Vatix Limited

Employee Safety (formerly Lone Worker Safety)

Vatix’s BS8484 accredited lone worker system protects individuals in real-time. We offer various lone worker devices, apps and alarms integrated into an easy-to-use web application that logs every incident. The system allows users to instantly alert emergency situations, with real-time GPS location tracking and man down functionality available.

Features

• Leading Alarm Devices & App
• Advanced Self-Monitoring of Lone Worker Alarms
• BS8484 24/7 Alarm Monitoring by Vatix
• Automated Incident Logging and Reporting
• Real-Time Live Location Map With 1 Minute GPS Updates
• Advanced Usage Reporting
• Improve Coverage With Our Multi-Network SIM Card
• Welfare Check-in Timer & Voice Memo
• Fall Detection Alarm Activation
• BS8484: 2022 Accredited Solution

Benefits

• Satisfy Employer 'Duty of Care' Responsibilities
• Reduce Risk of HSE Investigations
• Improve the Quality of H&S Processes
• Create a Proactive H&S Culture
• Improve Internal Productivity
• Comply with GDPR Legislation

£10 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@vatix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

564109237563156

Contact

Sales
0203 991 5555
sales@vatix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Web Browser (Chrome, Firefox, Edge, Safari)
  • Android
  • IOS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday during business hours. Email response time <24 hours, and calls <30 seconds.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Webchat is audited to the WCAG 2.1 guidelines
• Onsite support: Yes, at extra cost
• Support levels: Our Alarm Receiving Centre (ARC) operates around the clock, 24/7, 365 days a year, ensuring uninterrupted service. Our Customer Support Team is accessible via phone, live chat, and email from Monday to Friday, 9:00 AM to 5:00 PM, excluding Bank Holidays.; ; We commit to a 24-hour Service Level Agreement (SLA) for all email communications. While our policy guarantees responses within this timeframe, we typically address and resolve queries on the same day they are received.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation is provided via PDF and hard printed copy for the software, along with any necessary extra services (devices, apps, etc). Customers are contacted upon initial delivery to onboard and answer any initial questions.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The customer can export data from the platform themselves using a self-service data export feature.
• End-of-contract process: At the end of the contract, we cease processing data. At the customer's instruction, we can return structured data or securely dispose of it.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The main difference between the web app and mobile app lies in their usage and functionality. The web app is primarily used by administrators to manage users, devices, licences, and view reports and dashboards, as well as monitor alarm events in the compliance audit trail. Conversely, the mobile app is designed for end users, typically front-line employees, serving as a lone worker safety tool to aid in emergencies and maintain communication throughout the day.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface of the web application is designed to be user-friendly and self-maintained, catering specifically to administrators managing lone workers and devices. This platform enables administrators to efficiently oversee user and device management. It provides comprehensive functionalities for running detailed reports, which help ensure the effective usage of the service. Additionally, the interface allows for real-time monitoring through dashboards that display alarm events and compliance audit trails, facilitating a robust management system for maintaining operational safety and compliance. This setup is ideal for streamlining administrative tasks and enhancing the oversight of lone worker safety protocols.
• Accessibility standards: None or don’t know
• Description of accessibility: Software is accessible on the web (web application).; For users of assistive technology:; ; • There are no significant audio cues; • A vast majority of the interactive UI has text, which can be resized (browser permitting); • Use of blue, red, and amber colours across the whole application
• Accessibility testing: Currently, we've conducted no tests for users of assistive technology.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our service is hosted using a multi-tenancy architecture, which adheres to the best practices of cloud development. We are ISO 27001 accredited, ensuring rigorous security standards. Our dedicated technical team continuously monitors our infrastructure's performance to guarantee that user demand does not affect the stability or speed of the service for others.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide comprehensive usage metrics to the customer through in-application dashboards and reports, offering detailed insights into service utilisation and performance.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: We protect data at rest by implementing stringent security measures in compliance with ISO 27001 standards. This includes the use of encrypted storage solutions and robust access controls to ensure data remains secure and inaccessible to unauthorised parties. Our ISO 27001 accreditation underscores our commitment to upholding high security practices across all data handling processes.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data exports can be requested from our organisation in both .PDF or .CSV formats
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Vatix is committed to providing exceptional service, aiming for 100% connectivity and guaranteeing an availability of better than 99.9% for our solution. Historical data from the previous G-Cloud period shows that our hosted customers experienced an availability of better than 99.975%, excluding periods of scheduled maintenance. In the event that we do not meet these guaranteed levels of availability, service credits may be offered as defined in our service level agreements (SLAs). These SLAs outline the specifics of availability guarantees and the compensation mechanism through service credits, ensuring transparency and reliability for our users.
• Approach to resilience: Our service is designed for resilience, fully adhering to ISO 27001 standards and utilising AWS infrastructure across multiple availability zones. We incorporate best practices for redundancy and resilience at both infrastructure and application layers, ensuring robust fault tolerance and continuous availability.
• Outage reporting: Our service uses several methods to report any outages, ensuring timely and clear communication. We maintain a public dashboard that displays real-time service status and any outage information. In the unlikely event of a service outage, we proactively communicate with the technical contact of the customer via email to provide detailed updates and information on resolution progress. This approach ensures that our users are well-informed and can manage any service interruptions effectively.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access to management interfaces and support channels through role-based access control (RBAC), ensuring only authorised personnel have access based on their job requirements. Authentication mechanisms, including multi-factor authentication, are employed to enhance security, with regular audits conducted to maintain compliance and integrity.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 27/04/2022
• What the ISO/IEC 27001 doesn’t cover: The services are within the scope of our ISO certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST Certified Penetration Testing

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our information security policies and processes are structured around our ISO 27001 accreditation, serving as the baseline for our Information Security Management System (ISMS). We have a dedicated information security team tasked with implementing and monitoring these policies throughout our organisation. To ensure compliance, we conduct regular training sessions and audits. Our approach includes continuous monitoring and improvement strategies to address evolving security threats effectively. Compliance with our security policies is mandatory for all staff, with clear accountability and escalation procedures in place to manage and rectify security issues promptly.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes are integral to our ISMS, structured around ISO 27001 standards. We meticulously track the lifecycle of service components using a centralised management system, ensuring all assets are continually accounted for and reviewed. Changes to our systems and configurations undergo a rigorous assessment process to evaluate potential security impacts. This includes a preliminary risk assessment followed by testing in a controlled environment before deployment. Stakeholder reviews and approvals are mandatory for each change, with detailed documentation maintained for audit and compliance purposes, ensuring security integrity throughout the process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process aligns with ISO 27001 standards, involving regular assessments of potential threats, including annual penetration testing by an external CREST-certified consultancy. We rapidly deploy patches, sourcing threat intelligence from reputable security channels, to maintain robust defenses against emerging security challenges.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We employ industry-leading monitoring tools to identify potential compromises in our infrastructure and applications. Upon detection, our incident response team evaluates and responds swiftly, often within hours, to mitigate impacts. This proactive approach ensures rapid resolution and minimises disruption to services.
• Incident management type: Supplier-defined controls
• Incident management approach: Our organisation's incident management processes are structured around a comprehensive incident response plan led by our Head of Engineering. This ensures effective management and swift resolution of incidents. The plan and our incident management processes are audited annually as part of our ISO27001 certification, affirming our commitment to high standards of operational security and continuous improvement.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our commitment to fighting climate change is evidenced by our proactive environmental management policies. We operate a comprehensive recycling program ensuring that all hardware supplied is recycled at end-of-life, significantly reducing environmental impacts. Additionally, we actively manage the environmental footprint of our supply chain to support sustainable practices.

  Covid-19 recovery

  Our services are pivotal in supporting the UK's growing number of home and hybrid workers, particularly during the COVID-19 recovery phase. By providing best-in-class technology and support, we ensure that workers can operate safely and efficiently from various locations, enhancing emergency response capabilities for lone workers.

  Tackling economic inequality

  We are dedicated to tackling economic inequality by providing apprenticeship programs aimed at young individuals aspiring to careers in technology. These programs offer extensive training, support, and mentorship, enabling participants to gain valuable skills and opportunities for career advancement in high-growth sectors.

  Equal opportunity

  Our company is committed to fostering a diverse and inclusive workforce. We actively employ and support individuals with disabilities and other challenges, ensuring that all employees have equal opportunities to succeed and contribute to our success.

  Wellbeing

  Our comprehensive wellbeing program underscores our commitment to employee health and satisfaction. This includes offering health insurance and creating a highly ergonomic work environment. We ensure that all employees have access to the best ergonomic equipment, promoting comfort and wellbeing in the workplace.

Pricing

• Price: £10 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full access to the software for a standard 14 days.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@vatix.com. Tell them what format you need. It will help if you say what assistive technology you use.