Service Level Management Ltd

Publisure Digital Transformation platform

Publisure is a 'best of breed', non proprietary middleware platform that enables your desktop, departmental and/or corporate applications to seamlessly integrate with your preferred digital communication channels such as SMS, email, web portal and App without changes to existing formats or workflow.

Features

• In house or outsourced Hybrid Mail (Non proprietary solution)
• Integrated Customer (Patient Portal)
• Email and Secure Email integration
• Interactive (two-way) SMS
• Non Proprietary Middleware
• Intuitive simple user interfaces
• Detailed Management reporting for auditability and compliance
• Detailed Track and trace capabilities (Detailed Audit Trail)
• Digitally transforms any printed (i.e. Physical) communication
• Intelligent workflows - least cost communications workflow

Benefits

• Dynamically publish on-line communications from any application
• Eliminates manual processes - delivering significant workplace efficiencies
• Delivers significant cost savings across all forms of communication
• Eliminates postage costs
• Maximises auditability and Compliance
• Simplifies Digital Transformation workflows
• Quick and Easy integration with your preferred digital platforms
• Centralises, optimises and digitises your outbound communications
• Simple, Accessible Self Serve implementation workflows
• Enhances your options to deliver a 'digital first' strategy

£0.69 a transaction

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.percival@publisure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

481168093684098

Contact

Andrew Percival
01622 320075
andrew.percival@publisure.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Office 365 and other cloud based applications
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements: Only requires download and installation of of desktop clients

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours (excluding weekends)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We will provide a technical account manager for each customer to liaise and co-ordinate responses if required.; ; Standard Support levels; ; Severity 1 (Response 30 minutes, response 1 Day) - is usually when the problem is detrimental to the business and is impacting the business directly as a result of SLM software, i.e.: if the business could lose a significant amount of money caused by whatever problem there may be.; ; Severity 2 (Response 60 minutes, response 2 Days) - is usually if a server, network, application, database goes down which is causing a business impact to users and the business.; ; Severity 3 - (Response 4 Hours, response 5 Days) - Where a bug is raised as part of the support process, SLM will liaise with the development team and provide a synopsis of the problem within 2 working days and a proposed timescale for its resolution, within a reasonable time frame. ; ; Severity 4 (Response 4 Hours, No SLA) - Where issues are caused by non SLMT software or environments, some advice will be given and support offered, but with no guarantee of resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users can download the Publisure clients from the SaaS based service; Training can be delivered on-site, remotely or through on line videos and tutorials.; ; User guides, training documentation is delivered in a digital (PDF) format.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • PostMan
  • PDF
• End-of-contract data extraction: Publisure provides simple export facilities enabling customers to extract their data when the contract ends
• End-of-contract process: Self Serve data extraction is provided in the price of the contract.; ; Any consultancy or customised outputs will incur an additional cost

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Publisure client interfaces for receipt of communications have been designed to work with mobile devices, the internal client interfaces enabling users to view and manage the documents they have submitted although compatible have not been specifically designed or optimised to work with mobile devices
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The Publisure User interface allows users to view manage and control the documents they have submitted and manage their associated digital workflows.; ; The web interface provides detailed 'track and trace' capabilities for each document that is submitted.; ; Full management reporting is available; ; The interface offers multi level access rights enabling users access to be restricted based on pre-defined workflows.
• Accessibility standards: None or don’t know
• Description of accessibility: User can submit documents from virtually any application using a simple, intuitive print driver.; ; Users are then able to view, manage and control the documents they (or their workgroup have submitted); ; The system provides a detailed audit trail and feedback regarding how the document has been communicated (i.e. post, SMS. email, portal App etc); ; Full Administration and management interface for authorised users enabling simple set up and configuration of the system.; ; Seamless integration with either our own or the customers preferred digital communication channels via documents API interfaces.
• Accessibility testing: User Interface has been implemented with due consideration of assistive technology
• API: Yes
• What users can and can't do using the API: Documents can be submitted via a simple API interface (rather than being printed or dropped into hot folders); ; The API interface provides a fully featured interactive gateway to all the standard Publisure management reporting interfaces; ; Integration with Active Directory, SAML and SSO Platforms
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The interface can be customised using your logo and details.; ; The system can submit hybrid mail outputs to virtually any supplier on the CCS framework ensuring the technology is owned and managed by the customer (and not a third party); ; The API interfaces enable the customer to integrate the digital outputs with their preferred in-house or third party digital communication channels

Scaling

• Independence of resources: If required a server can be dedicated to a specific client ensuring the platform is both scalable and independent of other organisations transactional requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Publisure provides a fully integrated management reporting interface; ; Publisure enables this data to be delivered in PDF or CSV format; ; Publisure reports on documents that have been submitted into the system per user, workgroup or department; ; Publisure details the time a docuemnt was submitted into the system and the time it was then output via the relevant physical (i.e. print and post) or physical channel; ; Publisure provides full closed loop reporting and details each document and whether it has been processed within the agreed SLA.; ; Publisure provides a simple intuitive dashboard with which to manage your digital transformation processes
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users are able to export their data using a simple reporting interface
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • PDF
  • Postscript
  • Ascii

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The Servers are hosted in Azure; ; Microsoft guarantee that API Management Service instances running in the Consumption Tier, Basic Tier, Standard Tier, and Premium Tier deployments scaled within a single region will respond to requests to perform operations at least 99.95% of the time
• Approach to resilience: Available on request
• Outage reporting: API, Email Alerts and Dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access in management interfaces and support channels is restricted by the 'roles' associated with each users login credentials
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Centre for Assessment
• ISO/IEC 27001 accreditation date: 11th June 2018
• What the ISO/IEC 27001 doesn’t cover: Scope of ISO27001 Accreditation: The development, sale and maintenance within the UK, of a suite of software which is primarily designed to automate the delivery of documents.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Results of annual penetration testing

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Documented in our ISO27001 policy - this can be made available on request

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Documented in our ISO27001 policy - This can be made available on request
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Information from potential threats gathered from Anti Virus supplier, and development channels for each of the toolkits being implemented; Ensuring toolkits and database engines are up to date; Patches (if required) applied at least once every month
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Anti Virus Scans ; Vulnerability reporting; Penetration testing; Cyber Essentials plus accreditation; ; If a potential compromise is identified, its severity is assessed and a plan of action put in place to mitigate or eliminate the risk.; ; Any Incident regarding data is treated as a P1 and our SLA for an initial response is 30 minutes
• Incident management type: Supplier-defined controls
• Incident management approach: Documented as part of our ISO 27001 policies - available on request; ; User report incidents via the on-line help desk; ; Full and detailed incident reports are provided via the Job Ticket and as a specific physical document (if required)

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to Net Zero emissions by 2040, but hope to achieve this earlier. ; ; We identify the environmental impacts created in the day to day operations of our business and the services we supply. We use this information to put processes in place to prevent, reduce and mitigate them. This is supported by our Carbon Reduction Plan.; ; Our hybrid mail and digital transformation software educates and supports our customers ability to digitally transform their physical communications, saving time, money, CO2 and resources. ; ; For example, the digital delivery of a letter can typically save 87% of C02 emissions. By integrating into the NHS App (for example) and using alternative digital solutions to deliver their communications, Publisure eliminates up to 50% of our customers requirements fto print, envelope and post physical letters. ; ; A ‘digital first’ strategy also creates additional options and opportunities to deliver communications in a more inclusive and accessible manner.; ; Reporting ; ; Our internal reporting focuses on the metrics quantified, measured and reported on in our published carbon reduction plan; ; https://publisure.com/carbon-reduction-plan/; ; For our customers, typical automated metrics and reports include:; ; • Total Number of letters submitted by the customer via Hybrid Mail; • Average CO2 savings per document (hybrid mail); • No recipients registered for digital delivery; • Average CO2 savings per document (digital delivery); ; These reports are pre-configured and can be automatically generated by the customer for their own reporting purposes.

  Covid-19 recovery

  Covid-19 enabled us to prove the effectiveness of our business continuity plan. No staff were furloughed and we maintained our pre-covid levels of service to our customers.; ; This has allowed us to implement an agile, efficient and effective working policy with a blended combination of home and office based work tailored to suit the individual requirements of each of our employees.; ; During Covid and afterwards, the use of the Publisure communications platform enabled organisations to work in a more agile way and support remote working. This in turn enabled organisations to innovate and create new ways of working in order to continue to deliver their products and services.; ; For example, the use of digital alternatives to traditional print and post meant users could continue to submit and despatch documents even if they were working from home without the need to go to the office in order to manage their production in person..

  Tackling economic inequality

  SLM is registered and complies with MSAT (Modern slavery assessment tool). Our statement is published on our website. ; ; We have a Supplier Code of Conduct, Corporate Social Responsibility and Whistleblower policies. ; ; Core to the values MSAT promotes, we oppose the exploitation of workers, forced labour, human trafficking and harassment of any kind; ; We expect our suppliers to comply with our code of conduct, their own regulatory regimes and their obligations under the Modern Slavery Act 2015. ; ; Employees, customers and business partners are encouraged to report any concerns related to our direct activities or supply chains; ; Training is provided to managers highlighting the risks of modern slavery and human trafficking.

  Equal opportunity

  SLM is committed to equal opportunities. Our employees come from many different backgrounds and ethnicities. We operate within a collaborative, considerate and inclusive framework that demands everyone is treated with fairness and respect.; ; Remuneration associated with each job role is based on experience, skill and seniority. We do not discriminate by gender nationality, religion, sexual orientation, health, disability or ethnicity and are signed up to the Armed Forces Covenant.; ; We are committed to inclusive and accessible recruitment, communicating vacancies, offering interviews to disabled people, providing reasonable adjustments and supporting existing employees. ; ; We treat all staff equally and fairly across any matter affecting their recruitment, employment, promotion, compensation and wellbeing. ; ; We raise staff awareness on any issues relating to equal opportunities and invite their active participation at our regular meetings and encourage their views be both expressed and heard.; ; We strive to operate to the highest ethical standards as a business and do not allow any behaviour that might intimidate, upset undermine or threaten an employee or customer.

  Wellbeing

  Our employees are core to our mission and critical to the ongoing success of our business. We are focused on facilitating activities that will positively impact the individual physical, emotional and mental wellbeing of our staff.; ; We instil a positive outlook and collaborative work environment. This allows us to support our employees where required, encourage them when needed and celebrate with them when they succeed.; ; A key focus for our business is the continual development of our employees by investing in their professional skills and personal growth. ; ; We provide in-house, on-line and external training courses and encourage non business related activities that promote personal development. ; ; We are focused on providing an environment which is inclusive, supportive and collaborative. We want to ensure every employee enjoys a positive and sustainable work life balance.; ; We have adopted and encouraged agile and flexible work practices enabling each employee to choose the days they work from home or in the office.; ; All staff are paid above the national living wage and are reviewed (at least once) on an annual basis. We typically award pay rises above the national average.

Pricing

• Price: £0.69 a transaction
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Ability to create a demonstration account, submit a document and have it delivered via your preferred physical or digital channel

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.percival@publisure.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.