Involve Visual Collaboration Ltd

ALLDOQ Medico-Legal Workspace

ALLDOQ allows users to securely upload, store, view and share all the documents needed for your case, including radiology files. Create reports in a court-approved format, accurately record time spent and create invoices within the platform, and manage your practice in the customisable dashboard, plus many more unique features.

Features

• Specialist medico-legal workspace allowing secure storage/sharing of cases
• Centralises everything you need in one workspace
• Secure log in with 2 factor authentication
• Personalised dashboard with data analytics
• Full case, tasks and resource management
• Built in radiology viewer
• Automated case time sheets and invoicing
• Secure document exchange
• Court approved document builder within platform
• Fully auditable

Benefits

• Secure access to case information for authorised personnel only
• Eliminates need to use multiple platforms/applications.
• Controlled access to sensitive patient /case data
• Relevant parties can view snapshot of cases/workload /specialisms
• Full collaboration between expert, law firm/relevant parties on associated tasks
• Radiology viewer allows seamless uploading/sharing of radiology files
• Embedded time calculator/management tool to record billable case activity
• Send large bundles of data directly into the system
• Built-in case report template aligned and consistent with court processes
• All activities are tracked and can be easily audited.

£40.00 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@involve.vc. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

633555834695968

Contact

Iffat Chaudhry
03300883475
sales@involve.vc

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No, there are no constraints
• System requirements:
  • Google Chrome Web Browser (Win7+, Android5.1+, MacOS 10.11+)
  • Apple Safari Web Browser (MacOS 10.12, iOS 11.4+)
  • A reliable connection to the internet
  • Minimum 10" screen size

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Initial response in 2 hours within working hours (Monday to Friday)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: The support service is available 24 / 7 / 365 at an uptime of 99.9%. The helpdesk facility is available 07:00 – 19:00 Monday to Friday. The Support desk will be available for inbound support via telephone and email. The Support desk will provide a three layer support system with response times defined by Involve’s SLA. The tiered structure will provide support as follows: 1. Tier 1 will provide support on general issues, high level fault resolution and administration around usage of the service. Any issues that are unable to be resolved at this stage will be escalated to tier 2. 2. Tier 2 will provide support on technical issues around usage of the service and supporting end-user IT functions. Any issues that are unable to be resolved at this stage will be escalated to tier 3. 3. Tier 3 will use Involve’s technical staff and the support of manufacturer technical support to resolve any faults or outages.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All users receive an email once their licence is activated with account set up instructions. This is followed by an introductory training session which can be with an online trainer or in person to suit.; During the training, users will be equipped to customise their dashboard and select required features, relevant to their own role. ; There is an ALLDOQ training guide within the system, as well as access to our support desk. Users can request additional training as and when required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: On termination of contract, the customer has 30 days to ove all data files from the system to a location of their choosing. After 30 days, all customer data and related files will be deleted.
• End-of-contract process: The customer can terminate the contract with 30 days’ notice. Once the contract has ended, ALLDOQ licences will automatically terminate.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: When accessed on a mobile device e.g. tablet, which has a minimum 10" screen there is no difference to the service. It is not accessible on devices with smaller screens.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Administrators can customise many aspects of the service including branding, but they can also toggle on / off all features that users do not need. This can include report building, customised dashboard and time management for example.

Scaling

• Independence of resources: System resources are designed for horizontal scaling so that new servers are launched to handle increased load. Systems resource utilization are constantly monitored to enable timely scaling.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide users with activity metrics on caseloads, individual user activity, time and cost.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can download a zip file of their uploaded files; they can also download activity logs and their relevant case documentation.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The ALLDOQ service is hosted and housed within a secure data centre providing resilient connectivity and power, with a guaranteed uptime of 99.9%.
• Approach to resilience: The system is provided as a resilient, high availability service. Underlying infrastructure is provided by an accredited data centre, redundant and resilient internet connections and local utilities. The system is designed for continuity with resilience to both site and component failures. Redundant sets of components are deployed into geographically-separated sites. These redundant components are configured for cross-communication, so that if a component fails in a given zone, its functions will be fulfilled by surviving components in another site. The design is scaleable with additional component units able to be added for resiliency, and capacity.
• Outage reporting: The following outage reporting methods are employed: ; Service Status Dashboard ; Email alerts to nominated Customer Contacts; ; Follow up by a member of the service support team to follow incident management procedures.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: User subscription and restricted access; also role based access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 14/12/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Sysnet Global Solutions
• PCI DSS accreditation date: 13/04/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Complies with ISO27001 Information Security Management Standard.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Complies with ISO27001 Information Security Management Standard.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Complies with ISO27001 Information Security Management Standard.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Complies with ISO27001 Information Security Management Standard.
• Incident management type: Supplier-defined controls
• Incident management approach: Complies with ISO27001 Information Security Management Standard.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  This service reduces the need to travel for meetings, allowing digital collaboration, and eliminates printing or exchanging hard files / documents, directly reducing emissions and positively impacting an organisation's carbon footprint

  Wellbeing

  Current users are reporting a 30% increase in productivity, therefore providing better workload management and overall work / life balance.

Pricing

• Price: £40.00 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: One week trial, with full functionality included.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@involve.vc. Tell them what format you need. It will help if you say what assistive technology you use.