Lantum Ltd

Doctors Rostering System Compliance (DRSC)

DRSC provides clinical staff scheduling functionality by ensuring specific terms and conditions; automating the checking staff with individualised rotas, calculating pay and creating generic work schedules automatically, augmenting workforce planning, providing exception reporting to ensure safe working hours, and reducing the administration burden on Guardians of Safe Working.

Features

• Assists with the design of work patterns ensuring compliance
• Ability to calculate the pay associated with work patterns
• Automated generic work schedule creation
• Facilitates use of exception reporting to ensure safe working hours
• Dashboard reporting
• Full customisation
• Pre-emptive compliance while work patterns are being generated

Benefits

• Exception reports can be made and managed on app
• Counts of hours and duties enable fairness and compliance
• Work patterns designs are customisable by organisation differentiating duties
• Shows managers and doctors exact pay details
• Login details are generated by users not medical staffing
• Enables GoSWH to filter exception reports and download board reports
• Individualised work pattern creation tools (e.g. less than full time)
• Enhanced version control of work patterns
• Specific contract assignment influencing how staff is managed in system

£25 to £100 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@lantum.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

738507786768718

Contact

Melissa Morris
0203 771 8411
tenders@lantum.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Our service is hosted entirely by us, so buyers do not need to run specialised hardware.
• System requirements:
  • Web browser
  • Internet connection
  • IOS (for the app)
  • Android (for the app)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: First reply time is 90 minutes (Urgent, High, Normal) and 24 hours (Low). Next reply time is 6 hour (Urgent), 12 hour (High and Normal), 48 hours (Low).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: DRS offers an all-inclusive support model (fair usage applies) for CRS to system administrators. Support can be accessed via Email, Phone, and helpdesk portal. End users can also access support guides and materials via the helpdesk portal.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A comprehensive implementation plan is created and a training process is followed for new customers. Each is designed with an NHS Trust’s unique requirement in mind.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extracts will be provided in agreed formats on termination, if requested.
• End-of-contract process: Software would be available for the length of the contract for all services. Two months before the end of the contract, clients will have the opportunity to renew. If they do not wish to renew the contract, access to the platform will be revoked at the end of the contract period.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our mobile app's interface and service has been optimised for clinicians on the go in order to improve usability; however, all functionality is the same. All functions are available on both desktop and mobile services. Many functions are optimised for desktop or mobile, depending on their use case.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Lantum has been designed with constant input from user experience engineers, to ensure a more accessible product and service. The service has multiple entry points, depending upon your unique role and system permissions. Administrators and roster managers utilise separate areas to rostered staff, with each platform component optimised for their unique use cases. Please see our website for more information and for examples of the service interface.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Accessibility has been designed into the platform from the first stages of design, with all use cases measured against WCAG standards (WCAG 2.1). DRS-C undergoes regular browser testing, with high priority updates being fed directly to the development team for inclusion within the next sprint cycle. This includes tests for system accessibility.
• API: No
• Customisation available: Yes
• Description of customisation: DRS-C can be customised in a number of ways. The primary customisations are found within the system settings, and these will allow an organisation to configure the items these include and are not limited to: ; - Organisation accessibility settings, including system iconography; - Pay structures; - Exception report reasons, actions, and outcomes; - Staff Contracts

Scaling

• Independence of resources: Lantum operates on scaling, cloud-based architecture, so the software remains performant regardless of the number of active users. Updates and upgrades are managed to prevent downtime and performance issues. Any scheduled maintenance will occur at an agreed time and will usually last no longer than an hour. Lantum is hosted on Amazon Web Services which ensures a secure cloud services platform that can be grown with demand.

Analytics

• Service usage metrics: Yes
• Metrics types: User activity, system load and capacity
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Data at rest protection approach:; ; Role based authentication, Redundant backups offisite (encrypted), Minimum level of access permission strategy, Encryption of media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can view and print their data on the site, and can request data extracts from our service team.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: This can be discussed as part of contract negotiations with a guaranteed availability 99.9%.
• Approach to resilience: Our services are hosted on Microsoft Azure cloud hosting platform with automatic load balancing and no single points of failure. Real time backups allow data restoration to any point in time.
• Outage reporting: Email alerts and via telephone support

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: All actions are logged and auditable by our technical oversight staff.; ; Access to the system is controlled through roles and permissions that can be given to users as appropriate. Pages and information are only available with the appropriate system roles. These roles & permissions also apply to the system administration features.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certified by CIS - Certified International Systems
• ISO/IEC 27001 accreditation date: 23/11/2018
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have a Data Protection officer who reports to the ICO and the board, we have ISO 9001, ISO 270001, Cyber Essentials Accreditation and are fully GDPR compliant.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Security is built into our secure development processes and applied throughout the engineering life cycle. This includes at inception of a change through to continual testing after release. We retain an audit record of the changes made and deployed for all services
• Vulnerability management type: Undisclosed
• Vulnerability management approach: As part of our ISO27001 process, we actively assess threats to our service and adopt security principles. Our services are continuously monitored for threats and patches are deployed based on severity.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Our monitoring processes are compliant with ISO27001. We have a number of automated and manual monitoring processes in place. This includes alerting for infrastructure and application changes. Potential compromises follow our incident and/or data breach process. Incidents are responded to based on severity/priority.
• Incident management type: Undisclosed
• Incident management approach: Incidents are all reported internally and logged in our central knowledge base, including a full post-mortem and follow-on steps to ensure the incident doesn't reoccur. Users report issues via customer support who will in turn raise an incident if it meets the agreed criteria. Incidents are reviewed and reported on a monthly basis.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Wellbeing

  Fighting climate change

  Our company recognises the need to protect the natural environment. We will always follow best practices in reducing, recycling and reusing to avoid unnecessary resource use or waste. ; ; Lantum is based in a WeWork shared office space. WeWork's flexible office space enables the use of high-quality items while maintaining them for long-term use. By sharing, various resources can be used efficiently to cut waste. ; Co-working enables Lantum to reduce carbon emissions by encouraging carbon-friendly transport through a Bike to Work scheme and the location of the office to public transport hubs (Fenchurch Street station, Liverpool Street station, Old Street underground), numerous bus routes, walking paths and well served by bike lanes. ; ; Because coworking spaces are shared, they typically provide shared office equipment, such as scanners, meeting rooms, printers, computers and coffee machines. Allowing for the sharing of resources in this way reduces waste production and promotes circular economy principles. When you share a coworking space, you reduce your energy output. In fact, the EPA report suggests that sharing a workspace with three or more companies reduces energy consumption by almost 30%. ; ; WeWork has excellent waste management solutions in place that significantly reduce waste and encourage collaborative recycling efforts. WeWork uses stainless steel cups for their water machines and hand driers in the toilet facilities. They also have experts who take care of their IT recycling when computers, scanners, and printers are no longer working. This ensures all electronics are expertly and correctly recycled and that proper data destruction guidance is adhered to.

  Covid-19 recovery

  Lantum offers flexible and hybrid working opportunities as the default option. We prioritise people. Our work schedules balance the needs of customers, stakeholder and colleagues, as well as ourselves. Whilst site visits are available, all services are optimised for being supported remotely, reducing the associated travel to ensure that COVID has minimal impact on the delivery of our services. This includes flexible working strategies, supporting staff and client well-being, remote working and remote delivery, and promoting mental health awareness. Furthermore, we accommodate short-term unpredictable changes within our delivery plans to minimise the risk of sickness and pressures on public services.

  Wellbeing

  Lantum is committed to ensuring that our practices and operations:; ; - do not risk the health and safety of our employees and community; - encourage community spirit and development; - support diversity and inclusion; ; We are dedicated to protecting human rights, and as a committed equal opportunity employer, we abide by all fair labour practices. We will ensure that our activities do not directly or indirectly violate human rights in any country (this includes reviewing our supply chains to ensure they support our ethical standards).; ; At Lantum, we have built a culture where people can be their true selves and work as they are, regardless of industry sector, race, gender, political or religious beliefs, sexual orientation, or disability. To promote an inclusive environment, we actively support women's work styles, women entrepreneurs, and educational activities in LGBTQ+, as well as creating a space that values the diversity of our staff. ; ; We are committed to ensuring Lantum is a welcoming and enjoyable place to work. ; ; As an increasing number of workers are demanding hybrid work that provides flexibility and better meets their needs (according to Forbes, ‘87% of Americans want to work in a flexible environment [and] 62% of workers reported being more productive when working remotely’), we provide the ability for our staff to work flexibly as needed. ; ; We also understand the need to offer additional physical and mental health support to our staff. As such, we provide all staff with access to physical health support via HealthShield and mental health therapies via Spill. Further, we have trained a number of our staff to be Mental Health first aiders and available to colleagues as needed.

Pricing

• Price: £25 to £100 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free or trial versions of the platform will include all associated services, with a pre-agreed time period for system access.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@lantum.com. Tell them what format you need. It will help if you say what assistive technology you use.