Glow New Media Ltd

SafeTeam Guardian - lone worker safety system

SafeTeam Guardian is an NHS specific, lone worker solution offering world first operational improvement benefits. The solution deploys en masse, over the air to existing NHS smartphones, rapidly improving lone worker safety and compliance.

Features

• NHS specific, designed with and for mobile healthcare practitioners
• Real time location of smartphone
• Alert direct delivery - no external Alarm Receiving Centre
• Custom Standard Operation Procedure (SOP) delivery with alert
• No additional hardware required - works with existing NHS smartphone
• En masse remote deployment over the air, easy user management
• Innovative reporting - patient contact duration, frequency, integration
• Releases capacity - milage claim automation

Benefits

• Proven in NHS, suited to NHS environment
• Real time situational awareness, better decisions, better operations
• Brings alarm handling in-house, no false alarm charges
• Improves compliance with your Standard Operating Procedure
• Low deploy/maintain cost, High adoption, easy to manage
• Ensures effective uptake and use
• Evidencing activity and patient contact made easier
• Allows better use of limited resources

£6 to £10 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at phil@glow-internet.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

500937041206356

Contact

Philip Blything
+441517079770
phil@glow-internet.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: 99.5% Uptime; Scheduled Maintenance as documented
• System requirements:
  • Minimum hardware specification as documented
  • Minimum software specification as documented

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide helpdesk support during office hours 09:30 - 17:30, Monday to Friday under our basic service.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support: We provide helpdesk support during office hours 09:30 - 17:30, Monday to Friday under our basic service. This is second line support, with most issues able to be handled by customer trained admin who will provide first line. ; ; We do provide technical account management for named contacts.; ; Onboarding / Config. ; We offer free of charge onboarding, up to 30 calendar days resourcing (excluding custom development). Additional resource is available at standard day rate - £750 ex VAT.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onboarding is simple and Free Of Charge (up to 30 calendar days), with a dedicated account manager to support you. We’ll train your trainers and help you get set up and configured so that the service runs smoothly from day one. Documentation and help is built into the product.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Should users request data export, we will provide managed data export serviced at published rates.
• End-of-contract process: SafeTeam Guardian is provided as Software as a Service.; Charges are based on number of users and should a customer wish to end contract, it's easy for them to remove the app software from phones, centrally using their MDM. Alternatively, they can remove user accounts from the web control system or ask us to do that.; If required, we can provide customer data and destroy data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Mobile APP has a fundamentally different purpose and use case to the browser management interface. This is intentional.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Service is provided through the web management system. This is browser based, easy to use and has inbuilt help.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Informal accessibility testing. Limited core functions are available.
• API: No
• Customisation available: Yes
• Description of customisation: No customisation is required or provided for standard mobile app user.; ; For managers only:; Customisation of Standard Operating Procedure is available during on-boarding. Custom setup of locations, radius and preference are available and supported.

Scaling

• Independence of resources: Most users use an installed Mobile App. This is specifically designed to use local resources, distributing computational load.; ; Where information is transmitted to the server layer, bandwidth requirements are low.; ; The system is isolated so resources are not shared.; The hosting environment is scalable and currently provided by healthcare trusted hosting environment specialists AIMES.

Analytics

• Service usage metrics: Yes
• Metrics types: Extensive reports are available to management users including but not limited to:; Users Active last 2 hours; Users Active Last 30 Days; Last seen Date / Time; Miles travelled; Onduty times, durations; Where time is spent; Patient visits
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Our current cloud partner, AIMES meet the NHS criteria for information security and governance. AIMES (Organisation Code 8J121) complete the Department of Health’s Information Governance Toolkit on an annual basis and our version 14 .1 submission for 2017/2018 has been reviewed and classed as meeting the NHS criteria for information security and governance (Level 3).
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Your data is yours. We will return your data to you and delete it, should you require, within 30 days of your request. We reserve the right to charge for our time in servicing such a request, at published rates and may exclude our proprietary or derived data. We reserve the right to delete your data after 30 days of cancellation.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Uptime Target: We will provide 99.5% uptime for the service, excluding any planned maintenance.; Refunds: If we fail to meet the uptime target, we may provide a refund, on a pro rata basis, should you request.
• Approach to resilience: This information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: We use role based authentication, restricting higher level features and controls to a limited number of senior users.; ; We require strong passwords:; RequiredLength = 8,; RequireNonLetterOrDigit = true,; RequireDigit = true,; RequireLowercase = true,; RequireUppercase = true,
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: Our security policy covers various aspects including ; ; - Joiners, leavers process; - Asset management; - Access Control; - Data processing; - Data storage; - Network security; - Communication Security; - Risk log ; - Escalation; - Compliance; - Review; ; Our staff report directly to our directors. ; ; We periodically audit our compliance with these policies annually. Where possible we supplement our audits with automated software.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to software are tracked in our version control system, Microsoft Azure Devops.; ; All tickets are logged and tracked within our digital systems. ; ; Project management and task lists are recorded in the project tracking software (currently Jira from Atlassian). ; ; The security impact of changes is discussed at design, development and deployment stages. If appropriate security impact is discussed at board level
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have an in house software development team. Security patches to software can be deployed rapidly as we use continuous integration and one click deployment through Microsoft Azure Dev Opps. ; ; Our server infrastructure runs operating systems supported by Microsoft and is regularly patched.; ; We use software to assess threats to our infrastructure (currently Nexpose Community Edition). We also audit compliance to our security policy.; ; Potential threats are either resolved immediately or logged and prioritized in our risk log.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Only staff that require access to sensitive data are provided with access. ; ; We routinely carry out security awareness sessions with all our staff.; ; Security breaches (or near misses) are logged in our incident log. They are escalated to director level or to the ICO if required.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are recorded in our incident log.; ; Incidents are reviewed periodically (or more quickly if escalated) and then assessed by our team. Learning points are recorded and decimated. ; ; Our incident log is available on request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Glow work to reduce climate change by asking all colleagues to take an active approach to reduce carbon footprint actively in an incremental and ongoing way.
• Covid-19 recovery:

  Covid-19 recovery

  SafeTeam is particularly suited to remote working (for community healthcare teams) and was used by NHS for this core purpose during COVID19.
• Tackling economic inequality:

  Tackling economic inequality

  We work with the local LEP, sitting on the Health and Life Sciences board where we are actively contributing to fight economic and health inequality.
• Equal opportunity:

  Equal opportunity

  Glow is an equal opportunities employer.
• Wellbeing:

  Wellbeing

  Team wellbeing is a priority and Glow work continuously to ensure that colleagues are supported with resources, opportunity and mentoring to promote their wellbeing and mental health.

Pricing

• Price: £6 to £10 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We offer a limited, 90 day evaluation without charge.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at phil@glow-internet.com. Tell them what format you need. It will help if you say what assistive technology you use.