Govtech Solutions Ltd

eCAPTURE, UCDS/CTRaaD, GOpaperless and webCAPTURE Digital Process Automation

Hosted digital process automation services for the capture, validation, loading and automatic processing of new Benefit claims, ATLAS files, day-to-day online Council Tax and NDR transactions, paperless e-billing and Council Tax Reduction as a Discount. We fully integrate with leading R&B application vendors such as Capita and NEC.

Features

• Digital process automation for Revenues and Benefits, Universal Credit
• Paperless e-Billing, Council Tax Reduction Discounts, ATLAS LCTR files
• New Claims and Changes in Circumstance
• Day-to-day, high volume Council Tax and Business Rates transactions
• Integrates with Granicus-Firmstep govService, IEG4, Victoria Forms, Netcall Liberty
• Integration via APIs supplied by Northgate, Capita, Civica, not robotics
• Fully integrates with Granicus-Firmstep govService My Account
• Supports authenticated and unauthenticated users
• Online transactions loaded and automatically processed using business rules
• Auto-indexing into all mainstream document management systems

Benefits

• Automated processing of Council Tax Moves and other Revenues transactions
• Business rules trigger interventions; document management work items prioritised
• Landlord Change of Tenancy notifications and Student Discounts
• Full govService suite of Revenues and Benefits web forms
• New Benefit claims validated and loaded without interention
• Pre-and-post summons repayment arrangements; Single Person Discount Reviews
• Auto-indexing classifies interventions into High, Medium, Low priority
• Full back-office integration and automation using APIs, not robotics
• Council Tax Reduction as a Discount; CTRaaD; LCTR Notifications; Atlas
• Business process as a service; business outcomes as a service

£25,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.melvin@govtech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

389348546237968

Contact

Andrew Melvin
01285 659286
andrew.melvin@govtech.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Provides the Revenues and Benefits integration component of a Customer Experience platform for local government.; ; Will accept content from any mainstream web form provider and integrates with any CX/CRM system.; ; Integrates with all main back-office Revenues and Benefits systems from Northgate Public Services, Capita and Civica
• Cloud deployment model: Private cloud
• Service constraints: Service available to the public for submissions on a 24 x 7 x 365 basis. ; ; Integration and digital process automation services with back office systems operational only during normal Business Hours on English Working Days.
• System requirements:
  • Any mainstream Revenues and Benefits system
  • Any mainstream document management system
  • Any mainstream CRM system
  • Any mainstream web form vendor's solution
  • Full suite of Granicus-Firmstep Revenues & Benefits web forms available
  • Integrates only via vendor-licensed APIs; does not use robotics
  • Fully hosted; all components reside in DMZ, outside customer firewall
  • All components patched and maintained by Govtech

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Online Help Desk available 24 x 7 x 365; ; Manned during normal Business Hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Service is entirely hosted and all components required are supplied as part of the service. All maintenance and support is performed at the service centre except for local gateway components. Support and maintenance of all components is included in annual service fee.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A fixed price implementation service is provided covering installation, localisation of web forms, configuration of the integration service and support for user acceptance testing. A full test pack and test scripts are provided. eCAPTURE can be installed, configured, tested and accepted in 10 elapsed weeks; UCDS in 4 elapsed weeks; webCAPTURE in 14 elapsed weeks.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Not applicable
• End-of-contract process: At the end of the contract, on an agreed date, service loaders will be disabled. The VPN supplied will be disconnected and the virtual Local Host may be decommissioned. No cost associated with these activities.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No material differences
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Users must be licensed by their core system applications vendors for the relevant standard core system APIs
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: ECAPTURE and webCAPTURE are configurable to support local policies, practices and procedures. Configuration of the system is included within the standard set-up service and on-going configuration changes are provided free of charge.

Scaling

• Independence of resources: Govtech manages its own system resources in accordance with its ISO27001 accredited ISMS procedures, which are audited by the BSI. Each customer's hosted service is offered with a Service Level Agreement.

Analytics

• Service usage metrics: Yes
• Metrics types: Customers have access to secure online reporting facilities enabling them to report on demand on service usage and automation rates. This is complemented by periodic onsite service reviews where usage and automation statistics are jointly analysed and improvement recommendations offered.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is exported automatically by the hosted services in the format required to load this automatically using core system vendor licensed APIs.
• Data export formats: Other
• Other data export formats:
  • Data is transformed into structured xml
  • PDF document renditions also created where applicable
• Data import formats: Other
• Other data import formats:
  • Data is entered into web forms
  • Data from landlords in Excel or CSV format
  • DWP-supplied HB Stop and LCTR Changes are xml files
  • Evidence upload supports image upload
  • Json
  • Structured and semi-structured documents including email

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Data encryption
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Data encryption

Availability and resilience

• Guaranteed availability: If Supplier web forms are adopted as part of the hosted service, target availability is 99.8%; ; Integration and digital process automation services, which load captured data into client systems, run only during normal Business Hours and target availability is 100%
• Approach to resilience: Govtech Information Security Management System contains all policies and procedures related to system resilience and disaster recovery. The ISMS is ISO27001 accredited, arrangements are tested regularly and compliance to the standard is audited bi-annually by the British Standards Institute. Copies of any ISMS policies and procedures are available upon request.
• Outage reporting: Email alerts are issued.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Access to Help Desk and/or Reporting System is via User ID and password.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute
• ISO/IEC 27001 accreditation date: October 2021. March 2023 - certified as conforming to the latest 2022 standard
• What the ISO/IEC 27001 doesn’t cover: Govtech's Information Security Management System is accredited and this governs all key business operations, including Software Development, Release Management, Support & Maintenance, Business Continuity and DR arrangements
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials certified
• Information security policies and processes: Govtech's Information Security Management System is ISO27001 accredited by the BSI. The BSI audits compliance on a bi-annual basis. The company's Technical Director has Board-level responsibility for compliance with, and all aspects of, the ISMS. Copies of inspection reports and audits can be supplied upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management policies and procedures are described in the relevant ISMS documentation and copies may be supplied upon request. The ISMS is ISO27001 accredited and continuing compliance with these policies and procedures is audited bi-annually by the BSI.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management policies and procedures are described in the relevant ISMS documentation and copies may be supplied upon request. The ISMS is ISO27001 accredited and continuing compliance with these policies and procedures is audited bi-annually by the BSI.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring policies and procedures are described in the relevant ISMS documentation and copies may be supplied upon request. The ISMS is ISO27001 accredited and continuing compliance with these policies and procedures is audited bi-annually by the BSI.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management policies and procedures are described in the relevant ISMS documentation and copies may be supplied upon request. The ISMS is ISO27001 accredited and continuing compliance with these policies and procedures is audited bi-annually by the BSI.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality

  Covid-19 recovery

  The pandemic left Local Authorities with huge backlogs of work which our digital process automation services help to clear whilst freeing up expert council resources to support early intervention on vulnerable and complex cases.

  Tackling economic inequality

  Govtech's business requires it to be expert in a number of disciplines, including data protection and cyber security. To assist with tackling economic and other inequalities, Govtech runs free annual workshops for VSCEs operating in Customer geographies covering 2 vital areas: Data Protection responsibilities and Cyber Security online. These are skillsets which are often out of reach of smaller, voluntary organisations. Our workshops help to disseminate knowledge and skills to small organisations providing vital support to their communities and help these organisations to become more resilient in the face of ever increasing cyber risks.

Pricing

• Price: £25,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.melvin@govtech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.