BECS Online Housing Benefit New Claim Application
Part of the BECS suite of online services providing self-service and assisted assessment, that allows for a customer to claim for Housing Benefit, Local Council Tax Support and welfare benefits. Integrated with back office, risk and portal systems to automatically deliver valid updates and reduce workloads.
Features
- Secure online data capture using any modern browser
- Intelligent application process ensures correct entitlement is claimed
- Optimised question process based on customer circumstances
- Customer self-service, or authenticated assisted use by trusted representatives
- Automatic generation of supporting documentation and secure transfer to DMS
- Automatic secure transfer of data to Revenues and Benefits systems
- Integrates with Risk Based Verification and identity verification systems
- Integrates with customer portals, CRM accounts and transaction history
- Integrates with all main local authority EDMS (Document Management) systems
- Save and return, change your answers, review information before submission
Benefits
- Reduce contacts for advice on eligibility and entitlement
- Reduce not-entitled application processing
- Eradicate paper forms and reduce follow-on correspondence
- Increase the quality and consistency of data captured from customers
- Easy to use for non-technical customers and fully accessible
- Keeps pace with changing legislation and local interpretation of rules
- Channel shift from subject matter experts to Customer Service
- Reduce the cost per application of processing complex circumstances
- Speed up processing and aim for same-day service
- Improves channel shift and digital transformation
Pricing
£0.01 to £0.10 a unit
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
4 5 2 8 1 9 5 2 2 7 4 5 8 1 1
Contact
Team Netsol Limited
Damian Lewis
Telephone: 01618348342
Email: damianlewis@teamnetsol.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- An out-of-hours planned maintenance window is reserved for security patching and infrastructure upgrades once every 7 days. Buyers are notified in advance if a reserved window is to be used and end-users are notified before and during maintenance to minimise disruption.
- System requirements
-
- Users must have a modern, secure desktop/mobile Web browser
- Back office integration requires secure reverse proxy or VPN connection
- Risk scoring requires an active service API from RBV supplier
- Back office integration requires the appropriate APIs from system suppliers
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Response times apply Mon-Fri 9am-5pm excluding UK public holidays:
Critical - 1 hour response
High - 4 hour response
Medium (default) - 8 hour response
Low - 1 day response
Cosmetic - 1 day response
Out-of-hours monitoring of support requests is performed and response times then apply from the next available work day, unless a Critical issue is alerted that requires our business continuity call tree to be activated in which case response will be as soon as feasible. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Team Netsol is committed to providing excellent support for its services. We operate an ITIL-like Kanban issue resolution process that triages issues based upon their scale and impact:
Critical - Service unavailable or many users affected - Resolution within 1 day
High - Parts of service unavailable but still functional - Resolution within 1 week
Medium - Low number of users affected but still functional - Fix available for UAT within 1 month
Low - Minor issue with available workaround - UAT of fix within 3 months
Cosmetic - UAT of fix within 3 months
Customers log issues with our help desk via a dedicated email address or phone and are issued with a ‘Support Ticket’ which is visible to Support engineers.
Outside of standard help desk hours, there is monitoring of support requests and an emergency call tree process in place.
Bug fixes, security patches and issue resolution are included in the annual price. Customer Change Requests are subject to assessment to identify whether there is an associated cost that then needs to be approved by the customer.
We provide technical account management via our Support & Implementation Manager, escalated to our Product Manager and Infrastructure Manager as appropriate. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Installation and implementation are included within the pricing.
The implementation phase is documented and project planned with the buyer. This includes configuration of the system to the buyer's requirements, integration with their back office systems, secure connectivity, local data take-on, customised branding, and localisation of the rulesbase and text content.
A UAT instance of the system is provided to the buyer for further customisation and optimisation prior to deployment to Live production.
Onsite or Web-based training is included, depending on the buyer's preference. Training materials and reference guides are provided to the buyer for reference and wider distribution within their organisation. - Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
-
- MS Excel
- MS Word
- End-of-contract data extraction
-
Data is generally transferred to the buyer's back office systems in real-time or batched within 1 day, depending on preference.
Partially completed data that reaches its data retention lifetime is securely deleted automatically from production systems.
Any partially completed, un-transferred data or generated documents that exist when the contract ends are transferred securely to the buyer in an encrypted compressed archive prior to secure deletion of all buyer data from our servers. - End-of-contract process
- When the contract ends, the secure connection to the buyer's back office systems is terminated, and certificates and user accounts revoked. Buyer data is securely deleted within 30 days.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- No functional difference. Responsive design enables the service to be used conveniently on mobile devices.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
-
BECS services may be customised as follows:
- Styling and branding customised in accordance with corporate guidelines where possible.
- Buyer-specific content may be changed.
- Question-and-answer rulesbase may be modified to match local requirements.
- Council Tax schemes are localisable to the buyer's local scheme.
- Policy schemes are localisable.
- Lookup data from local datasources can be imported
- EDMS document indexing is customisable
- Revenues & Benefits system automation is localisable
- Customer portal integration is customisable
- Supporting evidence requirements are localisable, including by RBV risk score
- Custom management reports can be added
- Administrative user accounts can be self-managed by the Buyer
Buyers localise and customise the services during the implementation phase by working through the agreed implementation plan.
After go-live, customisation is handled as part of normal support or as a Change Request, depending on the nature and scale of the customisation.
All customisation is performed by Team Netsol's staff on behalf of the buyer and is released to production systems once UAT has been performed by the buyer and approval given to proceed.
Scaling
- Independence of resources
-
The system is vertically and horizontally scaled with ample capacity for a significant increase in use by individual or all customers, well above the peak processing periods normally experienced.
Several shared system components, e.g. storage, databases, etc. are configured for high availability and sized with future demand in mind.
Each system instance is re-sizeable and isolated from the resources of other instances.
Monitoring and alerting facilitates pre-emptive action by support staff when an instance's available resources fall below the acceptable threshold.
Resource availability is reviewed weekly during Infrastructure Team meetings and planned accordingly.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
A secure online dashboard is provided with a range of reports, generated daily.
Metrics reported include new session starts, completed assessments, submissions and abandoned sessions. 44 individual data points are collected.
Metrics are reported on daily, weekly, monthly, annual and all-to-date timeframes.
Standard reports include splits by assessment type, application type, channel, assisting organisation, staff member, application completion status.
The metrics and report types are fully documented and custom reports may be ordered at extra charge. - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
End-users may export their data in PDF or HTML format using the in-built facilities in the system. Requests under the DPA 2018 for migration of data in other formats will be handled in accordance with, and within the timescales described by, the law.
Authorised buyer staff with the appropriate permissions may use the system's administrative features to export individual records of data in PDF or HTML format. Management information is also available to them for export in PDF, CSV and Excel formats. - Data export formats
-
- CSV
- Other
- Other data export formats
-
- XML
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
-
We are assured to Cyber Essentials Plus and implement data pseudonymisation and strong encryption of data and filesystems.
Network access is restricted by client device digital certificates and we implement daily revokation of user privileges requiring our authorised technical staff to seek daily approval to access infrastructure resources.
We operate an ISO 27001 compliant ISMS and have strict Data Protection, Confidentiality, and Information Classification and Handling policies in place.
Availability and resilience
- Guaranteed availability
-
SLA for service availability is 99.9% and for packet delivery is 99%.
Service Level Credit is calculated as: (Annual Price x Outage Minutes) x SLA% / (365 x 24 x 60)
Service Level Credits must be requested within 5 days of an outage and are subject to a monthly maximum. - Approach to resilience
- Team Netsol's services are designed to be resilient. Further details are available to interested buyers on request.
- Outage reporting
-
Email, SMS and private Twitter alerts are sent to Team Netsol engineers for any sub-optimal events or incidents.
Outage reporting to customers is performed by email by our support staff to designated contacts once an event is confirmed by our engineers as an outage or another significant incident that affects customers.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
-
End-users, e.g. citizens, are not required to authenticate with the data capture services, but may authenticate via the system or a buyer-supplied customer portal in order to retrieve previously saved information.
Authorised buyer staff may access administrative features via a secure interface which requires authentication. Access to administrative interfaces is restricted by IP address where required by the buyer.
Authentication complies with NCSC guidelines and is protected against brute-force, dictionary and replay attacks. User activity is logged for audit purposes.
Only designated buyer contacts may request support and administrative password resets are never performed via email or to unknown callers. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- ISO 27001 accreditation in progress
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Team Netsol's Information Security Management System is compliant with ISO 27001.
Team Netsol is currently working with its CREST-approved security advisors to finalise its ISO 27001 accreditation in 2019.
Team Netsol is Cyber Essentials Plus accredited across all its operations and services, certificate no. 9878133970059378
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Team Netsol's policies and procedures are compliant with ISO 27001 standards and are available for inspection on request.
Team Netsol implements a risk management approach to security and any system changes are assessed for risks, known threats and vulnerabilities.
We implement a Secure Development Policy which includes OWASP guidelines, SOLID and DRY principles for code development.
We have firm change management procedures and use Scrum for new development and Kanban for ongoing support and implementation, supported by industry-standard tools for issue tracking, configuration management and deployment. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Team Netsol's policies and procedures are detailed in our ISO 27001 compliant ISMS.
All security patches are deployed within 14 days of notification, in accordance with Cyber Essentials Plus guidelines.
Threat management is operated via a mix of automated facilities from our infrastructure vendors, our own research of security bulletins and weekly review of CVE databases. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Team Netsol's protective monitoring approach is described in its ISMS policies and procedures which may be inspected on request.
Potential compromises are assessed as a critical priority and any actual breach will be reported in line with the Data Protection Act 2018 and the Information Commissioner's Office guidelines.
Incidents are responded to within the timescales determined by our ISMS based on their scale and impact. - Incident management type
- Supplier-defined controls
- Incident management approach
- Team Netsol's incident management processes are described in its ISMS policies and procedures which are compliant with ISO 27001 standards and may be inspected upon request.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
We operate our services from datacentres that conform to environmental impact reduction standards ISO 14001 and ISO 50001. Our operations are primarily electronic in nature, with little to no paper or consumable waste. Any waste generated is recycled by an accredited recycling company in the UK. - Covid-19 recovery
-
Covid-19 recovery
During lockdown we supported our employees with financial help, homeworking equipment, accredited online training and pastoral support. We employed a young apprentice and two undergraduate work placement students during lockdown as part of our commitment to delivering social value to our local community. Post-lockdown, we have obtained flexible co-working office space to support part-time homeworkers. Our Workplace Representative continues to provide a forum for employees and access to emotional, psychological and financial assistance. We have provided access for employees to fully-funded Degree Apprenticeships to enhance their Personal Development Plans and continue to support their career development through regular training workshops and courses. - Tackling economic inequality
-
Tackling economic inequality
We provide formal Workplace Representation and encourage Union membership to ensure a confidential channel for reporting issues and advocating on behalf of employees for better fair pay conditions. Employees have Personal Development Plans which we empower by providing formal training, access to fully-funded education and regular reviews. We maintain an inclusive working environment supported by our Equality Policy and perform BPSS checks to help identify potential cases of Modern Slavery within our recruitment process, and checks within our supply chain. We provide generous full-pay during interruptions due to ill health and family emergencies or bereavement. We also openly encourage employees to reveal any financial difficulties that they face so that we can identify how we can help. - Equal opportunity
-
Equal opportunity
We maintain an Equal Opportunities Policy and have a zero-tolerance approach to harassment, abuse or violence targeted at, or by, any of our employees. We have a diverse, multi-cultural workforce and expect high standards of professionalism within the workplace, in our communications and when dealing with customers and suppliers. - Wellbeing
-
Wellbeing
We maintain formal Workplace Representation for employees which includes wellbeing as part of their pastoral care. We fund both ergonomic equipment for physical health and professional wellbeing training for employees. This includes "mental health" days off on request, flexible working hours and a high spec co-working space to combat homeworker loneliness.
Pricing
- Price
- £0.01 to £0.10 a unit
- Discount for educational organisations
- No
- Free trial available
- No