DriverCheck Limited

Driver Licence Checking

An online compliance management tool to help ensure your employees driving licence status is legal and their vehicles are fully compliant. Via our secure and encrypted portal, you can check and validate your employees’ driving licence credentials and their vehicles, which can be accessed 24/7.

Features

• UK Electronic Licence Checks
• Immediate Online Response
• ISO27001 Accredited - Security Management Certification
• Direct DVLA Data
• ADLV Approved
• Grey Fleet Service & Management
• Foreign Licence Checking via DVLA
• Northern Ireland Licence Checks via DVA
• GDPR Compliant
• CPC & Tacho Data via DVLA

Benefits

• Unlimited system access 24/7
• Multi-site - Unlimited system users (set uniquely for each user)
• Licence checking frequency set to your business requirements
• Self Checking Available (for system users)
• Data Encryption - In transit and in rest
• Email Alerts – after the licence is checked
• Instant Results on UK Licence Checks
• Attractive Client Dashboard to view data
• Fully Managed Service - on hand team to provide support
• Electronic onboarding of client data

£1.95 to £2.75 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@mydrivercheck.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

407464785692787

Contact

Yvette Giannini
0141 428 3448
hello@mydrivercheck.co.uk

Service scope

• Service constraints: No
• System requirements: No special system requirements

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: During working days all enquiries are answered within 24 hours however its most likely to be answered same day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide onsite training and account set up, if required.; All clients have an account manager, at no extra cost, to support them with any enquiries they may have.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: DriverCheck provides fully training to all users (in person or by conference calls) ; An onboarding pack of documents is provided to each client and via our managed service, we support all clients step by step in the boarding process.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data can be downloaded via a CSV file from our portal.
• End-of-contract process: At the end of the contract our clients have the ability to leave or renew their contract. ; There are no additional fees. Clients only pay for the licence checks that are carried out during the duration of their contact.

Using the service

• Web browser interface: Yes
• Using the web interface: The client account and users is set up by the DriverCheck team.; the interface is then used by client users to review and analysis driver records and their returned licence information.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The interface is supported on the following browsers:; Internet Explorer, Microsoft Edge, FireFox, Google Chrome, Safari; ; Users can access the portal via our DriverCheck website (at Login page)
• Web interface accessibility testing: The web interface has a penetration test, annually to check the security of the portal.
• API: Yes
• What users can and can't do using the API: DriverCheck provides clients with the option of an API solution (we have a couple of options to support client needs); We provide a client with an API document and credentials unique to the client (and user). By default, the API returns JSON formatted data however this can be altered to XML by appending a parameter onto each request.
• API automation tools: Other
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
  • Other
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Our service expands through our cloud infrastructure to unsure all clients receive the same level of service.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: The system metrics are delivered through our client system demographics
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Data at rest is encrypted using Microsoft’s DEK (Database Encryption Key) process, utilising AES256 encryption).
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Database
• Backup controls: Users can perform backups when they need to by pulling files via CSV.
• Datacentre setup: Single datacentre
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: There would be no charge if we do not deliver the service.
• Approach to resilience: DriverCheck has implemented secure and robust portal for all information shared, processed and stored.; DriverCheck has focused on data protection measures and cryptographic infrastructure such as encryption “in transit” & “at rest”.
• Outage reporting: An outage would be published on our login page of our portal and email alerts would be sent to client in the event this ever happened

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: When setting up a client account, we review user access levels and set depending on client needs
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 09/06/2014
• What the ISO/IEC 27001 doesn’t cover: -
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: DriverCheck Ltd – is registered with the ICO (Information Commissioners Office) our data protection number is Z9074119.; DriverCheck Ltd – is ISO27001 registered.; ; DriverCheck has an annual review of all polices and processes (or sooner if required) and ensures ongoing training to all staff members.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: DriverCheck will continue as an ongoing process to implement tools where appropriate, support the management process of all client data, provide the necessary security and ongoing delivery of objectives.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: DriverCheck is committed to review its cryptographic infrastructure on an ongoing basis.; DriverCheck has other forms of security checks in place such as penetration testing, non-destructive tests, intrusion detection, protection against DDoS attacks, internal audits, an annual network vulnerability assessment plus an annual web application vulnerability assessment.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Passwords are required to lengthy and include upper and lower case along with a special character. 2FA is also available for users if required.; Users logging into system will get 10 attempts to login, whether they exist as a user or not. The account will be frozen after 10 unsuccessful login attempts, and a pop-up will appear on the screen prompting the user to contact their admin to reset the password.; The user will then need to contact DriverCheck admin and confirm identity before we reset access.
• Incident management type: Supplier-defined controls
• Incident management approach: This is defined, in line with ICO, we can provide documentation to support, if required.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: This is being rolled out across Ebbon Group at the moment and information can be provided, if required, thank you

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  DriverCheck is part of Ebbon Group and we are rolling this out across all companies.; This can be viewed: Ebbon Life - Ebbon-Dacs (ebbon-group.com)

  Covid-19 recovery

  As part of the Covid recovery, DriverCheck has increased its return to work programme activity, re-training individuals within the DriverCheck team for new employment opportunities whilst they are working for a growing business.

  Tackling economic inequality

  DriverCheck is part of Ebbon Group and we are rolling this out across all companies.; This can be viewed: Ebbon Life - Ebbon-Dacs (ebbon-group.com)

  Equal opportunity

  DriverCheck is an equal opportunities employer who operates under ISO27001, part of this is us working to our Equality and Diversity Policy. All our activities to promote inclusive processes, practices and culture. We will strive to work to eliminate any unlawful or unfair discrimination including direct or indirect discrimination, discrimination by association, discrimination linked to a perceived characteristic, harassment and victimisation.; We will remain proactive in taking steps to ensure inclusion and engagement for all the people who work for and with us.; We will continue to strive towards a culture that is diverse and inclusive that recognises and develops the potential of all staff and service users.; We recognise the business benefits and opportunities of having a diverse community of staff who value one another and realising the contribution they can make to achieving DriverCheck’s vision ‘changing lives, reducing crime’. People who work for and with DriverCheck or who use DriverCheck’s services are integral to making our vision of equality and diversity a reality. This includes:; Playing an active role in equality and diversity between DriverCheck staff & the management team; Taking part in and local training and awareness programs to equip staff and service users with the skills and knowledge they need to understand and meet the needs of colleagues and service users ; Participating in and promoting staff groups that have been formed to add value to our equality and diversity practice; Making a commitment to be involved thus becoming a diversity champion.

  Wellbeing

  DriverCheck is part of Ebbon Group and this has been rolled out across all companies.; This can be viewed: Ebbon Life - Ebbon-Dacs (ebbon-group.com)

Pricing

• Price: £1.95 to £2.75 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Following a demonstration, a testing account is created for the client along with dummy data for them to test.; Regular check-ins with the client are then carried out to see how the portal is working for them and the account can then be switched to live when they are ready.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@mydrivercheck.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.