SEND FOR HELP LIMITED

Lone Worker Employee Protection Services From Peoplesafe

Lone worker services from Peoplesafe protect the largest share of public sector lone workers. Alarms raised through lone working devices, safety apps and body cameras are professionally managed by our 24/7/365 control centre. With Peoplesafe, you’ll know your staff can receive help whenever, wherever. Peoplesafe are people risk management specialists.

Features

• Guaranteed police response bypassing 999using URNs via BS8484 accreditation
• Dedicated, purpose-built 24/7/365 Alarm Receiving Centre EN50518 and BS9518accredited
• National response service, unique BS8484:2022 accredited solution for lone working
• SOS alarms answered within 3 seconds and expertly triaged
• Fall detection, timer and check-in systems providing failsafe critical responses
• Award-winning software platform Nexus, proactively managing people risk and reporting
• First class data security ISO27001 and Cyber Essential Plus accredited
• Additional integrated solutions including body-worn cameras, dashcam and mass notifications
• Travelsafe app ensuring everyone gets to work and home safely
• Flexible and on-demand training solutions including webinars and eLearning

Benefits

• Dedicated: 130 experts completely dedicated to keeping your employees safe
• Reduced Administration: effortlessly manage subscriptions and staff safety via Nexus
• Secure end-to-end solution: complete control over security, development and quality
• Reliable: 99.99% uptime, answering alarms whenever you need us to
• Futureproofed: guaranteed alarm responses throughout contract regardless of legislation changes
• Fastest alarm response: evaluating the situation quicker than anyone else
• Rapid alternative response: help even when emergency services are busy
• Low- or no-signal protection: successfully raise alarms in remote/rural areas
• Implementation experts: rollout Peoplesafe with maximum uptake and minimal disruption
• Adaptable: continuously supporting changing needs and environment through pioneering technology

£1.20 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidsupport@peoplesafe.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

717042363438575

Contact

Sophie Kent
0845 8606 999
bidsupport@peoplesafe.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Integration with HR platforms through API's.
• Cloud deployment model: Public cloud
• Service constraints: The Peoplesafe service is designed to offer 100%system uptime, on a 24/7 365 basis, and is accessible across all major mobile phone brands and / or web-enabled device using any modern web-browser including Chrome & Edge etc
• System requirements:
  • Android - 8+
  • Iphone - iOS 14+

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Mon-Fri during business hours - emails responded to in 24 to 48 working hours with calls answered within 30 seconds. We exceed BS8484;2022 response standard with our ARC answering calls in an average of 4 seconds.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Zendesk uses the Voluntary Product Accessibility Template (VPAT), to publish an Accessibility Conformance Report (ACR), which documents an audit of our systems relative to WCAG 2.1 AA performed by a third party accessibility vendor.
• Onsite support: Yes, at extra cost
• Support levels: Peoplesafe offer 24/7 support through various methods. Such as 24/7 access to our FAQs website page for general queries, our e-learning training platform, product and service videos and guidance documents, a dedicated team of Customer Service Advisors and Technical Support Advisors Monday to Friday, as well as 24/7/365access to our Alarm Receiving Centre. Customer Support are available via call, chat and email Monday to Friday (08:00am until 6.30pm),excluding Bank Holidays. Our support lines are also routed to our ARC team to assist with any out of hours support for any urgent queries required. On-site support such as training, API integration and other consultancy is provided at extra cost depending on requirements and personnel needed- Please see our pricing schedule. Service Level Agreements: - Our Customer Support Team provide a 48 hour SLA on emails which are usually addressed same day and 30 seconds to answer telephone calls, during working hours. - Our ARC team consistently exceed BS8484:2022 response times with an average time to listen of only 4seconds. - Order Fulfilment teams often dispatch products same business day, depended on volume this may be up to 7 days.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Ensuring you receive the best return on investment, we will discuss training options and access during the implementation meeting. OurPRINCE2 certified implementation process is managed by a dedicated team and governed by regular review meetings. Flexibility is key to effectively onboard a variety of staff working in various roles, with differing risks. We offer a range of tools to assist the successful onboarding of our service. Our team provide these options but are not limited to: - 24/7 access to e-learning - Best Practice Guides - On demand training videos -Telephone Support - 24/7 access to Help Centre -Training-on-the-go via the app - Training presentations. Dependant on support package offered, your dedicated personal safety team can offer tailored e-learning, material, Train the Trainer, onsite training and remote training sessions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Online video tutorials
  • Powerpoint Presentation
  • E-learning
• End-of-contract data extraction: Peoplesafe are accredited to ISO27001, ISO14001, ISO9001 and Cyber Essentials Plus. Data is controlled by the customer through Nexus.
• End-of-contract process: We cease processing data and at the instruction of the customer, return the data or securely dispose of data. Devices are purchased on a lease basis and therefore returned at the end of the contract. Lost devices are chargeable at a rate depending on the contract negotiated. Any returns are disposed of in line with our WEEE registration. We will work with your team to ensure minimal risk to user safety.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our lone worker application is a native iOS and Android application. The management portal is through a browser which is enabled with mobile friendly views.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Our lone worker portal has been designed from the ground up with simple user functionality at the core. The service interface will allow users to navigate around their account dashboard, account structures and reporting sections using the intuitive interface buttons. Any changes made through the portal interface to users profiles, escalations or account structures etc will instantly take effect ensuring our ARC have access to the most up-to-date user information. There are key tooltips throughout the portal that will help guide and explain to the user more clearly what features and functions do within the portal.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Accessibility testing
• API: Yes
• What users can and can't do using the API: Our management portal Nexus is built with API in mind to streamline services and reduce administration. Customers can access a standard API or work with Peoplesafe to build customer APIs where possible.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: As a end-to-end provider we have complete control over the security, development and quality of our solution. As our customer, you can customise various elements of the solution to suit your needs, such as our management portal Nexus, the application, device configuration, your support requirements, training and escalation details. Training: our training packages are built depending on the customer's requirements. This can include targeted training content, sessions and material. This is discussed at implementation meetings. App: Ensuring ease of use, customers are able to customise the tiles on the app to ensure your users can quickly utilise the features you want. Features: Customers can customise how the service will work for your employees. Such as travelsafe, tracking, roaming sims and fall detection, this includes sensitivities and feature configuration. Nexus: Our portal is designed so that each individual customer can have the system customised for their specific requirements. The system features and services can be customised at different levels for regional, team or individual groups of users. The system is supported by Role Based Access Control to ensure data security. Examples of customisation: -Customisable reports via Nexus -Personalised alarm escalation instructions -Scheduled reporting for management-User position updates

Scaling

• Independence of resources: Our infrastructure is scalable to manage growing transaction volume. i.e. incoming call & data messages and its storage in alignment toISO27001 guidelines. The infrastructure supporting the services has been audited by an external assessor against the ISO 27001guidelines that covers its scalability. Regular real-time monitoring is conducted by our technical team to ensure the right balance between traffic and head room. Our management systems conform to ISO27001 and ISO9001 standards. Our solution is accredited to BS8484, BS9518 and BS EN50518. This ensures we are able to manage demand and capacity specified contracts and SLAs.

Analytics

• Service usage metrics: Yes
• Metrics types: We consistently over achieve against the targets set for response times in line with BS 8484:2022.Customers will also have access to usage metrics via customisable reports, including but not limited to: - Alarm status - Device Usage - GPS Location reporting - Incident Reporting - Management Reporting
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Our physical access controls are compliant with ISO 27001 and EN 50518 standards. All systems holding or communicating information are to be protected physically from unauthorised access. Physical protection of information is achieved by imposing layers of protection which prevent, detect and slow down attempted unauthorized access, combined with alarms which summon response. The preferred method of encryption for data at rest is whole disk encryption - CCTM certified andFIPS140-2 validated (we have implemented Minimum AES256 bit) technology for encrypting confidential and other sensitive data.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data export – customers can download data in XLSX format
• Data export formats: Other
• Other data export formats: XLSX
• Data import formats: Other
• Other data import formats: XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.95% uptime of service availability.
• Approach to resilience: Our platform is built to be highly resilient with all services being replicated to 3 separate datacentres. We regularly test the resilience prior to any platform updates and during a real incident several months ago the fail over functioned as expected maintaining our platform uptime since launch at 100%
• Outage reporting: Our technical team monitor services on a daily basis with in-depth real-time monitoring tools which allows the team to respond immediately to alerts raised (if any). Where there is any major disaster we will communicate via email alert to key customer contacts. The user list is reviewed on a regular basis to ensure the relevant contacts are informed. Notifications are also available via our service status website on our website.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: SSO with Microsoft credentials
• Access restrictions in management interfaces and support channels: Access is restricted by permission based access privileges and user authentication. Each customer account is created with a top level account and assigned a unique Account ID to which access to the Peoplesafe Portal is granted to the authorised account personnel who would then administer the access to the desired end users to manage their user data. To manage the Peoplesafe Portal, a user needs the correct permission level; a login with a Group Admin permission level. If the customer wants a user to have no access to reporting functions, they would select a permission level that has Restricted Reports.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amtivo Group Limited
• ISO/IEC 27001 accreditation date: 12/08/2022
• What the ISO/IEC 27001 doesn’t cover: N/A - our ISMS and IS Policy is within the scope ofour ISO 27001:2013 certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Sysnet Global Solutions
• PCI DSS accreditation date: 13/08/2020
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Secured by Design
  • BS EN 50518:2019
  • ISO27001
  • ISO 19001
  • BS9518:2021
  • BS8484;2022
  • BS14001
  • DTAC

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 9001, Cyber Essentials Plus, GDPR, EN 50518, BS 8484, BS 7858, BS 9518
• Information security policies and processes: Our IS policies and procedures establish our processes and are set out to comply with data protection and privacy legislation and our ISMS manual in line with ISO 27001. The detailed policies and procedures are divided into the following sections as per the control set/clauses stipulated in ISO27002:2013 – 1) Information Security policies (Clause 5 - ISO27002:2013) 2)Organization of Information Security & Policy Management (Clause 6 - ISO27002:2013) 3)Human Resource Security & Security awareness(Clause 7 – ISO2002:2013) 4) Assets Management and Classification (Clause 8 –ISO2007:2013) 5) Access Control (Information and Data Security) (Clause 9 – ISO27002:2013)6) Cryptography (Clause 10 – ISO27002:2013) 7)Physical & Environment Security (Clause 11 –ISO27001:2013) 8) Operations Security Management (Clause 12 – ISO27002:2013) 9)Communications Security Management (Clause13 – ISO27002:2013) 10) System Acquisition, development and maintenance (Clause 14 -ISO27002:2013) 11) Data Breach Management(Clause 16 - ISO27002:2013) 12) Disaster Recovery and Contingency Planning (Clause 17 -ISO27002:2013) 13) Compliance (Clause 18 -ISO27002:2013)

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: In line with ISO27001 & Cyber Essentials. Our approach to patching and upgrade frequency is completed by Azure and we perform checks. Security assessment of changes - annual penetration tests. Training/documents are held in dedicated help centre for all customers to access. Any bespoke documentation can be reviewed/update in agreement with the customer. Acceptance of changes, we have a UAT process in place which covers such scenarios. Any significant changes as part of any release is communicated to the customer with additional prewarming provided before release. Licensing implications are applicable as they are based on the number of subscriptions purchased.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Industry leading security tools are in use for the effective protection of our network. We complete vulnerability scans monthly and Penetration test annually. Zero-Day ransomware protection, Mobile Device Management for real time third party and software patch management in line with the latest patch databases. Our Technical team also monitor our infrastructure on a regular basis and conduct manual scans to ensure no patches are left incomplete. All patches are approved by the Technical Managers and patches are scheduled to ensure no impact to services.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: In line with ISO27001 compliance, Peoplesafe monitors services provided to customers. Such procedures are conducted to support Loss Prevention: - Monitoring solutions in place to ensure effective user alarm managements by our Incident Management Centre 24/7 - Information Security Incident Management - Audit logging on our user portal allows account administrators to effective manage their account(s) - Intrusion Detection and Prevention on our perimeter firewalls - Ongoing internal staff training to ensure the quality of service to end users A dedicated Information Security group who govern all information security events and advise the business on the necessary actions including improvements.
• Incident management type: Supplier-defined controls
• Incident management approach: Our IS Policy (section 13. Information Security Incident Management), details the procedures for what action to take in the event of a breach. Our IT Manager/DPO is responsible for managing the incident and reporting. Peoplesafe would expect to report this to customer authorised representative(s) and IG lead/DPO. The person who discovers/receives a report of a breach must inform the relevant line manager/Head of Department. The investigation should be completed as the highest priority in the organisation and wherever possible within 24hours of the breach being reported. Notification of the breach should be reported to the ICO within 72hours.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Peoplesafe recognises that whilst its operation is an office-based service orientated business, operations result in general emissions to air and generating waste. As a responsible provider, We are accredited to ISO14001, and we are committed to leading the industry in minimising the impact of its activities on the environment and operating in an environmentally responsible manner. Peoplesafe’s aim is to reduce the amount of landfill waste it generates and ensure all waste is recycled where possible. • We produce dry mixed waste, predominantly paper and cardboard. Each department is provided with recycling bins and employees are trained to sort their waste. All bins are collected by Epsom & Ewell Borough Council. • Stationery and office suppliers are used conservatively. Operating a paperless office, staff are encouraged to only print when necessary. Toner cartridges are only purchased from suppliers who operate a ‘return and recycle’ policy. We review packaging used by suppliers and opt for those who use less where possible. • As a company we generate waste electrical or electronic, we have a responsibility to comply with WEEE Regulations (2013) and The Environmental Protection (Duty of Care) Regulations 1991. As such, Peoplesafe are WEEE registered. We use a registered waste carrier to remove electrical waste and keep a transfer note when waste leaves the business. Peoplesafe are working towards the following initiatives: • Carbon Net Zero by 2030 •Internal eco-friendly month • Promoting food recycling • Environment building survey • Review packaging to consider alternative materials •Review supply chain to mitigate, reduce or offset negative impact

  Tackling economic inequality

  Working closely with our local job centre in Epsom, we have provided two kickstart placements; one within our Marketing team and one within our Operations team. Supporting the Voluntary and Community Sector Our Social Committee drives our social objectives throughout the business, such as hosting career talks in local schools and colleges, holding events for our nominated charity of the year and providing apprenticeships and work experience. Peoplesafe’s Social Committee decide each year, which charity the business will support. In 2018,we supported the Domestic Violence Intervention Project and in 2019, we supported the Rainbow Trust, raising over £1,700. In 2021, Peoplesafe have partnered with Greenhouse Sports, a London-based charity whose aim is to change the lives of young school children through sport. Peoplesafe staff have raised £1,235. Our employees have also participated in other charitable events such as The Big Warm Up, British Heart Foundation’s London to Brighton Bike Ride, Ride London (Cancer Research UK) and many more. Furthermore, we often work with key customers to offer other economic benefits such as donations of funds, resources or expertise in their local communities. We also provide CV support for young persons in local communities. Working with your framework users, we will design bespoke social, economic or environmental proposals on a case-by-case basis, to ensure we are supporting what’s important in their local communities.

  Equal opportunity

  Peoplesafe is an equal opportunities employer and recognises it is unlawful to discriminate directly or indirectly in recruitment or employment. We are committed to achieving a working environment which provides equality of opportunity and freedom from unlawful discrimination on the grounds of race, gender, marital status, disability, religion, age, pregnancy, gender reassignment or sexual orientation. Peoplesafe employ an in-house HR team to support our employees. With an open-door policy, employees are encouraged to seek guidance and support in a confidential environment. Gender Pay Gap: Peoplesafe are proud to have achieved agender pay gap of only 5.32%. We operate a number of internal policies and processes to ensure that we are conducting business in an ethical and transparent manner. These include: 1.Recruitment process. We operate a robust recruitment process, including conducting eligibility to work in the UK checks for all employees to safeguard against human trafficking or individuals being forced to work against their will. 2.Whistleblowing policy. We operate a whistle blowing policy so that all employees know that they can raise concerns about how colleagues are being treated, or practices within our business or supply chain, without fear of comeback. 3. We operate an equality and diversity policy so that all employees are treated fairly and in accordance with The Equality Act 2010. 4. ISO9001:2008. We adhere to the ISO 9001:2008standard including taking steps to ensure suppliers are audited as far as reasonably practicable. 5. Supplier process. Key suppliers are required to declare they provide safe working conditions, treat workers with dignity and respect, and act ethically and within the law in their use of labour.

  Wellbeing

  Peoplesafe apply the following employee benefits to address satisfaction and wellness. • Wellness Wednesdays - We post weekly 'Wellness Wednesday' updates through Yammer. We share practical wellness tips, resources and challenges to help keep employees well. Weekly topics range from home workouts to nutrition, mindfulness, connectivity, mental health and more. • Peoplesafe Pro App and our devices are an immensely powerful security tools. Every employee can use the Peoplesafe Pro app and/or a MySOS personal safety device for their personal safety •Peoplesafe offer employees a healthcare cash plan whereby staff can claim back the cost of dental check-ups, eye tests, physiotherapy and much more. This benefit includes 24/7 access to a mental health helpline, counselling, health assessments and a direct line to a GP. • Hybrid Working - We have introduced a hybrid model of working allowing certain roles to be performed between home and the office. • Cycle to Work scheme to help employees improve their fitness and general wellness • Increased annual leave entitlement year-on-year plus each employee can take their birthday off as paid leave • Death in service cover of 4 times basic salary •Deliveroo/Just Eat credit every month • Two company-wide social events every year plus other departmental gatherings to increase collaboration

Pricing

• Price: £1.20 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Peoplesafe encourage clients to trial all products, services and training solutions on offer for a real insight into how their contract will run. We suggest a two week trial following a discovery call with your team.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidsupport@peoplesafe.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.