Service Level Management Ltd

Publisure Digital Transformation platform

Publisure is a 'best of breed', non proprietary middleware platform that enables your desktop, departmental and/or corporate applications to seamlessly integrate with your preferred digital communication channels such as SMS, email, web portal and App without changes to existing formats or workflow.

Features

• In house or outsourced Hybrid Mail (Non proprietary solution)
• Integrated Customer (Patient Portal)
• Email and Secure Email integration
• Interactive (two-way) SMS
• Non Proprietary Middleware
• Intuitive simple user interfaces
• Detailed Management reporting for auditability and compliance
• Detailed Track and trace capabilities (Detailed Audit Trail)
• Digitally transforms any printed (i.e. Physical) communication
• Intelligent workflows - least cost communications workflow

Benefits

• Dynamically publish on-line communications from any application
• Eliminates manual processes - delivering significant workplace efficiencies
• Delivers significant cost savings across all forms of communication
• Eliminates postage costs
• Maximises auditability and Compliance
• Simplifies Digital Transformation workflows
• Quick and Easy integration with your preferred digital platforms
• Centralises, optimises and digitises your outbound communications
• Simple, Accessible Self Serve implementation workflows
• Enhances your options to deliver a 'digital first' strategy

£0.50 a transaction a second

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.percival@publisure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

431780614298185

Contact

Andrew Percival
01622 320075
andrew.percival@publisure.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Office 365 and other cloud based applications
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements: Only requires download and installation of of desktop clients

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours (excluding weekends)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We will provide a technical account manager for each customer to liaise and co-ordinate responses if required.; ; Standard Support levels; ; Severity 1 (Response 30 minutes, response 1 Day) - is usually when the problem is detrimental to the business and is impacting the business directly as a result of SLM software, i.e.: if the business could lose a significant amount of money caused by whatever problem there may be.; ; Severity 2 (Response 60 minutes, response 2 Days) - is usually if a server, network, application, database goes down which is causing a business impact to users and the business.; ; Severity 3 - (Response 4 Hours, response 5 Days) - Where a bug is raised as part of the support process, SLM will liaise with the development team and provide a synopsis of the problem within 2 working days and a proposed timescale for its resolution, within a reasonable time frame. ; ; Severity 4 (Response 4 Hours, No SLA) - Where issues are caused by non SLMT software or environments, some advice will be given and support offered, but with no guarantee of resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users can download the Publisure clients from the SaaS based service; Training can be delivered on-site, remotely or through on line videos and tutorials.; ; User guides, training documentation is delivered in a digital (PDF) format.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • PostMan
  • PDF
• End-of-contract data extraction: Publisure provides simple export facilities enabling customers to extract their data when the contract ends
• End-of-contract process: Self Serve data extraction is provided in the price of the contract.; ; Any consultancy or customised outputs will incur an additional cost

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The Publisure User interface allows users to view manage and control the documents they have submitted and manage their associated digital workflows.; ; The web interface provides detailed 'track and trace' capabilities for each document that is submitted.; ; Full management reporting is available; ; The interface offers multi level access rights enabling users access to be restricted based on pre-defined workflows.
• Accessibility standards: None or don’t know
• Description of accessibility: User can submit documents from virtually any application using a simple, intuitive print driver; ; Users are then able to view, manage and control the documents they (or their workgroup have submitted); ; The system provides a detailed audit trail and feedback regarding how the document has been communicated (i.e. post, SMS. email, portal App etc); ; Full Administration and management interface for authorised users enabling simple set up and configuration of the system.; ; Seamless integration with either our own or the customers preferred digital communication channels via documents API interfaces.
• Accessibility testing: User Interface has been implemented with due consideration of assistive technology
• API: Yes
• What users can and can't do using the API: Documents can be submitted via a simple API interface (rather than being printed or dropped into hot folders); ; The API interface provides a fully featured interactive gateway to all the standard Publisure management reporting interfaces; ; Integration with Active Directory, SAML and SSO Platforms
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The interface can be customised using your logo and details.; ; The system can submit hybrid mail outputs to virtually any supplier on the CCS framework ensuring the technology is owned and managed by the customer (and not a third party); ; The API interfaces enable the customer to integrate the digital outputs with their preferred in-house or third party digital communication channels

Scaling

• Independence of resources: If required a server can be dedicated to a specific client ensuring the platform is both scalable and independent of other organisations transactional requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Publisure provides a fully integrated management reporting interface; ; Publisure enables this data to be delivered in PDF or CSV format; ; Publisure reports on documents that have been submitted into the system per user, workgroup or department; ; Publisure details the time a docuemnt was submitted into the system and the time it was then output via the relevant physical (i.e. print and post) or physical channel; ; Publisure provides full closed loop reporting and details each document and whether it has been processed within the agreed SLA.; ; Publisure provides a simple intuitive dashboard with which to manage your digital transformation processes
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users are able to export their data using a simple reporting interface
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • PDF
  • Postscript
  • Ascii

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The Servers are hosted in Azure; ; Microsoft guarantee that API Management Service instances running in the Consumption Tier, Basic Tier, Standard Tier, and Premium Tier deployments scaled within a single region will respond to requests to perform operations at least 99.95% of the time
• Approach to resilience: Available on request
• Outage reporting: Email Alerts and Dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access in management interfaces and support channels is restricted by the 'roles' associated with each users login credentials
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SN Registrars
• ISO/IEC 27001 accreditation date: 11/06/2021
• What the ISO/IEC 27001 doesn’t cover: Scope of ISO27001 Accreditation: The development, sale and maintenance within the UK, of a suite of software which is primarily designed to automate the delivery of documents.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Results of annual penetration testing

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Documented in our ISO27001 policy - this can be made available on request

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Documented in our ISO27001 policy - This can be made available on request
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Information from potential threats gathered from Anti Virus supplier, and development channels for each of the toolkits being implemented; Ensuring toolkits and database engines are up to date; Patches (if required) applied at least once every month
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Anti Virus Scans ; Vulnerability reporting; Penetration testing; Cyber Essentials plus accreditation; ; If a potential compromise is identified, its severity is assessed and a plan of action put in place to mitigate or eliminate the risk.; ; Any Incident regarding data is treated as a P1 and our SLA for an initial response is 30 minutes
• Incident management type: Supplier-defined controls
• Incident management approach: Documented as part of our ISO 27001 policies - available on request; ; User report incidents via the on-line help desk; ; Full and detailed incident reports are provided via the Job Ticket and as a specific physical document (if required)

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  By digitising documents and delivering them via alternative digital channels, Publisure ensures the carbon footprint of each communication is minimised
• Covid-19 recovery:

  Covid-19 recovery

  Agile working is in place and fully supported

Pricing

• Price: £0.50 a transaction a second
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Ability to create a demonstration account, submit a document and have it delivered via your preferred physical or digital channel

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.percival@publisure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.