Business Systems (UK) Ltd

Digital Interview Recording

Digital Interview Recording solution compliant with the PACE Act. Solution ensures high quality recording with secure cloud storage, available to download from the portal within minutes. Used by Government Departments, the Digital Interviewing solution records, reviews and analyses face-to-face or remote conversations and includes automated transcription and speech analytics capabilities.

Features

• Interview recording sent straight to network, eliminate CD's, tapes, etc
• Interview recording devices for both fixed/office-based and mobile recording needs
• Download recordings from portal within minutes of interview taking place
• Unique microphone technology with voice separation
• Segment dialogue into key themes based on key organisational metrics
• Conduct and record interviews taking place over videoconferencing
• High quality digital case files of evidential quality (BS 10008)
• Easy to use search functionality and share with authorised colleagues
• eForms with bookmarking capability for quick searching
• Access and share Interview Recordings with authorised users anywhere

Benefits

• Eliminate paper, contemperous note taking and document transportation costs
• Efficiency and information share - interview recordings available within minutes
• Break the geographical link between interviewees & contributing parties
• Benefit from quick access to powerful management information
• Trusted choice by large Government Departments for Interview Recording
• Replace outdated audio recording with digital record of evidential quality
• Honest and unbiased representation of an interview
• Improve training and development of staff through Interview Recording evidence
• Optional automated transcription and speech analytics capabilties
• Achieve compliance and improve conduct - PACE, GDPR and DPA

£1.95 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tina.coster@bslgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

494223655457337

Contact

Tina Burton
07824425316
tina.coster@bslgroup.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: It can work alongside existing call recording solutions
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • There are no dependencies on system infrastructure
  • Google Chrome or Microsoft Edge internet browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 98% of support phone calls are answered within 5 seconds by our Customer Service centre. They will log a case and assign the priority of the query or problem. Typically Business Systems provide technical 1st response within 20 minutes for Support related issues. Response times differ outside core business hours due to the automated routing of calls. A 24 hour facility is available where cases can also be logged 24/7 (calls are routed to the Out Of Hours Team; emails would be logged and picked up the first business day).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: 1. Premium; Full support, 2-hour response & 6-hour resolution SLA for P1 faults (24 hours a day, 365 days a year). 4-hour response & 12-hour resolution SLA for P2 faults (08:00 - 17:30 Mon-Fri, excludes UK bank holidays), 8-hour response & 3-day resolution SLA for P3 faults (08:00 - 17:30 Mon-Fri, excludes UK bank holidays), 16 hour response SLA for P4 service request/questions (08:00 - 17:30 Mon-Fri, excludes UK bank holidays). ; 2. Enhanced; 4-hour response & 8-hour resolution SLA for P1 faults (24 hours a day, 365 days a year). 8-hour response & 16-hour resolution SLA for P2 faults (08:00 - 17:30 Mon-Fri, excludes UK bank holidays), 16-hour response & 3 day resolution SLA for P3 faults (08:00 - 17:30 Mon-Fri, excludes UK bank holidays) No SLA’s provided for P4 service requests/questions (09:00 - 17:30 Mon-Fri, excludes UK bank holidays). ; 3. Core; 4-hour response P1 faults (09:00 - 17:30 Mon-Fri, excludes UK bank holidays). 8-hour response for P2 faults (09:00 - 17:30 Mon-Fri, excludes UK bank holidays), 16-hour response (09:00 - 17:30 Mon-Fri, excludes UK bank holidays) No SLA’s provided for P4 service requests/questions (09:00 - 17:30 Mon-Fri, excludes UK bank holidays).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation is provided as standard. Where required, training is provided on site and delivered by Business Systems Consultants (see pricing document). Training is 'Train the Trainer' based, to enable additional training to be conducted internally.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: If required, bulk extraction is performed by Business Systems using audio and metadata formats according to the needs of the customer. Media types and electronic and physical delivery must be specified by the customer and will impact cost.
• End-of-contract process: Where required, data extraction is charged on a time and materials basis and managed by Business Systems.; ; Buyers may request the inclusion of fixed offboarding costs on their Call Off Contracts but will need to specify maximum extraction volumes, media and metadata formats and delivery methods, as audio media typically requires large electronic files.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The face to face digital interviewing experience is virtually identical between laptop and mobile versions.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: All interaction is via web-based interfaces. The RecordSure product suite provides a comprehensive set of management information using dashboards. The system is configurable under client specific requirements and, when combined with the Artificial Intelligence capabilities, can deliver not only logistical and quantitative data but qualitative data as well. Recordings can be replayed via the dashboard and “Google-like” search functionality provides the ability to quickly identify interview trends and patterns.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The Recordsure platform conforms to WCAG 2.2 AA. Conformance to the listed accessibility standards has been evaluated using a combination of static analysis tools and manual testing with assistive technologies. The following operating system, web browsers and assistive technologies were used for evaluation: Windows 10/11, Chrome/JAWS/NVDA, Edge/JAWS/NVDA, Windows Magnifier and Dragon Speech Recognition (for command and control)
• API: Yes
• What users can and can't do using the API: Optional API access must be licenced as an Add On (as outlined in the pricing document). Currently, provisioning features, such as setup or user provisions are not available via the API. All operational system features, such as uploading, accessing or downloading records are available using the API.; ; Individual API methods are role restricted to the credentials being used for API access.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Customisation is performed through requests to Business Systems, either as part of the Call Off Contract or through change requests throughout the contract. ; ; Typical customisation areas concern the Capture Form for use by users or management information (MI) requirements. ; ; Some buyers choose to customise or extend areas of the service functionality that require some amount of supplementary software development.

Scaling

• Independence of resources: Capacity is proactively managed. An N+1 approach is applied to all system design to ensure there are extra compute resources at all times beyond that required for peak user utilisation. Customers that have particularly high volume usage, or spikes in their workloads may be provided with dedicated compute infrastructure to ensure they do not interfere with other users.

Analytics

• Service usage metrics: Yes
• Metrics types: A real-time management information system is included in the electronic portal. This allows service usage to be broken down by key medadata, as captured by the form system, that may include departments and user identities. Breakdowns by telephony and metadata will depend on whether the information is electronically supplied to the service as part of any integration or import.
• Reporting types:
  • API access
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Recordsure

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Client Network Isolation, Security Groups, Client Specific Encryption Keys. ISO-27001 controls.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Individual audio records and generated PDF records may be exported via the electronic portal by authorised users. Where required by the customer, bulk export will need to be managed by Business Systems according to the daily rate in the pricing document.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • WAV
  • OPUS
  • JSON
  • PDF
• Data import formats: Other
• Other data import formats: Audio is directly streamed to the system

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: AES-256
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99% availability for viewing of stored files.
• Approach to resilience: We use third party Cloud hosting in the form of AWS and Microsoft Azure.
• Outage reporting: Incident reporting is via email, with critical incidents notified by telephone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Multiple tiers of authentication must be performed in order to access management interfaces and systems. These include private-key based authentication, remote desktop access and username and password combinations with strong minimum password complexity rules.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SOCOTEC
• ISO/IEC 27001 accreditation date: 08/11/2023
• What the ISO/IEC 27001 doesn’t cover: All operational areas are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Business Systems's ISO 27001 certification covers the full scope of the business including all systems, operations and personnel.; ; All security incidents posing a threat to the information storage and processing facilities are reported and documented. For each reported incident it is required that a thorough investigation is conducted and remedial action taken leading to a satisfactory closure. All employees and contractors are made aware of what constitutes an information security incident and are familiar with the reporting procedures.; ; It is the responsibility of all employees and subcontractors to report any information security incident or suspicion to the ISO Security Officer and ensure that the incident is duly recorded on the Information Security Incident form. It is the responsibility of the Security Incident Management to take appropriate action to provide a prompt response to the incident and to facilitate normal operation as soon as safely possible. This is overseen by the Board.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All configuration and change management processes are fully covered by ISO27001 certification and ISMS. All change is approved via a Change Advisory Board where all change requests are assessed via a number of security impact criteria. All changes are pre-configured and tested, with automated deployment to ensure consistency of production releases with pre-production testing.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: A Continuous Systems Improvements team meets monthly to evaluate and mitigate risks, threats and vulnerabilities. There is in addition, subscription to vendor and independent vulnerability forums and newsfeeds, sources include NCSC and NIST. Critical patches are often performed as zero-day fixes, following testing.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: HAProxy Enterprise WAF & API Gateway, Web Application Firewall Mod Security, Amazon GuardDuty, AWS CloudTrail, AWS Shield.; ; Consolidated logging and alerting are used to ensure notification and rapid response to potential incidents.; ; All alerts go to the Security team, where they are rapidly risk triaged, and prioritised for treatment.; ; Where the severity of a reported event or incident is considered to be Major, the situation may need to be escalated to The Crisis Management Team. The CMT once activated will own the crisis until resolution is reached.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management processes are in line with ISO 27001 accredited governance procedures.; ; Users can report incidents by telephone and email. System alerts also notify of incidents. Critical outages or other significant incidents are immediately notified by telephone, with non critical incidents initially notified by email. All incidents are reported in document format by email following root cause investigation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Business Systems are a recognised Carbon Neutral Organisation reducing our footprint from 27 tonnes of carbon emitted in 2022 to circa <0.19 tonne in 2023. Business Systems holds an ISO 14001 certification, and we monitor and measure our environmental performance and compliance through regular Environment, Sustainability, and Governance (ESG) audits.; ; By communicating environmental best practice and offering comprehensive staff training, Business Systems promote sustainable behaviours across our workforce and encourage improved environmental performance across the work we deliver for our customers. ; ; We are committed to supporting the areas we work in, making every effort to enhance the lives of individuals by supporting environmental projects and volunteering our time to help communities. We actively encourage all of our employees to get involved in a wide range of local community initiatives. ; ; We expect our supply chain partners to mirror our continued commitment to environmental practice. Our supplier selection process requires all prospective suppliers to demonstrate how they operate in alignment with the principles of ISO 14001.

  Covid-19 recovery

  Business Systems prioritises the safety and wellbeing of its employees, customers, and third-party suppliers above all else. In line with guidelines regularly published by the Government and applicable health authorities, we have completed COVID-19 risk assessments of all business activities and locations. ; ; We have identified risk mitigations which continue to improve workplace conditions and support the COVID-19 recovery effort, whilst helping to reduce the spread of COVID-19. This includes migrating the organisation to a home-working business model throughout the pandemic, holding workshops on running remote teams effectively, and on fostering “virtual” collaboration. ; ; Supporting and positively influencing the physical/mental health and wellbeing of our staff is at the core of our business culture, with additional support available to employees affected by COVID-19. In addition, we run a range of team-building exercises and will include voluntary work in the local community (related to Covid-19). We already offer workshops to educate the local community in areas relating to voice/speech technology, and raising awareness on health and wellbeing for the contract workforce, including around loneliness and isolation caused by COVID-19. Any identified issues will be acted upon swiftly.

  Tackling economic inequality

  Business Systems values its employees and is committed to recruiting, training, retaining, and supporting them. Our first core value is ‘People First’, and we strive to be an outstanding employer. We believe in providing a safe, diverse, and inclusive work environment that fosters personal and professional growth. To achieve this, we offer competitive salaries and benefits packages, and a robust platform of training, development, and career progression. We have invested in industry-leading tools to support our managers to hold productive conversations with their team members, and to collect weekly actionable engagement data through pulse surveys.; ; Many of our team members have been developed through the organisation, from entry level to senior management (including C-Suite). We are continuing to invest in training and development to create further opportunities to develop our team, as well as creating entry-level opportunities across all areas of the UK. By working closely with universities and internship schemes, we are able to provide work experience and summer internships and have a successful apprenticeship scheme in place.; ; We track staff turnover rates and conduct exit interviews to understand how we can continue to be a better employer. We also engage regularly with review platforms including Glassdoor to allow candidates to gain genuine insight into how our people experience life at Business Systems.

  Equal opportunity

  Business Systems is committed to promoting a gender pay balance and creating an inclusive workplace that values diversity. We understand women are disproportionately represented in low-paid occupations and are proud to have attained Living Wage Employer status. As part of this, we undertook a supply chain audit and remediations to ensure all employees and suppliers are paid a fair and liveable wage. We measure and monitor our success by tracking the representation of women in leadership roles, and by conducting regular engagement surveys. We assess the engagement data by gender, allowing us to identify deltas between men and women and create appropriate resolution plans.; ; Our modern approach to hybrid/flexible working supports underrepresented groups who have traditionally found it difficult to attend an office, including those with disabilities/long-term illnesses. We support our teams to work in locations that enable safety and productivity, whether at home, on site with clients, or in an office. Our office in the City of London is fully accessible and is adjacent to the step free entrances to Bank Station. We provide support to all employees through our Employee Assistance Programme, including a 24x7 support line as well as numerous resources and wellbeing plans. We monitor and measure our success by conducting regular engagement surveys. ; ; We are also committed to increasing the representation of LGBTi+, BAME, and other protected characteristic groups in the workforce. To achieve this, we provide an inclusive work environment that values diversity and promotes equality. We monitor and measure our success by tracking the representation of diverse groups in our workforce and conducting regular engagement surveys, including questions specifically related to diversity and inclusion. This data is segmented by self-reported gender, sexuality, and ethnicity, allowing us to draw insights into deltas between these groups and target specific interventions to improve the employee experience.

  Wellbeing

  Business Systems values the mental health of our employees and is committed to promoting a healthy work-life balance. To ensure staff mental health is promoted, we provide an Employee Assistance Programme which includes mental health resources and support programs. We conduct regular employee engagement surveys which specifically include questions related to mental health, stress, anxiety, and burnout to ensure that we can identify and proactively manage these concerns.; ; We have signed up to the Mental Health at Work Commitment, demonstrating our commitment to the health and wellbeing of our team, and have implemented a Mental Health First Aider programme. We also encourage our team to regularly share wellbeing content and articles on our dedicated Wellbeing Teams channel. We encourage an open dialogue around workload, stressors, and other challenges so that we can make changes to support any team member who needs it. We include wellbeing as a regular topic at town halls and workshops throughout the year. ; ; We have invested in enhanced data analytics to enable team members and managers to proactively schedule time to focus, to learn, and to take a break. Our team can use this data to identify interruptions out of hours, longer or less productive meetings, or other insights that help bring meaning to their work. We monitor and measure our success by conducting regular employee engagement surveys that feature targeted questions related to mental health.

Pricing

• Price: £1.95 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tina.coster@bslgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.