HALLMARK SOLUTIONS LIMITED

Hark HR

Hark is a cloud-based, externally hosted HRIS, which includes a fully mobile and responsive Employee Self Service application. It is a powerful, workflow driven application containing 40+ pre-built workflows that automate each process with CIPD best practice workflows. Additional client specific can also be offered within this service.

Features

• Cloud based, externally hosted service
• Secure Data Management
• Fully responsive web application with any device connecting via internet
• Designed and developed in conjunction with web accessibility guidelines
• Data migration available with support from Hallmark Solutions team
• Audit log feature for changes to records and workflow cases
• Admin panel incorporating multiple levels of access control
• Fully mobile and responsive Employee Self Service option
• Information reporting functionality with secure monitoring, statistics and analytics
• Training and support suite including telephone, online, manuals, and videos

Benefits

• 40+ CIPD best practice workflows
• Service configurable to client needs, including flexible access rights
• Notifications incorporated to provide appropriate user with necessary communication
• Set of inbuilt reports with customised reports also available
• Manager training on ESS/Portal and staff training on ESS
• Ongoing development for fixes and especially for client driven enhancements
• Ability to upload data into the system in various formats
• Range of utilities to update/change employee records, including leave

£0 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul@hallmarksolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

809451590056549

Contact

Paul Donnelly
02890812618
paul@hallmarksolutions.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Requires up to date browsers.
• System requirements: Up to date browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Non-critical fault response or query within 8 standard support hours of the Company being contacted.; Critical fault response within 4 standard support hours of the Company being contacted.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our support is high-quality and operates as a standard across all our services.; Non-critical fault response or support query within 8 standard support hours of the Company being contacted.; Critical fault response with 4 standard support hours of the Company being contacted.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users can be provided with online or onsite training.; Training incorporates training videos for HR, Manager and Employee and a manual.; Further training can be purchased at any time at the request of the user.; Full support function is also in place to resolve any initial service use needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Client data is available as csv output for each data screen. Field selections are available to establish reports for required data extraction.
• End-of-contract process: Contract is in place for period agreed with client and remains in place after expiry of the initial period unless and until (a) a party provides 12 months' written notice of termination, or (b) termination due to material breach of agreements that have not be remedied within 28 days of notification by the other party. ; ; Reports and csv files of customer data are available to extract data. This is undertaken by client and no cost is attached.; ; Formal process of handover by Hallmark Solutions to different service provider can be arranged. A cost may be attached to this.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No difference in service.; Hark is a fully responsive web application, with any device connecting via internet. Mobile phone, tablet, laptop and workstations are all compatible with the application.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Two aspects for API - for Hark and for integrations.; Hark API offers functions for users to operate on both the Admin app and the ESS app e.g. create / edit employees, create / edit workflows, create / update workflows cases, request leave, authorise leave etc etc. Roles are created to restrict access to what end-users can do in the apps; For integrations the API offers methods to support Time & Attendance or Payroll providers with integration to Hark. This will allow the sending and receiving of required information. Access to all methods is controlled by HMAC authentication.
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Workflow processes can be customised, offering flexibility in all HR methodologies for the service user.

Scaling

• Independence of resources: Service can auto-scale based on the requirements, based on user workload.; Also has individual database that is not impacted by service use by other clients.

Analytics

• Service usage metrics: Yes
• Metrics types: Via Google Analytics and statistics within application.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Client data is available as csv output for each data screen. Field selections are available to establish reports for required data extraction
• Data export formats:
  • CSV
  • Other
• Other data export formats: Pdf
• Data import formats: Other
• Other data import formats: None

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Hallmark ensures that the software confirms to all representations and descriptions of functionality and service made available to the buyer and that the software will operate to a 99.5% uptime availability level, excluding downtime for scheduled and emergency maintenance, which shall be notified to the buyer wherever possible, and scheduled to minimise disruption to the buyer's operations.
• Approach to resilience: This information can be provided on request.
• Outage reporting: All outages are reported via email to relevant service users within maximum 4 working hours.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All access for users, management and support is filtered. This ensures that access is restricted across our entire service delivery.; ; This filter method allows Hallmark Solutions to meet the various access requirements of all service users.; ; For example, only 3 Hallmark Solutions staff members who have the knowledge and skills to manage the service are able to access information that would be consider 'secret'.; ; Additionally all staff who manage or support any element of this service are security checked.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Centre for Assessment
• ISO/IEC 27001 accreditation date: 30/08/2024
• What the ISO/IEC 27001 doesn’t cover: Hallmark Solutions fully met ISO 27001 standards over period of 14 years. ; With new SaaS products being released, Hallmark Solutions took the decision early in 2023 to fully review all elements of the business, with an external review of all elements of ISO 27001 currently being completed.; This was to ensure all policies and procedures were fully compliant, fully implemented and fully representative of the changed state of Hallmark Solutions service delivery.; This review will be completed by summer 2024 with re-accreditation at that time.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Hallmark Solutions has an established Information Security Management System that meets requirements of ISO27001. This is used to manage risks and threats to information security which we may face in the operation of our business and in the delivery of our services. ; ; We ensure compliance with all relevant legislative, business and contractual security obligations.; ; We ensure that the information security risks, threats and vulnerabilities associated with our business are effectively identified, assessed and managed.; ; This includes:; - Meeting specific customer requirements and responding to customer need;; - Setting and monitoring achievement of specific information security improvement objectives;; - Closely monitoring the information security risks and threats which we may face and ensuring that suitable controls are in place and effectively monitored;; - Continually improving the effectiveness of our Information Security Management System;; - Continually striving to ensure we provide the most secure services to customers;; - Protecting the confidentiality, integrity and availability of all information which we hold.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Changes to information resources or application is managed and executed according to a formal change control process.; Details of all changes are generated and recorded on an on-line Version Control Form, and include the following information:; Change Control Form Number; Date Reported; Reported By; Client Version; Module/Function; Details; Enhancement/Bug Indicator; ; The control process ensures that changes proposed are reviewed, authorised, tested - including for potential security impact -, implemented, and released in a controlled manner.; The status of each proposed change is monitored by MD, Senior Management and Software Development leads at various stages in the change management process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Processes apply to all hardware, software and network assets.; Threats are assessed by internal test including routine scans of all services, websites, servers or devices. Service upgrades and enhancements are fully Quality Assured before version issue.; ; Vulnerability Reports are reviewed by system administrators.; Where necessary, response action is instigated immediately.; Critical issues are responded to within 4 standard hours of the company being aware of the threat.; ; Records relating to Vulnerability Management are retained for minimum period of two years.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All elements of our service are fully tested and quality assured for potential compromises. This is undertaken on a manual and automated basis before publishing to our own testing server.; ; Our team provide further investigation prior to version release to clients.; ; Additionally, an external security test is undertaken on at least an annual basis.; ; This process minimises risk of any potential comprises. Were such to occur, Hallmark Solutions has a full Incident Management Response procedure that is undertaken within maximum of 4 hours of any compromise or issue being identified. This timeframe remains in place over down days (e.g. weekends).
• Incident management type: Supplier-defined controls
• Incident management approach: Hallmark Solutions incident management processes confirm to standards ISO 27001.; ; Incident response is within 4 hours of the company being notified or identifying incident. Users can report incident by email or telephone.; ; Incident reports are issued to clients as a matter of policy. These are issued in pdf by email.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  This service is:; - Flexible and can be tailored to needs of new, small organisations. The efficiencies available will enable these businesses to focus on growth and the development of new opportunities.; - Reduced cost and time focused on HR needs will ensure new, small business owners can focus on income generation and reinvestment in the business.; ; - The use of this service will enable Hallmark Solutions itself to focus on growth, particularly for new entries to a high growth sector.; - Our use of apprenticeship schemes best illustrates our clear commitment to educational attainment and ensuring employment through and beyond the education period. We have a consistent introduction opportunity for younger people keen to enter a high-growth sector.; - We continue to focus on individual employees, supporting their individual development to ensure they can progress in their careers and be creative and entrepreneurial as they do so.

  Equal opportunity

  - Our use of apprenticeship schemes best illustrates our clear commitment to educational attainment and ensuring employment through and beyond the education period. We have a consistent introduction opportunity for younger people keen to enter a high-growth sector.; - We continue to focus on individual employees, supporting their individual development to ensure they can progress in their careers and be creative and entrepreneurial as they do so.

Pricing

• Price: £0 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul@hallmarksolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.