Skip to main content

Help us improve the Digital Marketplace - send your feedback

NOTIFY TECHNOLOGY LTD

Notify Cloud & Mobile Environmental, Health & Safety Platform

Notify's Cloud & Mobile Platform helps you digitally manage your health and safety needs including

Capture incidents & Manage Investigation & Root Causation
Conduct Audits, Inspections, Checklist on the Go
Empower your team to Conducts Risk Assessments
Effortlessly Issue, manage and track Actions
Smart Dashboards & Analytics for business insights

Features

  • Capture Incidents in seconds with our simple Mobile App
  • Investigate Incidents, Root Causation and Assign Remedial Actions
  • Powerful Form Templates to build the reports you need effortlessly
  • Manage Audits, Inspections & Checklists with our Audits Mobile App
  • Create and Manage Risk Assessments, Controls & Risk Scoring
  • Insightful Dashboards and Analytics drive real business improvement
  • Professionally branded reporting, with scoring and grading
  • Help protect sensitive data with Confidential Records
  • In built workflows driving automation
  • Manage Environment Audits, COSHH Risk Assessments

Benefits

  • Digitally transforms your Health, Safety, Environment & Safety Compliance needs​
  • Highly configurable to work the way your business wants to
  • Appropriate for all Sectors, Free from Jargon
  • Easy to adopt, adapt and embed across your business
  • Drives a positive employee culture and H&S working practices
  • Positively impacting the safety, health and productivity of your business​
  • Leveraging AI, automation and ESG to future proof your business
  • Transform your business to a proactive and positive H&S culture
  • Supports H&S Compliance towards ISO45001
  • Get a rapid return on your investment

Pricing

£30.00 a licence a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at guy.clack@notifytechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

3 6 1 2 3 6 4 3 5 4 6 4 8 8 6

Contact

NOTIFY TECHNOLOGY LTD Guy Clack
Telephone: 0330 390 0530
Email: guy.clack@notifytechnology.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Notify has a 99.9% uptime, with regular features & enhancements deployed and planned maintenance where we take the service off-line with minimum disruption to customers. Customers are advised in advance of any planned maintenance to the platform.
System requirements
None, works on any internet enabled PC, Tablet/Mobile device

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email and ticketing support available Monday to Friday 9 till 5pm.

Severity: Critical
Impact: Severe business disruption, unable to operate.
Response time: 30 minutes
Target resolution time: 1 hour during business hours

Severity: High
Impact: Major degradation of service resulting in a reduction in operability.
Response time: 2 hours
Target resolution time: 1 business day

Severity: Medium
Impact: Minor reduction in operability
Response Time: 4 hours
Target resolution time: 3 to 5 business days

Severity: Low
Impact: Single user/user group experiencing problems with no direct impact on business
Response time: 1 day
Target resolution time: 10 to 14 business days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
No
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Available via our Notify Website - https://www.notifytechnology.com/
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
Notify's UK based Customer Success & Account Management team are available Monday to Friday 9 to 5.30pm.

All cases, issues, or requests for change are, in the first instance, reported via our Service Desk, with a full audit trail of responses between Service Desk and our CRM system.

Where first line support is unable to resolve the customer query, the case is escalated to our Product Team. Here, our system experts will work to understand the customer query and diagnose the problem. Once derived, the solution is communicated, by phone and/or email, to the customer within the defined SLA's in the T&Cs.

Support is included within the price of the application. Onsite support/training can also be provided at an additional cost on the rare occasion it is required,
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Notify has been designed with a simple user interface, using jargon free terminology but with powerful configuration options to meets the needs of different types of businesses in different sectors.

As we support all business sizes, for those businesses requiring an off the shelf set of Incidents and Reports onboarding is simple, quick and embedded into your business quickly.

A suite of training videos and knowledgebase articles are made available to customers, enabling them to learn aspects of the service within their own timeframes.

For businesses requiring more complex needs our Customer Success team are with you each step of the way with supportive on-boarding and a period of Hypercare until you've got what you need in your business and we can work with you to assess the best delivery of this via on-line training, user documentation and also on-site training if required.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Notify provides the ability to extract Incident, Audit, Risk Assessment and Action data downloads via CSV file format.

If the customer requires a full download including pictures, attachments etc, they should provide Notify 30 days advance notice in writing their requirements of the data they require extracting.
End-of-contract process
If the customer is not renewing, they can use the inbuilt CSV Export functionality to export their data.

Depending on the complexity of their data extraction needs, Notify can provide an extract of their data, photos and attachments by written request which may incur a cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Our Notify Incident Reporting Mobile app (IOS & Android) allows a user to report an event such as near miss, injury, ill health and more to be captured in 4 simple steps. Our Incident Management Module, allows these incidents to be investigated, root causation and remedial actions applied.

Our Notify A&I Mobile App, helps teams conduct simple or complex Audits, Inspections or Checklist from their work or personal mobile device. The Notify Audits platform provides the ability to manage the complete view of these audits across their whole business.
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
Yes
Description of customisation
We provide an out of the box Environmental, Health & Safety Platform but for businesses who want more personalisation, the system is highly configurable empowering customers to build their own Form Templates, Reporting Preferences, Logo and Report Branding. They can also enable report and section scoring and overall RAG grading with custom visibility rules and triggers for actions and attaching evidence items such as photos or video content.

Global Pick Lists and Organisation Structures can be managed to meet the needs or each customer type or segment.

User Permissions & Security across the application can be centrally managed by permission groups so that the right people have the right access across the system.

Notify's Customer Success Team can also support on more complex customisation needs to workflows, customised email notifications and much more.

Scaling

Independence of resources
Notify software is hosted within AWS Ireland and split into 3 availability zones. This offers a high level of availability and helps assist with our business continuity. If one zone goes down, the system will continue to operate. Systems are monitored and in the event an alert notification is triggered, members of the Notify team are notified and the appropriate action is taken to rectify the situation.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
Other data at rest protection approach
Databases are encrypted so that data at rest is protected. The database backups are also encrypted.
RDS encryption uses the industry standard AES-256 encryption algorithm.
We utilise AWS Encryption tools to ensure that no data is written to disk in an unencrypted form. The Service Provider protects data at rest in line with the requirements of SSAE-16 / ISAE 3402.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Authorised users can export their Incident, Audit, Risk or Action Data to a CSV file.
Data export formats
  • CSV
  • Other
Other data export formats
  • Incident, Audits, Risk Reports can be exported to PDF individually
  • We provide a Bulk Incident Export feature (JSON file format)
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Databases are encrypted so that data at rest is protected. The database backups are also encrypted.
RDS encryption uses the industry standard AES-256 encryption algorithm.
The service provider (AWS) employs encryption to ensure that no data is written to disk in an unencrypted form. The Service Provider protects data at rest in line with the requirements of SSAE-16 / ISAE 3402.

Availability and resilience

Guaranteed availability
Notify shall use its reasonable endeavours to make the Hosted Services available on a 99.9% basis, measured each calendar month. This target uptime excludes downtime during maintenance.

For further information please refer to our End User Service and Maintenance Agreement - https://www.notifytechnology.com/wp-content/uploads/2020/12/Terms-and-Conditions-inc-Schedules.pdf
Approach to resilience
Notify software is hosted within AWS Ireland and split into 3 availability zones. This offers a high level of availability and helps assist with our business continuity. If one zone goes down, the system will continue to operate. Systems are monitored and in the event an alert notification is triggered, members of the Notify team are notified and the appropriate action is taken to rectify the situation.
Outage reporting
Notify will directly notify our customers via email and where relevant contact by phone in the unlikely situation that the Cloud service is unavailable.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication
We currently support single sign on with Microsoft Azure and Okta.
Access restrictions in management interfaces and support channels
Role based access is used so that only authorised users are given access to the infrastructure they need. MFA is also used too where possible to protect access.
Senior management sign off on changes to access.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials
Information security policies and processes
Our approach to cybersecurity is:
• Customised to our unique requirements, but takes into account industry-accepted good practice. These are documented, reviewed and updated on a regular basis.
•We carry out annual Penetration Testing with a CREST Accredited 3rd Party.
• Focused on a combination of people, process and technological measures to ensure we have a defence-in-depth approach to security that corresponds with the level of risk we face.
•All our external partners and staff are expected to be part of our security mission and comply with our company policies.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
- We carry out annual Penetration Testing with CREST Accredited 3rd Party providers.
- We carry out internal assessments of our security against Top 10 OWASP vulnerabilities.
- Our hosting partner AWS stores all of our product data, we engage with them using​ t​he Shared Responsibility Model​ for security and compliance. -
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scans are performed on a regular basis against the web servers to validate no vulnerabilities exist. Our servers are protected using TrendMicro's Deep Security with automatic updates applied and scheduled scans configured.

Security patches are applied on a monthly basis but if ad Hoc patches are required these are applied first into our test environment and then into our production systems.

We run our own internal scans against OWASP Top 10 vulnerabilities. We are also audited annually by a 3rd party CREST Accredited PEN Test Professionals to scan and identify any vulnerabilities in our Web and Mobile Applications.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use a number of tools across our solution to proactively monitor our system and supporting infrastructure. These are sent to the relevant team to be investigate further. Security events are investigate as a priority and escalated as required.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are centrally recorded, and appropriate management measures, including escalation and notification procedures are in place.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Our platform allows the simple reporting of all environmental incidents to be reported in moments, enabling a rapid response.
Environmental checklist audits are easily created to provide due diligence within the working environment.
Environmental Risk Management documentation can be undertaken with risks managed and residual risks assessed
Covid-19 recovery

Covid-19 recovery

The Notify platform has been used as a tool across many organisations to prepare their colleagues for returning to work - enabling people to report illness, assess workplace safety measures and report wellbeing incidents which have been on the increase over the past two years due to lockdown
Wellbeing

Wellbeing

The Notify platform enables the reporting of all incidents of wellbeing, whether by the impacted person themselves or a concerned colleague. Many HR functions have utilised the audits and inspections apps to undertake wellbeing health checks

Pricing

Price
£30.00 a licence a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We provide a 14 day trial period for a choice of the of following modules.

- Incident Management
- Audits & Inspections
- Risk Management

This excludes access to our H&S Dashboards.
Link to free trial
https://www.notifytechnology.com/get-notify-free/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at guy.clack@notifytechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.