Block Solutions Ltd

Clinical Workspace Service (VDI)

Block’s Clinical Workspace is a cloud-based virtual desktop service that gives care workers access to all the clinical systems, information and tools they need to provide safe, effective care services securely from any location.

Features

• Secure remote access to clinical applications using any device
• Supports a wide range of clinical systems and devices
• Rapid deployment
• HSCN connectivity included
• Meets Clinical Risk Management standards (DCB0129)
• Complete managed service based on pre-defined SLA and XLA
• Self-service portal can be used to quickly deliver required change
• Multi-factor authentication included
• Simple, predictable per-user per-month cost model
• All features are listed in the Service Description

Benefits

• Access clinical information and support tools from any location
• Deliver a secure and effective remote working solution
• Drive estates rationalisation programmes
• Support the delivery of new services and initiatives
• Provide an effective Business Continuity Plan (BCP)
• Reduce staff travel time and costs
• Reduce IT issues and delays
• Optimised for clinical systems and processes
• Deliver an assured and compliant desktop
• Support locum and agency staff

£59.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidManagement@block.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

457318990768514

Contact

Jenna Horton
01270446707
BidManagement@block.co.uk

Service scope

• Service constraints: Subject to a non-chargeable service scoping exercise
• System requirements: Full system requirements are detailed in the Service Description

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Block's response times vary based on priority:; ; Priority 1: 30 mins; Priority 2: 30 mins; ; (P1 - P2 SLA (24x7 including bank and public holidays); ; Priority 3: 2 hours; Priority 4: 4 hours ; Priority 5: 1 day ; ; P3 – P5 SLA (08:00 – 18:00, Monday-Friday, excluding Bank and public holidays)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: 24x7x365 Technical Support; Customer Success Manager (available on request)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User guide; Onsite user onboarding service (additional charge)
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customer migration of data from the service; Data migration service provided by Block (chargeable)
• End-of-contract process: Data is migrated to customer defined location. Once completed all customer data is deleted from the cloud platform. ; ; Full off-boarding documentation can be provided to the customer on request.

Using the service

• Web browser interface: Yes
• Using the web interface: Logon to the service; Change their password for the service
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Tested and approved at GP, Practice Management and IT level within the NHS.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Each user accesses a dedicated virtual desktop that runs on Microsoft Azure cloud services.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • SMS
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • User profile data
  • User documents (if stored within the service)
  • Virtual machine gold images
  • Cloud infrastructure services
• Backup controls: Files stored within the service can be restored using the self-service portal (or by logging a service request)
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99% Uptime SLA
• Approach to resilience: Service deployed across multiple datacentres in multiple UK public cloud regions. ; Within each datacentre, the service is deployed across a minimum of 3 nodes within an availability set.
• Outage reporting: Block will provide a public dashboard which sets out the platform availability and response times that is real time, but providing a real time 30 day historical view. ; All outages are reported via the Block Operations Centre (BOC)

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: N/A
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 29/04/2022
• What the ISO/IEC 27001 doesn’t cover: Block are fully compliant
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Blocks security management system is based on ISO 27001, with regular internal and external audits. ; Security is the responsibility of our CEO.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Block’s ITIL aligned Change and Configuration Management process encompasses changes regardless of size or complexity:; • Changes are recorded, evaluated, prioritised, planned, tested, implemented, documented and reviewed within Service Now;; • Changes are recorded against the configuration items;; • Availability of the infrastructure, protecting from disruptive changes, unacceptable or unaccounted security risks.; The process recognises three types of changes:; • Standard – records service requests and internal changes (i.e. low or no operational impact). ; • Normal – needs technical sign off. ; • Emergency – required for implementation immediately, used for critical issues where quality or degradation of performance may occur.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Block’s approach to vulnerability management extends the life of a customer’s environment and increases the value of the technology investment with regular software updates and upgrades.; In the event a critical severity alert is identified the Operations Centre will raise a P1/P2 Problem record and work with the customer to resolve immediately.; In addition, Block also carry out regular regression testing whilst also monitoring zero day release threats. Block provides hardware and software updates through our service.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Lock provide proactive monitoring of the environment capturing all events that are or have potential to become Incidents, these are automatically logged into the Service Management system for triage. ; Block monitors the health of the components in the Azure environment by fully utilising the built-in Azure Monitor toolset, polling the appropriate hardware and software health statistics that provide immediate insight into potential issues. ; Monitoring data is alerted upon where immediate action is required allowing for a quick response, whilst also being collected and retained for visual representation of key trend analysis, performance indicators and compliance status.
• Incident management type: Supplier-defined controls
• Incident management approach: Block utilises an ITIL aligned Incident Management process. Incidents are managed according to the process, encompassing all failures, faults, bugs and security risks across the supported infrastructure. ; Incidents are raised through the following channels: ; • Telephone – 0844 9671644 or 0344 9671644 (local rate); • E-mail – support@block.co.uk; • Via Service Now; ; Customers are provided with a Live Dashboard which displays all open, closed incidents and their success against SLA’s. In addition to this the customers Service Manager produces a written report with a detailed analysis of the incident management performance.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Microsoft Azure (cloud)
• How shared infrastructure is kept separate: A virtual network dedicated to each customer, with each network protected by network security groups (NSG), and firewall services.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The service runs within Microsoft Azure datacentres

Social Value

• Wellbeing:

  Wellbeing

  Wellbeing is a fundamental part of Block’s people-centric culture. Our ways of working have been designed to provide the optimum working environment along with the education, enablement and resources to empower our people to take the very best care of their wellbeing. This is delivered through a blend of benefits, perks and policy.; ; Knowing that wellbeing can mean different things to different people, Block provides a broad range of activities and initiatives such as Financial Wellbeing Webinars, Nutritional Advice & Coaching, Personal Development Workshops and Social & Environmental Impact Initiatives. In addition, gamification of wellbeing through challenges that incorporate mental and physical health also provides team members with a sense of challenge and achievement.; ; Benefits such as Private Medical Insurance, Health Cash Plans and Counselling & Therapy Support provide team members (and their families) with access to critical personal care services, enabling them to feel in control of their physical, mental and spiritual wellbeing.; ; Block’s ‘Hybrid Working’ policy gives our people the flexibility to plan their working week in a way that works for them through a blend of home and office-based working. Team members benefit from the cultural, social and collaborative aspects of office-based working whilst also having a quieter setting at home for more individual focus tasks. Hybrid working provides our people with greater freedom and autonomy through a balanced hybrid approach.; ; Most significant, however, are Block’s founding values: Stand Together, Be Responsible, Think Differently, Get Excited and Go Beyond. These values act as the supporting framework for decision making for our people and are incorporated into all fundamental business processes, such as review & performance, recruitment & selection and reward & progression. In turn, this ensures a modern, people-first organisation and culture.

Pricing

• Price: £59.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Standard trial period is available for 5 users for 14 days.
• Link to free trial: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/blocksolutionsltd1589460165162.blk-clincial-workspace?tab=Overview

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidManagement@block.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.