Purcell Radio Systems Ltd

Locator

Real-time indoor asset location tracking.

Features

• Detailed, multi-level map web-page with asset/resource locations
• Asset/resource location history reports
• Mobile app for detailed asset search and manual status override
• Trigger alerts when assets move outside permitted areas
• Stand-alone system or integrate with CARPS task management
• Enhance CARPS auto-allocation with accurate Operative location
• Automate CARPS Operative status updates
• Evidence attendance and arrival times
• Easy scalability allows additional asset types to be added
• Message Operative devices with locations of relevant nearby assets

Benefits

• Real-time visibility of resource/asset location and status
• Minimize response times
• Increase resource/asset utilization and efficiency
• Allocate tasks to the best placed operatives
• Prove attendance and arrival time
• Enhance CARPS auto-allocation and intervention
• Improve decision making
• Easy to use, minimal training required
• Reduce loss/theft of assets

£23,500.00 an instance a year

Service documents

• Pricing document

  ODS

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@purcellradio.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

356394335373651

Contact

Tom Purcell
02077396080
info@purcellradio.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: On-site hardware and extensive set-up and commissioning required for deployment. Systems must be quoted on a site-by-site basis according to requirements.
• System requirements:
  • Minimum recommended Android 13
  • Minimum supported iOS current version
  • Recommended browser: Google Chrome, Microsoft Edge

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Emails are responded to within 1 hour during contracted support hours.; Low & Medium priority service request hours - 9.00am till 5.00pm Monday to Friday excluding all public and ; bank holidays. ; High priority service request hours – 08.00am till 20.00pm Monday to Sunday including all public and bank ; holidays.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide one level of support for all clients. Support costs are included in the core Annual Software Licence package costs. Support level variations may be considered at our discretion, subject to additional costs. ; We will assign a priority depending on the details given and the impact on the CARPS service (Low / Medium / High). ; Support offered 9.00am - 5.00pm, Sunday - Saturday. 9.00am - 5.00pm Saturday & Sunday defined as "out-of-hours", as such only Medium and High priority requests accepted.; All support requests are handled by our in-house team of experienced support staff and engineers, according to the nature of the request, expertise required, and staff availability.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: According to user requirements and preferences, we can provide:; *On-site user training and/or train-the-trainer sessions.; *Remote live training sessions via MS Teams (or similar).; *PDF user manuals for key applications.; *Tutorial videos.; *Custom documents and videos for site-specific requirements.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Resource data and historic data may be extracted by users at any time via onboard features.; Additionally, a copy of the database can be made available on request.
• End-of-contract process: At the termination of a contract, access to all Locator software applications will cease. We will help to ensure that users have access to all historic data, as required, before such data is erased from our systems/records.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Locator Core Package, including the main map is a web-app, not specifically designed to work on Mobile devices, so some optimisation/usability issues may occur, depending on screen size, etc. This application is also used to run reports on asset location history.; ; The Locator Operative app is designed for use on Android mobile devices. The app receives messages about relevant asset locations, aggregates BLE location data to update the main map, allows operatives to search for assets (e.g. wheelchairs) and to manually update/override the assigned asset status where necessary (e.g. "out of service").
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Locator Map (web app interface):; *Interactive, searchable 2D site map displaying all tracked assets with filtering options and asset status details.; *Configuration Menu allows the following configuration options:; *Maps (Load Map / Manage Area Gateways / Map & Icon Specifications); *Resources (Resource Types / Resources / Manage Exclusion Zones); *Setup (CARPS Configuration) ; Users can click and drag the map, zoom in/out, click on zones/areas to see them in more detail, toggle between floors, click asssets/resources to see status information.; *Map filter; *Reload/Reset; *Log out; *List/Map View; *List Gateways (map points) offline
• Accessibility standards: None or don’t know
• Description of accessibility: Configuration Menu allows the following configuration options:; * Maps (Load Map / Manage Area Gateways / Map & Icon Specifications); * Resources (Resource Types / Resources / Manage Exclusion Zones); * Setup (CARPS Configuration) ; Users can click and drag the map, zoom in/out, click on zones/areas to see them in more detail, toggle between floors, click asssets/resources to see status information.; ; Locator Operative mobile app allows users to receive information about relevant nearby assets, to scan for nearby assets, and to update asset information.
• Accessibility testing: To date, we have not done interface work with users of assistive technology.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Each contracted client is given their own virtual environment for their users to operate in.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Other
• Other data at rest protection approach: SQL TDE
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Day-to-day data export is done via the Locator on-board reporting features. All system data is exported in .csv format and can be downloaded from the web application to the user's local device.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: Multiple redundant virtual environments. Hosted in Azure as part of availability set.
• Outage reporting: Email.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access to Management interfaces is restricted by User Type (user permissions) and separate password protection for admin access.; Email support is offered to users with a recognised email domain.; Phone support users are asked to identify themselves.; Sensitive requests are referred to a known Manager from the client organisation for approval.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Peers Quality Assurance Ltd
• ISO/IEC 27001 accreditation date: 01/08/2023
• What the ISO/IEC 27001 doesn’t cover: In our Statement of Applicability (FORM FM018) we exclude nothing from the Annex A reference or the clauses.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow information security policies and processes in line with ISO27001. We have developed formal policies and processes for the following (more details available on request).; Policies:; Legislation; Information Security Policy; ICT Asset Register with RA & RT; Operating Procedures for ICT; Secure Development Policy; Information Classification Policy; Access Control Policy; Access Control Matrix; Development & Change Control Form; Policy of Cryptographic Controls; Risk Assessment & Treatment Methodology; Acceptable Use Policy; Bring Your Own Device (BYOD) Policy; Business Continuity & Disaster Recovery Plan; ; Processes:; Sub-contractor Software and Hardware; Incident & Improvement process; Internal audits & management review; Control of non-conforming outputs; ; We ensure policies and processes are followed by carrying out internal and external audits, staff training and continual assessment.; ; Our reporting structure is two tier. The Software Engineering Department, Hardware Engineering Department, Projects Team, and Business Development Team report to the Technical Director and Managing Director.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our Customer Relationship Management (CRM) software tracks the components required for delivering a service. All physical and virtual assets requiring Planned Preventative Maintenance, Patching, Reactive Maintenance and End of Life / Support are scheduled through the CRM. ; ; All change requests are recorded in the CRM for review and authorisation. Where applicable the FORM FM029 Development and change control form is used.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Monthly patching and annual PEN tests.; Review Microsoft Digital defence report.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Endpoint protection software, firewall monitoring and Azure security. Events trigger Incident Management Systems process.
• Incident management type: Supplier-defined controls
• Incident management approach: Users can report incidents via phone or email.; Upon incident report or detection via monitoring solutions or review processes the incident is noted in management software and Directors are emailed. The appropriate team is then tasked with resolving the incident. Upon resolution a review is conducted and outcomes put in place to prevent incident from happening again.; Incident reports can be provided by email on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  We offset CO2 by recycling through First Mile. We can assist our clients with disposal of defunct hardware in line with WEEE regulations.

Pricing

• Price: £23,500.00 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODS

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@purcellradio.com. Tell them what format you need. It will help if you say what assistive technology you use.