Capita Business Services Limited

Hybrid Mail (Capita)

Hybrid Mail transforms the time consuming and costly process of printing and fulfilling letters, forms and statements in an office environment, to an easy touch-of-a-button solution.

Features

• Web facing printing interface accepting PDF output
• Print driver accepting multiple document types
• Upload of singular documents or bulk files
• Authorisation hierarchies
• Tailored options such as output, postage type etc
• Ability to send digital communication rather than physical

Benefits

• Brand management - maintenance of brand across all documents produced
• Auditability - full audit trail from creation to despatch
• Channel of choice - ability to send email
• Cost reductions (up to 60% cheaper than franked mail)

£300 a transaction a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

826699802546392

Contact

Capita Business Services Ltd
08702407341
engagewithus@capita.co.uk

Service scope

• Service constraints: Would be discussed at time of solution design / demo.
• System requirements:
  • Windows 7, 8, 9.1, 10. 32/64 bit versions
  • Up to date web browser
  • Firewall updates

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 9-5:30 (UK time) - Mondays to Fridays - excluding UK Bank Holidays
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Determined by service provision and requirements detailed by client
• Support available to third parties: No

Onboarding and offboarding

• Getting started: User Guides provided as standard, training onsite / online / train the trainer also available.
• Service documentation: No
• End-of-contract data extraction: Dependent on the agreed service provision.
• End-of-contract process: Agreed and decided with client at requirements gathering stage - costed at this point.

Using the service

• Web browser interface: Yes
• Using the web interface: Intuitive interface, designed with selectable drop downs and document previews. Supported browsers are Internet Explorer 7/8/10, Firefox and Chrome.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: N/a
• Web interface accessibility testing: N/a
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Resource monitoring, scaling resources appropriately to our full client service offering.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • No of jobs, owner, delivery method,
  • No of SLA, packs, images, postage in detailed MI specification
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: HPOD

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Item level full application virtual machine
• Backup controls: Refer to service description.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95%
• Approach to resilience: Available on request
• Outage reporting: Email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: IP whitelisting, OOBM interfaces.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 23/06/23
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In line with ISO27001 requirements.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: ITIL change management
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Quarterly vulnerability assessments, 30 day patch deployment from vendor release for high and critical vulnerabilities, 90 days for medium and lower case. Information from NCSC and vendors
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: IPS at perimeter firewalls, centralised log monitoring, SIEM platform, anti-malware internal perimeter firewalls. Upon finding compromise we have a cyber-incident response plan that covers playbook scenarios on how to respond and react
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have pre-defined processes for common events, users report incidents to their dedicated client liaison, and these are recorded in a management system for investigation / corrective actions / creation of an incident report

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Refer to Service description.
• How shared infrastructure is kept separate: Refer to Service description.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Refer to service description.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Capita will work with buyers to find suitable initiatives that align with the social value theme of Fighting Climate Change during call-off stages of G-Cloud 14. These will be customised to meet buyers' specific requirements and fit with our overall environmental strategy. This ensures that the commitments we deliver are relevant and impactful for the specific community and stakeholders involved ensuring a legacy of social impact that is both achievable and meaningful.; ; Capita is dedicated to delivering environmental benefits as part of its services. We understand the need to work towards net zero greenhouse gas emissions and to support environmental protection and improvement. Our Net Zero Strategy aims to achieve operational net zero by 2030, operational plus travel net zero by 2035, and full net zero, including the supply chain, by 2045. The strategy involves switching to renewable energy sources, cutting travel emissions, and moving to electric vehicles for our fleet. Capita also wants to help our clients and suppliers in their environmental efforts, by providing technology and solutions that support environmental sustainability and by engaging in partnerships that advance climate action.; ; To inspire our 43,000 employees to work more environmentally sustainably, we introduced a new environmental standard in 2023, which sets out Capita’s environmental commitments and obligations and includes an environmental training module for all employees to back up the environmental standard and net zero commitment. We encourage our employees to use their one-day volunteer allowance to support environmental activity such as litter picks or beach clean-up days and will leverage existing relationships and programmes to fulfil our commitments.; ; To provide transparency and accountability, Capita has set up reliable measurement and reporting mechanisms. These include environmental targets covering energy, climate change, conservation, and biodiversity, which are publicly reported to track progress towards the net zero goals.

  Covid-19 recovery

  Capita's G-Cloud service provision is strategically positioned to support and deliver against the social value theme of Covid-19 recovery. The G-Cloud services facilitate a robust digital infrastructure that enables public sector organizations to operate with greater efficiency and resilience, which is crucial for ongoing recovery efforts. The provision supports social value by enhancing access to digital services, thereby promoting inclusivity, and enabling remote work and learning environments. This is particularly significant in addressing the digital divide that was highlighted during the pandemic, ensuring that all members of society have equal opportunities to access essential services and information.; ; Capita has undertaken various initiatives to aid in the recovery from Covid-19, focusing on supporting people and communities, as well as organizations and businesses. These initiatives include improving workplace conditions for safe operations, providing digital and financial support programs, and setting up virtual contact centre solutions. Additionally, Capita's Enterprise Risk Management ensures operational resilience, while wellbeing initiatives promote physical and mental health recovery.; ; Capita will work with buyers to find suitable initiatives that align with the social value theme of Covid-19 recovery during call-off stages of G-Cloud 14. This would include working with local communities and economies, especially through employment, re-training, and return to work opportunities, community support, developing new ways of working, and supporting the health of those affected by the virus, including those suffering from Long Covid.; ; We understand the need for sustainable solutions that not only respond to immediate crises but also build resilience against future disruptions. Our approach demonstrates a forward-thinking mindset, ensuring that the lessons learned from the pandemic continue to inform and improve service delivery for a more resilient and equitable society.

  Tackling economic inequality

  Capita's G-Cloud service provision will be designed to support and deliver against the social value theme of Tackling Economic Inequality by fostering an inclusive and diverse business environment. We will aim to create new businesses, jobs, and skills, particularly in high-growth areas such as STEM, and to increase supply chain resilience and capacity.; ; Capita will collaborate with buyers during G-Cloud 14's call-off stages to identify initiatives aligned to the social value theme of Tackling Economic Inequality. Tailored to the buyers' specific needs, these initiatives will integrate with our responsible business strategy, ensuring that our commitments are impactful for the involved community and stakeholders, fostering a lasting social legacy. Our approach includes creating apprenticeships, skills gap training, promoting remote working, and establishing offices in areas of deprivation to provide opportunities for disadvantaged groups. We have developed a framework for responsible automation, supported people within our communities to harness the power of automation, advocated greater diversity within the tech sector and promoted accessible digital skills education. Our commitment to inclusive recruitment and the use of a diverse supply chain, which includes small and medium-sized enterprises (SMEs), voluntary, community, and social enterprises (VCSEs), and mutuals, further demonstrates our dedication to reducing economic inequality.; ; Capita's supplier charter outlines equitable supplier relationships, and we are an active member of Business in the Community which reflects our ongoing efforts to identify and address inequality within our workforce and operations. With a significant portion of our supply chain (92%) comprising SMEs, Capita's practices promote greater use of these entities, thereby contributing to a more balanced economic landscape.; ; Through these measures, Capita's G-Cloud service provision will not only support the social value theme of Tackling Economic Inequality but also align with the company's purpose-led, responsible business ethos, creating better outcomes for society at large.

  Equal opportunity

  Capita champions Equal Opportunity, striving for an inclusive environment that mirrors the diversity of the communities we serve. We have recently been recognised as one of the top companies for women by Forbes, ranking at number 18 on their list and won the Race Equality Advocate award at Vercida's Inclusive Employer Awards. This is a testament to our commitment to diversity, inclusion, and equality in our workplace and in our society. Capita will work with buyers to find suitable initiatives that align with the social value theme of Equal Opportunity during call-off stages of G-Cloud 14. Our approach includes:; ; Increasing Representation: Capita is committed to increasing workforce diversity, targeting multi-year goals for disabled, gender, and ethnic representation. For example, to tackle racism and enhance ethnic diversity, we have set a target for our UK workforce to have 15% Black, Asian and minority ethnic and 5% Black representation across all levels of the organisation.; ; Inclusive Recruitment: Capita employs inclusive recruitment practices, advertising roles broadly and emphasizing outreach to hard-to-reach groups. This is complemented by partnerships with organizations like Forces Family Jobs and Vercida, the UK's largest disability-focused jobs website. ; Promotion, pay and reward processes: We recognise the contributions of all colleagues, supporting and paying them fairly for the work they do. Efforts to narrow gender and ethnicity pay gaps include monitoring diversity in senior management, targeting 60% women and 20% ethnic minorities on senior management shortlists, enhancing shared parental leave pay, implementing structured interviews, and promoting career growth through mentoring.; ; Training and Development: Capita provides mandatory training in equality, diversity, and inclusion, as well as unconscious bias training for all new employees, which is repeated annually. ; ; Capita's strategy is to create a legacy of social impact by providing equal employment opportunities to disadvantaged groups, offering in-work progression, and enhancing skills.

  Wellbeing

  Capita is committed to supporting and delivering against the social value theme of Wellbeing. We will collaborate with buyers during call-off stage to find initiatives that support the social value theme of Wellbeing. Our structured Group Wellbeing Framework, supported by our Group Wellbeing Policy and Standard, will ensure a consistent approach to identifying wellbeing needs and implementing appropriate interventions to address those needs.; ; We care about creating workplaces that safeguard, help and enhance the wellbeing of all our colleagues. We are committed to:; ; • Prioritising the wellbeing of employees and managing factors that may cause negative emotional, psychological, physical, or social impacts.; • Creating a culture and environment throughout Capita that actively supports and promotes wellbeing.; • Providing the necessary training and awareness to protect the wellbeing of our employees.; • Enabling working conditions and providing guidelines for those working remotely, to ensure our business activities are safe from a wellbeing perspective.; • Fulfilling current wellbeing legal and other obligations that apply to us wherever we operate and assuring compliance with our Group Wellbeing Policy and Standard.; • Listening to the wants and needs of our employees to ensure we provide wellbeing support that is valued by all.; ; Capita's Wellbeing Hub serves as a central place for employees to access advice, support, and information to manage their wellbeing effectively. It includes resources to support physical, financial, mental, and social wellbeing, such as Time to Change training, financial wellbeing apps, emotional resilience tools, and guidance for team managers on supporting employees. We also provide an Employee Assistance Programme, offering independent services including counselling and practical advice on personal or work matters.; ; Capita's approach to wellbeing is holistic, encompassing not just the workplace but also the wider community, ensuring that social value is embedded in every aspect of our operations.

Pricing

• Price: £300 a transaction a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We can provide users access to our test environment to review documents and their eligibility for Hybrid Mail - no communications are produced.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.