dbRotas
dbRotas is a specialised web based rostering system that can auto-generates bespoke clinician rosters around requests, preferences, training needs and service provision.
dbRotas also provides a location based rostering service that auto-generates clinician to different clinical locations and reports on daily activities.
Features
- Auto-generation of bespoke clinician rotas
- Leave management and system
- Automated locum generation
- Self rostering facility
- Training program allocation
- Real time compliance checking
- Exception reporting system
- Automated location based rostering
- Location reporting
- Job Planning
Benefits
- Reduction in time to generate rosters
- Improved morale and wellbeing of clinicians
- Improved rostering of less than full time clinicians
- Fair allocation of leave for clinicans rotating through departments
- Improved attendance for clinicans to attend training programs
- Reduction in locum requirements to cover gaps
- Real time alerts of potential contractual compliance violations
- Optimization of staffing levels across a department and locations
- Automatic clinican notification regarding shift/location changes
- Easy to access job plans and roster on multiple devices
Pricing
£5 to £20 a user a month
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 8 2 1 3 9 5 6 7 1 4 9 2 3 1
Contact
DBROTAS LTD
Daniel Barry
Telephone: 07804594823
Email: help@dbrotas.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
Requires internet connection and browser to view rotas
Planned maintenance and updates are primarily out of hours - System requirements
- Web Browser e.g Chrome/Firefox/Safari
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 24 hours. Support provided 7 days a week
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
The following is included as part of the licence fee: Virtual meetings or telephone consultations can be organised directly through the platform via the booking system into client/end user chosen time/dates.
Virtual meeting links will then be sent to the designated individuals.
Email support available to all.
Technical account manager assigned to each department for continuity.
In person teaching/setting up service available for an additional fee. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
The following is included as a part of the licence fee:
End user (administrator) and client: Initial introduction meeting with clients/administrators regarding the set-up of clinicians on the rotas, work schedules and shifts with a brief overview of the live system.
This will be accompanied with a how-to written guide with a checklist.
Subsequent meeting covers the generation of the rota the live system functionality.
Last meeting covers a debrief of any areas for feedback and bespoke alterations.
At any point along the way if are any questions not covered in the above, the appointment system can be used for a support call or email for advice.
End user (clinician): A set by step how to guide in written form or an alternative in video format. Email support available on request.
Onsite training can be arranged for an additional extra fee. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- All current rosters exportable as .pdf file.
- End-of-contract process
-
The contract includes the export of current live rotas as .pdf file to include shifts, locums, locations and logs to the end of the contract.
Data sanitation occurs as per terms and conditions and agreement.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Mobile site can be accessed by end users (clinicians) to view shifts, submit leave requests, request shift swaps and apply for locum shifts. End users (administration) is best done on a desktop screen, but administrators can view the rota and approve shifts/message users on a mobile device.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
-
DbRotas service interface features a landing page with a series of dropdown options from a main menu.
Pages throughout the site contain different customisable administrator settings for end users (clinicians), rotas (shifts and dates) which are displayed in tables. Live rotas or locations are displayed in tables that permit users to make amendments with a log of changes. Personalised view options available for each administrator. - Accessibility standards
- WCAG 2.1 A
- Accessibility testing
-
DbRotas has performed testing with consideration for end users/administrators and offers end users personalisation/options to improve their accessibility as per WCAG 2.1 A.
This includes but is not limited to the personalistion of:
- Text colour
- Font size
- Zoom without loss of functionality
- Video, audio or written assistance for support
- Accessibly by keyboard only use - API
- Yes
- What users can and can't do using the API
- API is in development to allow interoperability between other rostering and leave management services used within the NHS. API will be finalised once NHSE publish the specific requirements required for interoperability. Further information is available on request.
- API documentation
- No
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Multiple facets of the platform can be customised both by administrators and end users. An example includes custom rota questions such as number of night shifts preferred to work in a row.
Each end user (clinician and administrator) has a preferences section for their account regarding their accessibility and notifications options.
Scaling
- Independence of resources
- Cloud based architecture with scalability and load balancing.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Statistics covering the following domains:
- Leave approval
- Sickess/abscence
- Locum requirement and filled rates
- Location based utilisation
- Exception reporting
Comprehensive package bespoke to departmental or trust wide needs.Further service metrics are avaiable on request for an additional fee. - Reporting types
-
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
End users (clinicians) can export their data as an .ICS file to allow export to other calendar devices.
Administrators can export the rotas as a .pdf for printing. - Data export formats
- Other
- Other data export formats
-
- ICS File
- Pdf file
- Data import formats
- Other
- Other data import formats
-
- Pdf file
- Excel workbook
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
0–10 hours: No refund.
10–24 hours: 30% of monthly payment.
>24 hours: 100% of monthly payment. - Approach to resilience
- Available on request.
- Outage reporting
-
System monitoring services in place that ensure any downtime is highlighted quickly via a dedicated dashboard on the site.
In the event of an outage each end user (clinican, rota administrator, client) will be informed via email and updated and if requested, a pdf of the most recent backup of the rota.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- The system provides the client multiple levels of privileges to data access and utilises the role-based access control model (RBAC). Each user is allocated a corresponding level of data access using the principle of least privilege to assign privileges dependent on the users’ role, seniority and department.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- Microsoft Azure ISO/IEC 27001 certification
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- DbRotas system is ‘secure by design’. The full details of the information security governance policy can be sent to interested parties upon request. The appointed security and data protection officer undertakes quarterly audits of the parameters in the security governance policy, team and client. Risk managment by the appointed team occurs as a part of change management on potential impact and likelihood of occurance and implementing appropriate controls to manage them effectively.
- Information security policies and processes
-
DbRotas is ‘secure by design’. Information security forms a part of the information security governance policy that is available to interested parties upon request.
Quarterly audits are undertaken by the appointed security and data protection officer to ensure the information security policy is upheld to include risk assessments of current and potential change, data access (team and client), processing, transfer, storage and sanitation. In the event of a security breach all affected users will be informed via email.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- DbRotas configuration and change management approach utilise a change request tool. This can be sent to interested parties upon request. The main headings are: change request, reason to change, impact and risk assessment tool to continue and to change and security assessment. The change management team review requests and use a closed loop communication to the change request. These are logged and audited.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
DbRotas regularly monitors for vulnerabilities and aims to indetify vunrebilities early, tirage and minitigate risk.
Rating of vunerability is classifed and addressed within the following timeframes:
- Red risk: patch repair to be deloyed within 7 calander days.
- Orange risk: patch repair to be deloyed within 14 calander days.
- Yellow risk: patch repair to be deloyed within 30 calander days.
These are aligned with the National Vulnerability Database Vulnerability Severity ratings (red- high, orange - medium and yellow - low). - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
DbRotas undertakes quarterly audits undertaken of reports of potential compromise and annual penetration testing.
Real time threat information and alerts provided by Cloud provider.
Response to potential compromise follows the information security policy that is available upon request.
Responses to incidents occur within 24 hours of potential breaches. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Incidents can be reported by clients or end users ( clinicians or administrators) using the inbuilt reporting system. These are responded to by the security and data team using the incident reporting tool that utilises closed loop communication. These are emailed back to the reporting user.
Communication to affected users will be via email, telephone or virtual meeting within 24 hours, ICO update as required along with regular updates on the dashboard to inform of updates.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
WellbeingWellbeing
dbRotas contributes to the wellbeing of the clients end users (clinicans) by promoting a more efficient, transparent, and flexible approach to rostering, allowing clinicians to maintain a healthy work-life balance.
For the dbRotas employees, the wellbeing of its team is a key principle of the company's ethos.
dbRotas offers flexible work hours and remote work options to the team; this includes encouraging the team to take regular breaks and minimising the need to overwork to help improve wellbeing and reduce the risk of burnout.
For the team, there is also the option to attend regular team based wellbeing sessions which may be meditation or yoga sessions.
The team are encouraged in their self-development by attending courses, certifications as well the end of year team awards.
Pricing
- Price
- £5 to £20 a user a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Free trial of system includes the set up, generation and live system use of one roster/set of rosters in a department.