Halo System
Incident & Emergency Management. Health and safety, risk assessment and security / counter-terrorism assessments. Its a universal safety platform for all manner of uses.
Features
- Real-time incident management
- Real-time task management
- Data & trend analysis
- GPS resource tracking and patrol management
- Image, video and file sharing
- Accreditation passes and ID cards
- Risk assessment and Counter-Terrorism vulnerability assessments
- Health & Safety and accident reporting
- Systems integrations with CCTV, access control etc
- Mobile app with all the above functions
Benefits
- Combine multiple systems to save time, money and lives
- Effectively respond to and manage emergencies
- Mobile app to manage people, resources and incidents
- Connect all the disconnected teams in a major incident
- Trend analysis plus capture of evidence for legal purposes
Pricing
£1,750.00 to £250,000.00 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 3 2 0 7 7 2 6 9 2 6 5 4 2 2
Contact
Halo Solutions Ltd
Lloyd Major
Telephone: 08009202014
Email: hi@halosolutions.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No
- System requirements
-
- Apple iOS no older than five years
- Android OS no older than five years
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Daily, between 07:00 & 19:00 within 1 hour
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AAA
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- We leverage a third party AI web chat bot provided by HubSpot
- Onsite support
- Yes, at extra cost
- Support levels
-
1) Unlimited online virtual training (in-person via MS Teams for example) for all Admin users during UK office hours (some exceptions can be made).
2) Support tickets can be submitted 24/7 and are responded to every day between 7am and 7pm within one hour
3) E-mails can be submitted 24/7 and are responded to every day between 7am and 7pm within one hour
4) Telephone calls can be made 24/7 and are answered at all times
5) Every 90 days an account manager will get in touch with the main licence holder or nominated representative and provide client support and analysis
6) Site visits and training can be booked at any time.
7) System configuration can be done entirely without us, but if you want our help doing it we can provide this service also.
1-5 are free of charge (included in the licence fee)
6 & 7 are £350 a day plus reasonable travel and accommodation costs. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We work with users to configure the system completely for their needs. This is the onboarding process. We give them training, training guides and videos, and a training environment. We can host training days or sessions, online or in person at their request. We then meet up every 90 days for continual support and guidance.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- CSV or pdf download.
- End-of-contract process
- Users download all of their data, we delete everything to be compliant with data storage and retention rules.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- - No reports or data documents are available via mobile
- Service interface
- No
- User support accessibility
- WCAG 2.1 AAA
- API
- Yes
- What users can and can't do using the API
- Users can work with us to create consumer or producer API's to absorb information from us they wish to use elsewhere (data dashboards in Power BI for example) or push information to us from other systems (like body worn video for example). The possibilities are endless, we have our own in-house engineering team and can work with others to achieve whatever is necessary.
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Logos can be added. Whole custom forms can be built. Custom workflows. Custom integrations.
Scaling
- Independence of resources
- We are hosted on the Amazon Web Servers and can scale almost indefinitely.
Analytics
- Service usage metrics
- Yes
- Metrics types
- We can provide number of users, location of users, time of use and length of use, how many incidents or tasks each user has reported/completed. We can provide service uptime and other metrics upon request.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Via pdf or csv export
- Data export formats
-
- CSV
- Other
- Other data export formats
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.99999% up-time guarantee
- Approach to resilience
- See attached technical specs document.
- Outage reporting
- Monitoring by external services such as Sentry and Hyperping that generate e-mail alerts.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- See attached technical specs document
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- EY Certify Point
- ISO/IEC 27001 accreditation date
- 22/11/2023
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 22/11/2023
- CSA STAR certification level
- Level 4: CSA C-STAR Assessment
- What the CSA STAR doesn’t cover
- N/A
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- ISO 27001 - see attached technical specs document
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- See attached technical specs document
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- We use Intruder.IO to regularly penetrate our software (near daily) and we have Cyber Essentials and Cyber Essentials Plus certifications.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Our automated systems would alert us near instantly and our engineering team would then work on a patch but this is in partnership with large technical organisations like AWS who patch all their own data hosting.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Please see our full security policy
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Wellbeing
Fighting climate change
Our system has a 'Sustainability Module' that will help organisations monitor and improve their sustainability.Wellbeing
Our system improves public safety and everyone's wellbeing is enhanced when they feel safe.
Pricing
- Price
- £1,750.00 to £250,000.00 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Our full service is available for a free trial. Every module, every feature, every option. We limit it to 30 people, for 30 days, but review this on a case by case basis.