Elisian Limited

e3c

e3c is a SaaS offering to Local Authority, Police, NHS Trust and third sector service providers. It is a comprehensive, flexible, powerful but simple to use case management solution suite which has been used to support multi-agency, service user based initiatives as it has evolved over the last 15 years.

Features

• Capture detail of an intervention or meeting with service-user
• Capture ID, demographic and case information regarding service-user
• Enter and present meetings/contacts in diary format
• Automatically schedule the generation of e-mails and text messages
• Integrated report writer and analysis tool (multiple formats)
• Configurable dashboard and screen-set based on role
• Administration screen-set allowing role based security
• Able to accommodate multiple levels of consent
• Remotely accessible and re-sizeable for tablet use
• Prescription writing and management capability

Benefits

• Single source of truth for a multi/single agency initiative
• Helps drive outcomes by enabling automated processes
• Allows practitioners to share information and generate reports
• Simple, configurable user interface with prompts and alerts
• Deployed across mission critical applications with thousands of users
• Simple and cost effective enough for deployment across small initiatives
• Providing latest information to field staff based on their role
• Configurable enough to map onto initiative processes and support goals
• Generating accurate information for central government for 15 years
• Robust, proven and constantly available

£452 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.elcoat@elisian.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

513915025765860

Contact

Ian Elcoat
07516978666
ian.elcoat@elisian.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Windows 10
  • Internet access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on priority level typically 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Priority one: total system failure, where no operation is possible. Response within 4 hours, target resolution time one day; Priority two: certain functionality will not operate but users can still access components of the main system. Response within 8 hours, target resolution time 48 hours; Non urgent: some element of the system has failed but operation is not affected or only slightly impaired. Response within 3 days, target resolution time 6 days ; The above support levels are included in the cost of the named user SAAS license (£452 + VAT per user per year). ; A technical account manager and cloud support engineer are provided as required and this is included in the cost of the annual named user license.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Prior to going live with the E3C solution users are given onsite or online training (depending on the number of users), on-line training is delivered using a standard conferencing tool like Skype for Business. This training is typically 'train the trainer' although end user training is available. User documentation is available for E3C and is issued to nominated customer staff ahead of go-live. This documentation can be issued by authorised staff internally or can be made available on-line.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customers data remains the property of the customer throughout and following their contract period. At the end of the contract period the data is assembled in a suitable format (Microsoft Excel) and communicated to the customer. The customer may request that Elisian maintain a copy of the data in a securely hosted environment (this is a chargeable solution), otherwise the data is erased.
• End-of-contract process: The data is made available in a downloadable format (Microsoft Excel), this is completed by Elisian at the end of the contract and would be included in the cost (based on a 12 month minimum contract). In the event the contract was terminated within the 12 months the cost of this service would be one day (£780 + VAT) or 2 days (£1,560 + VAT) depending on the amount and nature of the data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: E3C has been designed to re-size for operation on a mobile device
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The solution is base on a standard web interface.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: To date we have not undertaken any specific testing for users of assistive techniology. We are keen to undertake this as a priority should the need arise.
• API: Yes
• What users can and can't do using the API: How users can set up the service through the API?; All users requiring the use of the API will have a unique key generating for their respective access via the software support desk. This API key is configured to ensure that the access rights are adhered to and that the API user is not able to use the services outside of the agreed usage.; ; How users can make changes through the API?; Via the API users are able to interrogate the data held within the system for readonly purposes as standard. If the user is required to update data within the system then custom API are exposed to facilitate this with documented measures implemented to ensure data integrity.; ; Any limitations to how users can set up or make changes through the API?; All API’s are established as standard, readonly data call APIs unless otherwise customised as part of the software implementation.
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: What can be customised?; Any aspect of E3C can be customised if the required functionality cannot be met using the configuration tools and screens within the solution.; How users can customise?; Customisation must be conducted by Elisian Limited and will be charged on a time and materials basis at a rate of £780 + VAT per day. Customisation is typically loosely specified by the customer and then presented as a detailed proposal by the Elisian Limited account manager following further specification by the Elisian technical lead. ; Who can customise?; Customisation can only be conducted by Elisian Limited staff as part of a quoted work package.

Scaling

• Independence of resources: Our hosting service is completely scale-able and 100% concurrency of use by named users is used as a basis for determining required resource.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics can be provided via any of the stipulated formats. Annual, monthly and quarterly reports are agreed and issued. There may be a charge (on a time and materials basis or an agreed cost) for some metric reporting services depending on the complexity and frequency.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported by the authorised customer users (authorisation is determined by the customers management team and configured in the solution itself by customer staff). The export can be in a range of formats including CSV file, Microsoft Excel, XML, Word and PDF.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • Word
  • PDF
  • Microsoft Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • Microsoft Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Our E3C solution has a guaranteed availability of 99.9%; ; In the event the service is not available the monthly cost of the service during the month of the period of unavailability due to infrastructure downtime is refunded at the end of the year.
• Approach to resilience: Configuration: Optical network based; Deterministic; non-switched point-to-point service.; Speeds and technologies: 1Gbit/s and 10Gbit/s ethernet; STM - 4, 16 and 64; fibre channel, 1Gbit/s, 2Gbit/s and 4Gbit/s; DVB -SDI/ATI 270Mbit/s and SDIHD1.5Gbit/s; Scalability: Supports multiple service delivery; Resilience: 99.9% up to 99.99; Availability: National; Protocol support: Ethernet, SDH, SAN and Video; Latency: Low latency with target subs 5ms, (one way) throughout the UK; Maximum Transmission Units (MTU’s): 9,000 bytes; Power and Space: NTU’s with low power consumption characteristics
• Outage reporting: API and e-mail alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted by the customers administrators using the E3C on-board administration screens. E3C can be configured to separate administration access from service user data access. This level of separation is useful in maintaining the integrity of the case management solution when management interfaces and support channels need to be maintained and administered.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 30/01/2013
• What the ISO/IEC 27001 doesn’t cover: The E3C software development (this is covered by ISO 9001)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • ISO 9001
  • GDPR Certificate of Achievement

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: All data is held in a ISO27001-certified data centres, providing Tier 3 level; resilience and security. We do comply with CSA CCM v3.0, & SSAE-16 / ISAE 3402 guidelines and best practices, based on Azure certification and ISO 9001 & 27001 Procedures.; Data security is the responsibility of the Managing Director and any decision involving the security or sovereignty of data is discussed directly with the Managing Director and the senior technical staff.; Elisian Limited have committed to the NHS Digital HSCN registration policies and have a nominated data protection officer.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The E3C solution has evolved over the last 15 years and the core solution has been upgraded and rewritten to take advantage of developments in performance, user interface and security. Incremental changes are managed very closely (Elisian Software developed it's own change management software) and and upgrades or changes are rigorously tested for any possible impact on the core solution or the modules. All pending changes are discussed with users and available upgrades are scheduled at a time suitable for them. The solution is backwards compatible and many users are using older versions while taking advantage of newer modules.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Assessment of potential threats; Close communication with our customer base coupled with monthly internal meetings on prevailing issues have meant that we have been able to manage any potential threat during the 15 years we have been delivering the solution set.; ; Deployment of patches; Patches are deployed immediately after they are available and are implemented as a matter of priority. Patched are deployed by senior technical staff with a direct-line of reporting to the Managing Director.; ; Information about potential threats; The Managing Directors office issues any warnings about potential threats both internally to staff and externally to our customer base
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The technical staff responsible for the secure hosting of our solutions use the latest versions of monitoring software to identify any potential compromises. These are then managed directly and escalated to the senior management team. We monitor port attacks suspicious behaviours and malware attacks; ; Any potential compromise is managed as a matter of priority one support and the nominated customer representatives are contacted immediately and given a procedure / checklist to follow. IAny data breaches would be reported to the ICO as per our documented GDPR responsibilities.; ; We respond immediately incidents are detected. Elisian are responsible for 24/7 support contracts.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Yes, we have very defined priority processes for any incidents around customer data submission (for instance monthly submissions to the NHS or Home Office). All incidents are recorded and go into a knowledge base to facilitate a rapid response to future similar incidents.; Users report incidents using processes (on-line or via telephone) well defined in the SLA that accompanies the SAAS solution. A set of priorities and corresponding response times are documented. ; Incident reports are provided as soon as possible after an incident has been flagged and responded to. In addition monthly/quarterly progress reports are issued based on user requirements.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  Elisian have several measures in place for fighting climate change:; ; All recyclable items are processed accordingly ; All staff are able to work from home to cut carbon footprint; Recycled smartphones are used; Hybrid vehicles are used wherever possible; Teams meetings have replaced most of our face to face meetings.
• Covid-19 recovery:

  Covid-19 recovery

  Elisian have complied fully with Government Guidelines and have developed a software module for one of our customers to monitor the Covid-19 status of staff travelling together.
• Tackling economic inequality:

  Tackling economic inequality

  The Elisian head office is located in an area where the average household income is significantly below the national average. "The average household income in Gateshead is just over £34,200 per year, compared with a national figure of just under £41,100 (CACI Paycheck, 2021). Elisian remains committed to growth and employment in this area.
• Equal opportunity:

  Equal opportunity

  25% of Elisian staff are women.; 25% of Elisian staff are from an Ethnic minority
• Wellbeing:

  Wellbeing

  Elisian places the wellbeing of its staff as one of it's main priorities. The length of service of our staff far exceeds the industry and national averages. Our staff work in an atmosphere of trust and open communication.

Pricing

• Price: £452 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The per user per year SAAS license in included; The set-up costs are not included; Minimum number of users is 20; Time limit of 8 weeks

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.elcoat@elisian.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.