ONEPLAN SOFTWARE LTD

OnePlan Care Software

OnePlan's cloud software enables care providers to efficiently oversee daily operations within the community, offering features like Care Planning, Rostering, Location Tracking, and Care Portal Access. Its all-in-one solution supports modern domiciliary, residential, and assisted living care needs.

Features

• Improve your Care Coordination with OnePlan
• Location based clocking services for staff
• Remote access for third parties (friends and family)
• Ability to log and track incoming communications
• Holiday entitlement calculator for different types of employee and contract.
• Complete auditability of change logs
• Service monitor configurable overview of real-time status of care activity.
• Training matrix ability to track and map skills and qualifications
• DBS checking and certifying.
• In built live support ticketing system

Benefits

• Greater efficiency and audibility of care coordination
• Clear and concise audit trails with down loadable reporting
• Inclusiveness of friends and family members in care activity
• Ergonomic mobile application (IOS / Android)
• In-built always available training information and videos
• Ease of engagement for responsive support online or telephone.
• Cost effectiveness and value of solution
• Continuous improvement of system with ability to contribute to roadmap

£160 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sue@oneplansoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

370966264744486

Contact

Sue Newsome
01695660250
sue@oneplansoftware.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: Occasional planned maintenance windows advised in advance but usually of minimal disruption due to resiliency and session continuity inbuilt into infrastructure.
• System requirements: Internet browser access only required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Urgent emergency contact via system based support ticket or via telephone. Initial response typically <20mins ; 9-5 Mon to Fri excl public holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: OnePlan includes OnePlan based customer support Mon-Fri 9-5 excluding public holidays. On occasions, customer may wish to make use of customised on-site support services which are available by agreement at additional costs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: OnePlan is a straightforward to use and users are continuously supported by oneline / downloadable documentation and videos which is regularly updated.; ; For new customers, the one time set up fee includes online training sessions for licence holders. On-site training is available at additional cost should clients prefer it.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: NEEDS ADDITION MW. Our clients are the data controllers and OnePlan is their data processor. At the end of contract clients preferences and arrangements for end of contract data destruction or transfer are discussed to suit their particular requirements. Data records will be automatically deleted after 3 months following termination of contract should no alternate arrangements be made.; All of our reporting has client selectable export faclities via means of csv files for example.
• End-of-contract process: TO BE CONFIRMED. At the end of contract client access will be removed from the system and no access to the data provided until alternate arrangements made. Within the contract period OnePlan will work with the client to help transfer data or delete in accordance with their requirements. Dependent on the complexity, the requirements and timelines required there maybe some additional charges to cover access extensions or specific support activities. The client is able to copy / extract their own data manually at anytime.; In the event of no such arrangements being made, OnePlan will delete all client data 3months after termination of contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile devices may make use of native IOS / Android app and maybe used without a network connection if lost. Mobile web-browser or desktop services may have some convenience and format benefits for certain types of work.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: No
• Customisation available: Yes
• Description of customisation: OnePlan provides clients with the ability to set up specific areas of customisation within their accounts. Aside from account administration (new users, clients etc) they may also select ; i) the level of service transparency they offer to extended users such as friends and family; ii) alerting and reporting both directly and by means of an in-build "service monitor" facility which can be customised to provide visible service tracking and potential and situational exception flags.; iii) customisation of payroll / work rate / holiday entitlements for staff; iv) other feature behaviour

Scaling

• Independence of resources: The design of the solution and the underlying AWS powered infrastructure is able to grow and shrink to meet user demands. Loading dynamics are typically in a manner that allows optimal configurations to be pre-set and monitored continuously via threshold alerts. To future proof increased dynamics as the service becomes more connected and interoperable, we have designed the system to allow us to switch on automated infrastructure capacity adjustment.

Analytics

• Service usage metrics: Yes
• Metrics types: OnePlan has extensive reporting and service transparency in-built as well as a range of customisable options available by support which may include additional costs dependent on the extent of the requirements.; ; There is a "Service Monitor" feature which allow real time tranparency of care activities that can be prioritised to display specific areas of interest either for individual administrators or whole office type support screens.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: OnePlan takes data security very seriously and in addition to high levels of user access control and monitoring we engage a specialist third party provider that continually monitors in both a reactive and pro-active capacity.; For specialist roles we also use physical hardware keys in addition to VPN domain specific access and MFA on all logins.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: TO BE CONFIRMED
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • PDF
  • JPEG
  • JPG

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: TO BE CONFIRMED; 99.9% target service availability
• Approach to resilience: Resilience is a high priority and a differentiated service offering. OnePlan software makes use of multiple / redundant servers located in physically separate UK datacentres. There is a DR ability to migrate the whole set up to a completely different location within to a new host within 60mins.; OnePlan has a automated comprehensive backup service that allows us to restore from any time point within the preceeding 30 days.
• Outage reporting: TO BE CONFIRMED; Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Role appropriate access controls with internal sign off process for OnePlan staff and regularly reviewed and updated. Customer defined roles and access to selectable privileges for their own staff with the exception of super admin privileges which need to be assigned by OnePlan Support.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS DHS Toolkit registration
  • ICO registration for data privacy and security

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: IASME Cyber Essentials Plus
• Information security policies and processes: IASME Cyber Essentials: Demonstrates our commitment to guarding against the most common cyber threats and ensuring the security of our technology and data against cyber-attacks.; ; IASME Cyber Essentials Plus: Verifyies our cybersecurity measures through an independent assessment.; ; ICO GDPR Registration: Confirms our compliance with GDPR, showcasing our commitment to data protection and privacy. This includes regular training for our staff and audits of our data processing activities to ensure data is handled in accordance with GDPR principles.; ; NHS England DSP Toolkit Compliance: Illustrates our adherence to NHS-specific data security standards, ensuring we manage, use, and share NHS patient data securely and effectively.; ; Reporting Structure: Our Chief Information Security Officer (CISO) oversees our information security framework, reporting directly to our CEO. This ensures that security policies are given high priority at the executive level.; ; Policy Enforcement: We conduct regular internal audits and security awareness training to ensure compliance with our policies. Non-compliance issues are escalated through a structured process, including remediation plans and disciplinary actions if necessary.; ; Continuous Improvement: Feedback from audits, incident reports, and the latest cybersecurity trends are used to continuously update our security policies and processes.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Agile Scrum based processes are used to underpin the DevOps process. This allows us to iteratively update a feature, track and mitigate risks, undertake security assessments and rapidly roll back changes made to features.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management is assessed via means of monitoriing of service features, service issue reports from clients, project risk review and mitigation planning, AI based firewall threat detection and senior management via monthly SLT meetings, ; We deply security patches and updates automatically for some devices (ie endpoint laptops etc) and manually via our Agile base development approach. Security patches are implemented on a priority basis ranging from immediate to 10 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: OnePlan software uses a specialist provider that monitors access and unusual behaviours associated with our service. They also take feeds from specialist third parties to industry risks and issues. Our contract allows for both proactive monitoring and agreed mitigation activity as well as priority based response to incidents. Our sustem is continuously monitored with and immediate response on critical issues and an agreed response time within 60 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: TO BE ADDED

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  OnePlan is dedicated to enhancing the social and wellbeing outcomes for domiciliary care recipients, aligning with the wellbeing Social Value themes of PPN 06/20, by integrating extended family and friends into the care process. Our approach:; ; Collaborative Care Planning: Enables the participation of extended networks in creating care plans, fostering emotional and social support.; ; Transparent Communication: Our platform ensures continuous communication among care providers, patients, and their families, promoting a community-driven care approach.; ; Tailored Care: Offers customisable care plans that incorporate family and friends' insights, improving life quality for care recipients.; ; Empowerment and Peace of Mind: Family and friends have access to care information, enabling them to actively contribute to the care process, offering reassurance.; ; Beyond Physical Health: Facilitates activities supporting mental and social wellbeing, with family and friends’ involvement, reinforcing the support system.; ; Community Engagement: Encourages connections with local resources, enhancing the recipients' social integration and wellbeing.; ; In essence, OnePlan’s software enhances social value by making care a community effort, directly supporting the wellbeing themes outlined in PPN 06/20 and contributing to a more inclusive, supportive care ecosystem.

Pricing

• Price: £160 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full functionality on a time limited trial basis on request.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sue@oneplansoftware.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.