews the issue thoroughly. Our aim is to resolve queries within the agreed SLA timeframes, striving for first contact resolution whenever possible.

If further interaction is required, we maintain clear, courteous, and continuous communication until resolution. Exceeding customer expectations and ensuring satisfaction are paramount in every interaction we undertake.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: Yes, at an extra cost
Web chat support availability: 24 hours, 7 days a week
Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
Web chat accessibility testing: We have not conducted specific web chat testing with assistive technology users. However, we ensure that our web chat services comply with the Web Content Accessibility Guidelines (WCAG) 2.1 at the AA level. This commitment helps us guarantee that our services are accessible to all users, including those who rely on assistive technologies.
Onsite support: Yes, at extra cost
Support levels: At Chronosoft, we work within a structured Service Level Agreement (SLA) framework with our customers, offering tiered support levels to meet various needs and budgets. Our support structure is categorised into three main levels of incident response: Basic, Enhanced, and Premium.

Basic Support: provides standard response times and access to our helpdesk during business hours. This level is ideal for businesses requiring minimal support.

Enhanced Support: includes faster response times and extended support hours, suitable for organisations that need a bit more attention to keep their operations smooth.

Premium Support: offers the quickest response times, 24/7 support, and includes a Technical Account Manager or Cloud Support Engineer dedicated to the account. This level is tailored for businesses that demand high availability and immediate resolution of issues.

Pricing for each support level varies, with Premium pricing available for adjusted SLAs that require more dedicated resources or faster response times. Our approach ensures that all clients receive the appropriate level of support, optimally tailored to their specific requirements and operational demands, ensuring efficiency and satisfaction.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: At Chronosoft, we ensure that users have a smooth transition when starting with our services. We provide comprehensive support through various means to accommodate different learning preferences and operational requirements.

To facilitate effective onboarding, we offer onsite training conducted by our expert trainers. This hands-on approach is particularly beneficial for large teams or complex operations, as it allows for tailored instruction that addresses specific organisational needs and questions in real-time. Additionally, for organisations that prefer a more flexible training schedule, we provide online training sessions. These sessions are live, interactive, and can be accessed from anywhere, enabling remote teams to receive the same level of training without the need for physical presence.

Moreover, we provide extensive user documentation that includes detailed guides, FAQs, and best practices to help users become proficient in using our platform. This documentation is continually updated to reflect new features and improvements.

Our customer support team is also available to assist with any queries or issues that may arise during the initial setup or ongoing use of our services. We are committed to ensuring that every user feels confident and equipped to maximise the benefits of our incident management solutions.
Service documentation: Yes
Documentation formats: HTML

ODF

PDF
End-of-contract data extraction: At the end of a contract with Chronosoft, we ensure that users can extract their data in a straightforward and secure manner. Recognising the importance of data sovereignty, we facilitate a comprehensive data extraction process that allows users to retain full control over their information once their contract concludes.

Users can initiate the data extraction process through our dedicated client portal. Once they request data extraction, they can specify the formats in which they wish to receive their data. We support a range of common data formats including CSV and PDF, ensuring compatibility with subsequent systems or for archival purposes.

To assist with the extraction process, our support team is available to guide users through each step, ensuring that all data is correctly and completely transferred. We also provide detailed documentation that outlines the steps for data extraction, including tips on how to manage and secure data post-extraction.

Furthermore, to maintain data integrity and security, all data transfers are encrypted, and users must verify their identity before the extraction process begins. This ensures that only authorised personnel can access sensitive information, aligning with best practices in data security and compliance.
End-of-contract process: Chronosoft enables clients to export their data and all related reports at the end of the contract or at specified intervals during the contract period, utilising the comprehensive functionalities provided in the software. Chronosoft commits to securely storing client data for as long as required by the client, which may involve additional costs determined through client consultation. This flexible approach ensures that data retention periods can be customised to meet specific client needs and regulatory requirements. Once the data and instance are no longer needed, Chronosoft ensures that the instance is securely erased from the system, adhering to stringent data protection and privacy standards. This process underscores Chronosoft’s commitment to data security and provides an adaptable service model that aligns with client needs and contractual agreements. By offering such tailored data management solutions, Chronosoft facilitates effective data governance and compliance for its clients, ensuring that all data handling processes are transparent and secure.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari
Application to install: Yes
Compatible operating systems: Android

IOS

Linux or Unix

MacOS

Windows
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Our service is designed to optimally adjust features and functionalities for mobile users, specifically catering to the needs of individuals in the field.

While the core services remain consistent across mobile and desktop platforms, the mobile experience is tailored to enhance usability for users on the go.

This includes interface adjustments and streamlined processes that ensure efficient and effective use in various mobile contexts, providing a functional and seamless user experience tailored to the demands of infield mobile users.
Service interface: Yes
User support accessibility: WCAG 2.1 AA or EN 301 549
Description of service interface: Our service interface is designed with the user in mind, offering a seamless and intuitive experience that efficiently guides users through its features. It combines clean aesthetics with practical functionality, ensuring that users can navigate and perform tasks with ease. The layout is structured to promote a logical flow of information, which helps in reducing the learning curve for new users. Accessibility options are robust, accommodating a wide range of user needs. Feedback mechanisms are integrated directly into the interface, allowing for continuous improvement based on user experiences. Overall, the interface facilitates a productive and enjoyable interaction for all users.
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: We have implemented rigorous interface testing with users of assistive technology to ensure our service is accessible and user-friendly for all individuals, including those with disabilities.

Our process includes several stages of testing, starting with initial concept evaluations to identify potential barriers. We then move to more detailed assessments where participants are asked to perform specific tasks using the interface while we gather qualitative and quantitative data on their experiences. This feedback is crucial for identifying issues related to usability and accessibility that might not be apparent to developers or designers without disabilities.

We have also incorporated scenario-based testing, where users with disabilities test the interface in different contexts and environments, ensuring that our service is versatile and robust under various conditions. After each round of testing, our team analyses the results and makes necessary adjustments to the interface design and functionality.

The feedback from these sessions is integrated directly into development cycles, allowing for continuous refinement. This iterative process helps in building an inclusive service that not only complies with the Web Content Accessibility Guidelines (WCAG) 2.1 AA standards but also exceeds user expectations in terms of ease and efficiency.
API: Yes
What users can and can't do using the API: The Chronicler API offers a robust interface for system integration, enabling external applications to interact seamlessly with a subset of Chronicler's functionalities. While the API does not allow for the provisioning or decommissioning of the service itself, it provides extensive capabilities for enhancing and extending the functionality of the Chronicler platform within user operations.

This API primarily facilitates the interaction with Chronicler's core features such as incident management, data retrieval, and real-time updates. Developers can leverage the API to integrate Chronicler's capabilities with other systems, automate data flows, and synchronise information across platforms, enhancing the overall efficiency and responsiveness of their operational ecosystem. For instance, the API allows for the updating and retrieval of incident details, the sending of notifications, and the synchronisation of real-time operational data with other software solutions used by the organisation.

Access to the Chronicler API is controlled through secure authentication mechanisms, ensuring that only authorised systems and users can interact with the platform.

The API documentation provides comprehensive guidance on how developers can effectively utilise the available endpoints, making integration straightforward and efficient. This enables organisations to tailor the interactions according to their specific needs and workflows.
API documentation: Yes
API documentation formats: HTML

ODF

PDF

Other
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Chronosoft's services are designed with high customisability to meet the unique needs of various organisations. Users can customise many aspects of our services, including incident management protocols, workflow automation, and the specific fields within electronic patient care reports. This ensures that the software aligns perfectly with the specific operational requirements and industry standards of each organisation.

Customisation can be performed directly by users through an intuitive user interface that allows for easy modifications. Users can add or modify job details, adjust reporting templates, and change notification settings to suit their specific workflows. Additionally, custom fields can be added to capture unique data points critical to the organisation's operations, and these fields can include tailored field types designed for specific incidents or operational needs.

Who can customise these settings is typically controlled through user permissions. Administrators or designated managers have the authority to make these changes, ensuring that modifications are managed and executed by users with the appropriate level of oversight. This approach maintains system integrity while providing flexibility, making Chronosoft's solutions adaptable for organisations of any size, from small teams to large enterprises, across various sectors.

Scaling

Independence of resources: Chronicler ensures consistent user performance through scalable cloud architecture that dynamically allocates resources during peak times. Advanced load balancing distributes requests across servers to prevent bottlenecks, while resource isolation via virtualisation ensures one user's activity doesn’t impact another's service quality. Continuous performance monitoring identifies and mitigates potential issues, ensuring efficient resource use. In situations where resources are constrained, priority may be given to critical operations or premium users to maintain core functionality. These strategies collectively guarantee that demand from other users does not adversely affect service delivery, ensuring reliable and consistent performance for all users.

Analytics

Service usage metrics: Yes
Metrics types: Chronicler offers detailed service usage metrics through a customisable statistics screen, displaying data in various graph formats. It also supports tailored reporting via client consultations, allowing adaptation to specific needs. This functionality enables effective monitoring of user activity and resource usage, essential for data-driven decision-making.
Reporting types: Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: In-house
Protecting data at rest: Physical access control, complying with another standard

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Chronicler offers diverse data export options, including event reports, job logs, raw data, and full system downloads via the Unity type. Available formats for these exports are PDFs, CSVs, and DOCX. Chronicler includes a customisable statistics screen that enhances data analysis with various graphs and charts. For tailored reporting needs, Chronosoft provides custom reports through direct client consultations, ensuring specific organisational requirements are met.
Data export formats: CSV

Other
Other data export formats: PDF

HTML
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Other
Other protection within supplier network: SSH with port forwarding using pre-shared, IP restricted keys

Availability and resilience

Guaranteed availability: Chronosoft's SLA establishes an availability target for the software at 99.75% during each service period. This applies only to instances where the software is hosted by the provider and does not cover software hosted by clients or third parties, nor does it include mobile applications and physical equipment.

Should the availability fall below the specified target, entitlement to service credits is structured as follows:

Availability below 99.75% but above 99% results in a service credit of 5% of the service fee for that period.
Availability below 99% results in a service credit of 10%.
Availability below 95% results in a service credit of 25%.
To claim a service credit, it must be submitted by the end of the calendar month following the service period in question. Necessary information to support the claim must be provided, and the provider will evaluate the validity of the claim. If validated, the service credit will be applied to the subsequent invoice or, if there are no further invoices, paid directly. Separate claims must be submitted for each individual agreement.

Service credits serve as the exclusive remedy for any claims or liabilities arising from unmet availability targets under this SLA.
Approach to resilience: The resilience of Chronosoft's service is engineered through multiple layers of redundancy and failsafe mechanisms, ensuring robust asset protection and operational continuity. Chronosoft's data centre set up is available upon request.
Outage reporting: Chronosoft ensures clients are promptly informed about any service interruptions through email alerts. This proactive communication allows clients to stay updated on the status of the service, including the start of an outage, ongoing updates, and the resolution timeline. These alerts are an essential part of our commitment to transparency and support, enabling clients to manage their activities and expectations effectively during downtime.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Username or password
Access restrictions in management interfaces and support channels: To secure management interfaces and support channels, access is controlled through role-based access control (RBAC), assigning permissions strictly based on user roles. Robust authentication methods, including two-factor authentication, prevent unauthorised access. Rights assignments are regularly audited and updated as needed to ensure security and compliance. Communications through support channels are encrypted, and security reviews ensure that access provisions remain appropriate, safeguarding operational integrity and compliance.
Access restriction testing frequency: At least once a year
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: Other
Other security governance standards: Cyber Essentials Plus
Information security policies and processes: Our information security policies and processes are designed to robustly protect data and systems, ensuring compliance with industry standards and fostering a secure organisational culture. We have established key policies including Data Protection, Access Control, Incident Response, and Business Continuity. These are overseen by a Chief Information Security Officer (CISO) who reports directly to the Directors and coordinates with various departments. Compliance is ensured through regular internal and external audits, comprehensive training programs, automated security tools, and continuous monitoring of performance metrics. This integrated approach helps us maintain the highest standards of information security and effectively manage and mitigate potential threats.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Chronosoft's configuration and change management processes ensure security and reliability through rigorous tracking and assessment. Components of our services are tracked via an Asset and Configuration Management Database (CMDB) that details lifecycle stages from deployment to decommissioning, maintaining up-to-date and secure configurations.

Each proposed change undergoes thorough security impact assessments using automated tools to predict potential flaws and ensure compliance with security policies. Changes are tested in a controlled environment before rollout.

This structured approach guarantees that all changes enhance our system's security and operational integrity, aligning with our commitment to safeguard client operations.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Chronosoft's vulnerability management process systematically identifies, assesses, and mitigates threats to ensure robust protection of our services. We gather threat intelligence from cybersecurity firms, threat intelligence communities, and government advisories, supplemented by automated scanning tools that monitor our systems for vulnerabilities. Potential threats are analysed for severity and impact, leading to deployment of critical patches within 24 hours and non-critical patches within a week, following thorough testing and approval.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Chronosoft's protective monitoring process uses continuous surveillance and a Security Information and Event Management (SIEM) system to quickly identify potential compromises. Upon detection, our Incident Response Team, comprising security, IT, and legal experts, is alerted immediately. They assess, contain, and then eradicate the threat, with initial responses starting within 15 minutes of detection. Immediate actions include isolating affected systems and blocking malicious IPs. Post-incident, systems undergo thorough clean-up and credential resets before being restored. This structured approach ensures swift detection and rapid response, minimising impact and maintaining the integrity of our operations.
Incident management type: Supplier-defined controls
Incident management approach: Chronosoft has a robust incident management process with pre-defined protocols for common security events like unauthorised access and data breaches, ensuring a swift and effective response. Users can report incidents via support email, a 24/7 hotline, or our customer service portal. Each incident is logged, escalated, and managed through our central system. Post-incident, we generate detailed reports that summarise the event, response actions, and outcomes. These reports are shared with affected users and stakeholders, providing transparency and steps for future prevention. Regular training ensures our team is prepared, maintaining our commitment to security and user trust.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Social Value

Wellbeing

Chronicler takes a proactive approach to supporting health and wellbeing within venues and events by providing an incident management platform that prioritises the safety and security of patrons. Through its comprehensive incident tracking and management system, Chronicler ensures that any issues or emergencies are swiftly addressed, minimising risks and promoting a sense of security among attendees. By enabling real-time reporting and response capabilities, venue staff can effectively handle medical emergencies, crowd control situations, and other incidents, thereby enhancing the overall safety and wellbeing of patrons.

Chronicler's platform facilitates the implementation of wellness initiatives and mental health support services within venues and event spaces. By integrating these resources into the incident management framework, Chronicler promotes a culture of wellbeing among staff and attendees alike. This proactive approach not only addresses immediate safety concerns but also fosters a supportive environment that prioritises physical and mental health.

In terms of community integration, Chronicler collaborates closely with venue operators and event organisers to ensure that safety protocols and incident response plans are tailored to the specific needs of the local community. By involving stakeholders in the design and implementation of safety measures, Chronicler promotes strong, integrated communities where safety and wellbeing are paramount. Through these efforts, Chronicler contributes to the creation of inclusive, resilient communities that prioritise the health and safety of all individuals involved in venue and event activities.

Pricing

Price: £44,000 an instance a year
Discount for educational organisations: Yes
Free trial available: No

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Chronicler

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents