GovMetric CaseTracker - complaints management and case management
Case Tracker has been created in partnership with local government for the public sector to enable the effective management of a range of case types including Adult or Children's Social Care, Complaints, Compliments & Comments, Correspondence, Councillor/Members/MP Enquiries, Coroners Enquires and more.
Features
- Case types include Corporate/Adults/Children's Complaints, Councillor/Members/MP, Coroners
- Workflow enabling automated and manual case allocation across multiple staff
- A multi-channel customer access solution
- Flexible design allowing local customisation (timing, processes)
- Provides single view of a case across all required stages
- SSO User Authentication
- Inclusive document management system enabling effective case resolution
- Secure message centre for two-way communication
- Handles cases across multiple services to coordinate a single response
- Collates details on root cause, themes, outcomes or lessons learnt
Benefits
- Establishes a consistent method of capturing and handling cases
- Provides a single view of a case across all stages
- Meet Local Government and Social Care Ombudsman guidance
- Comply with Housing Ombudsman regulations
- Handles cases across multiple services to coordinate a single response
- Creates a repository of information to support the council resolution
- Enables analysis of root cause, themes, outcome; assisting service transformation
- Provides analysis to assist the organisation to develop best practice
- Improve customer experience by identifying service failures
- Reduces handling and resolution time
Pricing
£13,500 to £66,000 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 0 8 4 4 1 7 8 1 3 9 0 8 2 7
Contact
ROL Solutions Ltd
Nic Streatfeild
Telephone: 07973730005
Email: nic.streatfeild@govmetric.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No, the service is available 24 hrs a day, 7 days per week.
- System requirements
- Latest version of widely adopted browsers
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 24 hours, Monday to Friday
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
- Standard service desk support is available 9am to 5pm Monday to Friday and is included in annual fees.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Once your order is confirmed, we will schedule a kick-off meeting as soon as possible. Following this meeting you can expect to be up and running in around 12 weeks, subject to resource availability. We will provide an experienced implementation manager who will work with a nominated contact from your end.
Our implementation manager will help you to:
- Confirm the components needed to meet to your requirements
- Agree the Service Lists, Root causes, Themes, Outcomes etc.
- Agree any additional flexible options
- Set up staging and workflows to match local or regulatory processes
- Agree and execute a project plan.
We offer full training sessions to our new customers including onsite train-the-trainer sessions. - Service documentation
- No
- End-of-contract data extraction
- At the end of the contract, the extract function can be used to download data in CSV format for up to 30 days after the contract termination. Should additional assistance be required, this is provided by us at no additional charge.
- End-of-contract process
- There is no charge made for offboarding. At the end of the contract, citizen-facing forms will be removed, user access will be restricted and data will be deleted in accordance with the Service Level Agreement.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The citizen-facing interface is built following responsive design principles to ensure that pages render in a way that is suitable for the device. While different device types may display the systems differently, the functionally they provide will be equivalent.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
-
The citizen-facing interface enables citizens to raise new case via an online form.
The organisation interface enables users to manage cases through multiple stages for multiple case types. - Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- The citizen interface has been tested using a combination of automatic tools and manual expert verification. We work closely with leading accessibility consultants to ensure that all citizens have the same level of access to the system.
- API
- Yes
- What users can and can't do using the API
-
The API enables the secure submission & extraction of data into the CaseTracker system.
You can:
Access all customer and case data;
Access an OData interface for external MI systems;
Submit data from 3rd party feeds or capture tools. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The following features are customisable by users:
Case types and workflows
- Enables case type specific workflows each with defined timescales, case notifications for admin/case owners, retention schedules.
Front-end
- Our flexible forms come with a standard configuration which can be enhanced with additional fields, bespoke text and organisational specific branding.
Communication templates
- Internal communication templates can be predefined, with notifications including the relevant fields per case type.
- For external communications, templates can be branded as per the organisation, include relevant fields per case type, allow for pre-defined text and with outgoing e-mail addresses masked to appear as if coming from the organisation directly.
Flexible case categorisation
- This includes services, themes, learning outcomes, root causes, LGO responses, District/Borough/ward and many more.
Scaling
- Independence of resources
- All incoming traffic to our systems is load-balanced. We utilise public cloud serverless technologies that enable us to scale according to demand. System utilisation resources are constantly monitored and adjusted to the needs.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Service metrics are available via user dashboards and through the API and OData interfaces.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- All customer data can be exported via API, OData or CSV extract.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- JSON
- OData
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- Word
- JPEG
- PNG
- Video
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Reasonable endeavours will be made to ensure the platform is available for access to meet an annual average uptime target of at least 99.9% (outside of maintenance windows). Our comprehensive SLA is available on request.
- Approach to resilience
- Our platform utilises serverless technology which is hosted on public cloud. Further information is available on request.
- Outage reporting
- Service outage reports are communicated by our service desk via email and telephone as appropriate.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- There are named contacts for all customers who are authorised to contact and arrange service changes.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Citation ISO Certification Limited
- ISO/IEC 27001 accreditation date
- 17/10/2021
- What the ISO/IEC 27001 doesn’t cover
- ISO 27001 applies to all aspects of the company's service provision.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- The company is accredited under ISO27001. The company's Managing Director directly oversees the ISMS through regular operations meetings with direct reports.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- The Change Control process is designed to capture and manage the various requests for changes, upgrades and development of the Service Platform. Customer requests for changes and updates will be reviewed by the company via an issue management system. Any agreed changes then go through a process of configuration, testing and security review prior to being deployed to the live environment. Each stage of this process is subject to approval by internal stakeholders.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- All CaseTracker servers are monitored using the Amazon AWS Inspector service, which reviews all servers against potential security issues and vulnerabilities, as set out in 'Common Vulnerabilities and Exposures' and 'Security Best Practices' defined by the AWS Inspector Core Rules Sets. All found issues and vulnerabilities are reviewed and addressed according to severity.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
All external traffic to our platforms is automatically monitored and protected by our cloud provider, Amazon AWS, who comply with various standards relevant to the security of its services including ISAE 3402.
Any traffic getting through to our systems is then protected using elastic load balancers and web application firewalls which actively protect against DDoS attacks and the OWASP Top Ten Security Risks.
Our engineering team also monitors for usage anomalies with automated alerts triggered in the case of abnormal trends / brute force. Any potential issues are investigated immediately with further analysis of the relevant server and service logs. - Incident management type
- Supplier-defined controls
- Incident management approach
- Our processes are inline with the NCSC 10 Steps to Cyber Security / Incident Management to ensure that all incidents are raised, managed, resolved and reviewed in a timely manner. The key steps are: Identify, Protect, Detect, Response & Recover. Customer-originating incidents should be reported to the service desk. The incident will then be managed according to the above. Whether customer- or internally-generated, the service desk will share an incident report with nominated contacts at affected customers, detailing the level and scope of the attack, the mitigation and recovery.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
WellbeingWellbeing
CaseTracker facilitates improved community integration by providing a platform for public sector organisations to engage with citizens and communities in order to understand their needs.
Pricing
- Price
- £13,500 to £66,000 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No