Skip to main content

Help us improve the Digital Marketplace - send your feedback

Medallia, Inc.

Medallia Ideas CrowdSourcing for Police Forces

Medallia Ideas: an innovation crowdsourcing platform. Harness employee's knowledge to innovate, problem-solve, remove barriers. Target challenges at broad audiences or specific groups based on feedback, expertise, interests, experience. Capture ideas for crime fighting initiatives or to improve your existing ones. Empower staff and engage the public for tremendous advantage.

Features

  • Crowdsourcing, collaboration, management and progression of innovations, ideas and challenges
  • Enables cocreation and ideation across force boundaries: the public, agencies
  • Target challenges based on individual or group expertise, interest, experience
  • Shortlist, evaluate, progress ideas using innovation funnel and refinement stages
  • Automated progression of ideas based on user-defined criteria
  • Allow enrichment of ideas with videos, images and other documents
  • Enables problem solving and collaborative brainstorming to address business problems
  • Participant voting on ideas
  • Cross-collaboration across teams to refine initiatives and ideas
  • Gamification and user-scoring to drive participation: rewards, badges, leaderboard

Benefits

  • Launch and manage innovation challenges with flexibility and control
  • Empower employees to drive positive change
  • Discover the BEST ideas and solutions to your organisation's challenges
  • Engage the right people with the right challenges
  • Foster an innovation culture, bringing teams together with minimal effort
  • Encourage user interaction and insights sharing

Pricing

£38,500 a licence a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@medallia.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 0 9 5 4 8 9 1 7 6 4 2 9 9 6

Contact

Medallia, Inc. Nigel Herbert
Telephone: 0773 468 2052
Email: gcloud@medallia.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
- Medallia Government & Healthcare - Employee Experience & Staff Surveys
Cloud deployment model
Private cloud
Service constraints
N/A
System requirements
Modern web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
No
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
No
Web chat support
No
Onsite support
No
Support levels
Medallia services provides customised support levels depending on the client's specific needs and project scope.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Medallia and its partners offers design and implementation services to ensure clients instances are configured to reflect their business processes. Additionally, we offer training services throughout the lifecylce of the license alongside our self service portal, Medallia Navigator.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Medallia's clients own their data and can export that data throughout the lifecycle of the contract as well as for a limited time following the expiration of their contract.
End-of-contract process
Upon termination of contract, Medallia will make the client’s data available for secure download by the client in a standard flat file format for at least thirty days. Within 60 days of the end of this data transfer period, Medallia will remove the customer data from the program instance. All data will be either securely erased according to industry best practices, including backups, or the hard drives will be physically destroyed.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Differences in dashboard presentation and in access to administrative controls.
Service interface
No
User support accessibility
WCAG 2.1 A
API
Yes
What users can and can't do using the API
APIs provide a vendor-neutral, web-based method for data connectivity. Please see www.medallia.com/platform/api for more details.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Medallia allows users to customise the data they collect, the way in which that data is analysed and ultimately presented through role based dashboards.

Scaling

Independence of resources
We guarantee it as part of our terms of service with 99.99% uptime monthly.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Through our RESTful API or our managed package integrations with many common platforms.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability is 24x7x365 with a minimum of 99.9% availability per month
Approach to resilience
All services have quick failover points with redundant hardware, and we perform complete encrypted backups routinely.
Outage reporting
Information on outages can be made available upon request

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Medallia's solutions have built in platform governance designed to manage user roles and permissions.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Equinix (EMEA) B.V. Rembrandt Tower, Amstelpein 1, Amsterdam Netherlands
ISO/IEC 27001 accreditation date
22 March 2016
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Medallia's data centres in various geographic locations for continuity and regulatory purposes, are Tier III, SOC 2 and/or ISO 27001 certified. Our data centres have common security practices, including closed-circuit video monitoring and 24/7-manned guards, and require the use of biometric access controls to our locked cages.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Medallia uses a structured release and change management process to provision systems and update application software. Impact assessments must be performed and documented before change requests are approved. Changes are documented, scheduled, reviewed, tested and released regularly in accordance with our Change Management Plan and SDLC. The process applies to off-the-shelf products, internally-developed systems, and externally developed applications and/or systems. Whenever possible, changes are scheduled far enough in advance to allow time to notify any clients’ whose service may be affected by the change.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Medallia regularly tests its network for vulnerabilities to ensure the security of our infrastructure. Our process includes regular and ad hoc vulnerability scanning. We monitor vulnerabilities listed in the Common Vulnerabilities and Exposures database. We pay attention to the threat landscape and frequently test for threats on the OWASP Top 10 list, such as input validation, XSS and various injection attacks. Any vulnerabilities identified as part of this process are analysed and remediated in accordance with our Vulnerability Management Standard. We also perform both internal and external penetration tests, both internally and through partnerships with independent expert 3rd-party security firms.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Medallia relies on a wide variety of monitoring systems to provide a highly available service. In order to identify, block and prevent network attacks, we monitor event logs and alerts from multiple network security devices, looking for unusual or unauthorised activities or unusual conditions at ingress/egress points. We also monitor key performance metrics to ensure we have sufficient resources for optimal performance. An on-call schedule ensures that operations team members are always ready to respond to critical events.
Incident management type
Supplier-defined controls
Incident management approach
Our Computer Security Incident Response Team includes representatives from the Executive, Legal, and Information Systems Management teams. In the event of an incident, CSIRT will perform an initial analysis, assess the severity of the incident, and notify leadership and relevant stakeholders. CSIRT takes measures necessary to stop/contain the incident, and then coordinate the deployment of controls and countermeasures to prevent a recurrence of the incident. Medallia notifies the client of any incident that affects their data and it’s severity has been classified as SEV1, SEV2 or SEV3 where SEV1 is high severity and SEV 3 is low severity.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

Fighting climate change

With Success from Sustainability as one of our core company values and our key pillar in our Environmental, Social, Governance strategy, we consider environmental impact just as we do our software — as an aspect of business in which we must strive for continuous improvement. That is why we want to celebrate today through action, from day-to-day habits we can all take to reduce our own personal environmental impact to spotlighting environmental justice nonprofits who we’ve had the honor of supporting.

https://www.medallia.com/blog/success-from-sustainability-earth-day-2022/

Covid-19 recovery

At this time we believe it is imperative to think about our team members and customers. The world has changed for the moment and every business is adjusting to new ways of working in a very challenging environment indeed. Whether it is massive demand for certain products and services or a temporary but painful reduction in demand as travel limitations and social distancing make their impact, it is worth remembering that this is a time when today’s brands and their reputations will be tested and tomorrow’s leaders will emerge. The way we connect to our employees and our customers is critical and will be remembered as organisations recover and find their footing.

At Medallia we have a robust response capability for COVID-19 challenges.

The same goes for our team members. We do all we can to provide you with the technology to support a single view of the customer and employee experience at a times in our lives when it could not possibly matter more.

https://www.medallia.com/blog/keeping-our-companies-customers-brands-and-people-connected-at-this-challenging-time/

Equal opportunity

Through Medallia's nine chartered communities we empower with an annual budget to drive initiatives, ensuring every voice is heard.
We are also further support our Employee Resource Groups via our ERG Leader Recognition program, designed to recognise and compensate our community leaders for their valuable contributions to our culture.

Our chartered communities include:
- Asian Pacific Islanders (API)
- Black at Medallia (BAM)
- LatinX
- Medley
- Parents@
- Q-Field
- Vets@
- Women in Tech (WIT)
- Women@

https://www.medallia.com/diversity/

Wellbeing

We’re up against a growing number of challenges, including racial injustices, global economic turmoil, and natural disasters, to name a few of the most pressing crises. With the impacts of each of these sure to be lasting upon our collective mental health, the call to action is clear. This is a moment for listening, understanding, and reaching out — and for helping individuals in need.

That’s why we at Medallia, in collaboration with our social impact arm, Medallia.org, we have announced a series of new initiatives we’re launching to help individuals in crisis, particularly the most impacted among us, including:
- BIPOC (Black, Indigenous, People of Color)
- LGBTQ+
- Veterans, and caregivers.

As a company dedicated to listening to understand and take action, we cannot think of a more important issue to tackle with this philosophy than in the areas of mental health and suicide prevention.

Among the first of many new mental health initiatives in the works, we’re thrilled to share that we have awarded an $80,000 USD grant round from our new Medallia.org Fund, a donor advised fund of Tides Foundation, to two mental health nonprofits ($40,000 USD each).
As part of this grant, we are also contributing two years’ free subscriptions of Medallia products along with Professional Services support and Experience Management training to these two organisations.

https://www.medallia.com/blog/medallia-mental-health-initiatives/

Pricing

Price
£38,500 a licence a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@medallia.com. Tell them what format you need. It will help if you say what assistive technology you use.