The Access Group

Access TEC Personal Safety & Lone Working

Access Personal Safety & Lone Worker solutions ensure that employers can protect their most valuable assets: their people. Our personal safety solutions can be relied upon to keep dispersed teams safe. Our BS8484 compliant solutions safeguard against potential danger, providing peace of mind and improving productivity, whilst supporting employer responsibilities.

Features

• Guaranteed police response using URNs via BS8484 accredited ARC partner
• Purpose-built Security Operations facility, BS5979 and NSI Gold II Compliant
• Range of bespoke solutions including mobile apps and designated devices
• Range of connectivity options and failover including GSM/GPRS/SMS/Wi-Fi and NB-IoT
• Red Alert, Mandown, Amber Alert timers and Welfare Check-ins
• 2-way audio or 1-way silent protocol calling option
• Latest location technologies to ensure fast and accurate position reporting
• Access to a digital cloud-based Device Management Portal for analytics
• Proactive warnings alert if devices offline/out of signal

Benefits

• Reduce the number of hours lost through workplace accidents/absenteeism
• Address and lessen the risks to reduce RIDDOR reportable incidents
• Meet health and safety standards as an employer
• User-friendly devices means staff adoption is quick
• Keep workforce safe and processes compliant

£2.50 to £16 a unit a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tendernotifications@theaccessgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

537252010017573

Contact

Access UK
01206322575
tendernotifications@theaccessgroup.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Our service can also act as an extension to any existing call/alarm handling software a customer may have in use
• Cloud deployment model: Public cloud
• Service constraints: N/a
• System requirements: A modern browser e.g. Safari, Edge, Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Access has developed a range of support plans. Our online Knowledge base and Community service plans are available to all our clients. We have made significant investment in our client support tools. The Success portal provides around the clock access to log incidents, browse articles and videos to find solutions. Our Support teams are available M-F 9-5 ( or 8-6 on Standard/Premium) On these plans P1 cases are responded to in 30 minutes. Please refer to Access for further details
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Basic Success Plan - provides you with an on-line support experience with on-line support case submission and self-service Knowledge Base access. No additional cost Standard Success Plan- offers an enhanced reactive service, including telephone and e-mail support, as well as priority response times and longer support hours. Larger customers will also get access to a primary named support analyst who will deal with the majority of your support questions. Charged at 15% of your subscription fee. Premier Success Plan- provides proactive services, including access to a customer success manager with quarterly and annual review. Charged at 25% of your annual subscription fee.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onsite/remote training will be scheduled as part of the project plan and agreed by both parties. Delivery of the training will be modular and will follow the logical relationships between the system and the data. Following any changes to the solution, all relevant training material will be updated as appropriate and additional training will be made available as required. We will ensure that users learn through doing. Our consultancy and training services cover: - Overall application overview - System administration and setup consultancy - Document management - Application sub-modules, specialist service area modules - Reporting And include: - Full user guides for each attendee, supplied in electronic format - Train-the-trainer approach - Use of on-line Support and Customer Portal - Use of on-going support via the Support desk
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Customers can request a data extraction. We will complete the extraction and pass to the user.
• End-of-contract process: Data is provided to the customer in an agreed format. The data is deleted securely when the customer has agreed all data has been provided and drives holding the data are securely cleansed. Access can provide an Exit Management Plan to highlight the steps involved in decommissioning the application. Support can be provided to extract data for you on a time and materials basis.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile interface is designed for the smaller screens. Complete functionality is via a full screen, with either desktop or tablet.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Customers can access via an API to integrate to their control room software or for data requests.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The dashboard can be customised

Scaling

• Independence of resources: The solution is hosted in a dedicated virtual environment, specifically designed with security and scalability in mind including extra provision for additional web traffic. Resource usage is tracked and reviewed daily in line with demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Activities carried out by devices connected to the solution are recorded and accessible to the service user.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The user cannot export their data. However, this action can be completed by Access on demand and passed to the user.
• Data export formats:
  • CSV
  • ODF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We provide an uptime guarantee of 99.5% per calendar month. This does not include scheduled maintenance windows.
• Approach to resilience: This is available upon request
• Outage reporting: Outages are reported via our Support Team, primarily through email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: At highest levels via security keys, support channels via access permissions and auditing
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 01/09/2014
• What the ISO/IEC 27001 doesn’t cover: Nothing is excluded from the Standard
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • BS 8484:2016
  • BS 7858:2019
  • EN 50518
  • NSI ARC Gold
  • BS 8418:2015
  • BS 5979:2007

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Access adhere to ISO27001 certification with a dedicated Information Security team working with the business to ensure we uphold our obligations, policies and procedures. The policy is owned and published by the Chief Information Security Officer. It sets out the organisation's approach to security, the commitment from the senior management team and the specific security policies of the company. The Information Security Policy is updated regularly, is published on our the corporate sharepoint and staff receive training on the policy during induction training and refresher training on a twice yearly basis.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All change management is undertaken in line with ISO27001:2013 using JIRA for audit purposes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We provide quarterly internal scans and annual scans by external parties against the infrastructure which feeds into our Cyber Essentials certification. Our internal hosting policies define that the solution and hosted environment are tested for vulnerabilities regularly with a view to nullify threats, vulnerabilities and exploitation techniques. Penetration tests are conducted by an independent organisation to verify security. Results of the tests are resolved by making a development change or making configuration changes to the hosted platform. In either case, the fixes are made based on priority according to the nature of the software and hosting methods.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have traffic monitoring and content based alerting on changes to the site and/or traffic flows implemented at infrastructure level. We keep daily historical reports from servers which provide the facility to identify when changes occurred. We proactively monitor third party suppliers vulnerability reporting and security fix availability. We patch any vulnerabilities found in a timescale appropriate for their level of severity. Our infrastructure response is within 1 hour in the SLA period 8am-8pm Monday – Friday.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We operate a robust incident management process in line with ISO27001:2013 Staff are encouraged to report all incidents using a pre-defined process using a form available on our Company Collaborate site Incident reports will be provided following forensics and closure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Access UK Limited is a Software author and provide associated services, including Hosting, Payroll Bureau and Payment services. We recognise that although we do not undertake manufacturing, our day to day operations will have impact on the environment at global, national, and local level. We are committed to the care of the environment and the prevention of pollution. •Access ensures that all our operations are carried out in with the minimum adverse effect on the environment but implementing many available resources and approved processes •We protect the environment by striving to prevent and minimise our contribution to pollution of land, air, and water •We keep wastage to a minimum and maximise the efficient use of materials and resources, and manage disposal of all waste in a responsible manner •We use energy, water, and natural resources wisely and prevent pollution by minimising waste, recycling whenever possible and properly disposing of waste that cannot be recycled. •Our management processes are developed to ensure that environmental factors are considered during planning and implementation •We raise employee awareness and encourage best practices for sustainability at work

  Equal opportunity

  We want everyone to feel at home at Access, knowing that they are valued for what they do, not who they are. We want people to feel that they truly belong here regardless of their age, gender, race, sexual orientation, or anything else that makes them individual; after all, if we were all the same it would be a pretty dull place. We love the fact that we’re all different. Having more diverse perspectives at work improves how we run our business, helps us support our customers, and when you think about it, it's just more fun. For us, this all starts with helping everyone feel part of the family and being at their best every day, making Access a place where everyone can love what they do and do what they love. We all have regular check-ins with our leaders, take part in monthly employee surveys, have lots of chances to share our views and ask for help, and with our own learning system, 'Access Shine', we really can make things even better each and every day. At Access we'll always hire the best candidate but we're continually looking for creative ways to increase the mix of diverse candidates into our recruitment process. On the basis that you ‘have to see it, to be it’, one thing we're doing is sharing more stories to celebrate the wonderful diverse range of talent we have at Access. It is important for us that our employees understand and reflect the customers and communities we support, and we want everyone to feel at home here, knowing that they are valued for what they do, not who they are. We want people to feel that they truly belong here regardless of their age, gender, race, sexual orientation, or anything else that makes them individual.

  Wellbeing

  We want everyone to feel at home at Access, knowing that they are valued for what they do, not who they are. We want people to feel that they truly belong here regardless of their age, gender, race, sexual orientation, or anything else that makes them individual; after all, if we were all the same it would be a pretty dull place. We love the fact that we’re all different. Having more diverse perspectives at work improves how we run our business, helps us support our customers, and when you think about it, it's just more fun. For us, this all starts with helping everyone feel part of the family and being at their best every day, making Access a place where everyone can love what they do and do what they love. We all have regular check-ins with our leaders, take part in monthly employee surveys, have lots of chances to share our views and ask for help, and with our own learning system, 'Access Shine', we really can make things even better each and every day. At Access we'll always hire the best candidate but we're continually looking for creative ways to increase the mix of diverse candidates into our recruitment process. On the basis that you ‘have to see it, to be it’, one thing we're doing is sharing more stories to celebrate the wonderful diverse range of talent we have at Access. It is important for us that our employees understand and reflect the customers and communities we support, and we want everyone to feel at home here, knowing that they are valued for what they do, not who they are. We want people to feel that they truly belong here regardless of their age, gender, race, sexual orientation, or anything else that makes them individual.

Pricing

• Price: £2.50 to £16 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tendernotifications@theaccessgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.