Skip to main content

Help us improve the Digital Marketplace - send your feedback

HEALTHTRUST EUROPE LLP

Catalog360

catalog360 E-Procurement marketplace is a highly featured-SaaS, yet simple to use suite of eProcurement tools that combine to provide a comprehensive procure to pay (P2P) solution. Built using the latest technology, catalog360 delivers an exceptional user experience. Incorporating catalogue management, eRequisitions, approvals, purchase order management, inventory control, and eInvoicing.

Features

  • Procure to pay (P2P) solution
  • eRequisitions - PEPPOL Compliant
  • Approval engine for complete overview of spending
  • Purchase order management - PEPPOL Compliant
  • eInvoicing - PEPPOL Compliant
  • Product information management - create items with unlimited digital assets
  • Approval chains and workflows - configurable to automatically generate audits
  • Integrated with range of ERP's, CRM's and Finance Systems
  • Contracted spend management that is mobile friendly
  • Spend control and management for any organisation

Benefits

  • Digital asset management tools- manage a range of asset types
  • Users can configure email and mobile approval chains
  • Invoice processing can be automated- support for cXML,PEPPOL,EDI document handling
  • Automatic checking of invoices against PO’s before releasing to Finance
  • Standard reports included.Users can customise report templates and export reports
  • Content managed data available that is clean mastered data
  • One stop shop for all buying needs using single signon
  • Carter compliant
  • PEPPOL Compliant
  • Advanced catalogue searching gives full control on spending

Pricing

£50 to £65 a licence a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at customercare@htepg.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

8 3 5 7 3 6 3 9 9 7 1 1 3 6 6

Contact

HEALTHTRUST EUROPE LLP Customer Care Team
Telephone: 08458875000
Email: customercare@htepg.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Sourcing and Finance Systems
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
No
System requirements
Internet Access

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 1 - within 1 hour
Priority 2 - within 4 hours
Priority 3 - within 1 business day All tickets are responded to within 1 hour of receiving.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Our chat provider provides accessibility standards
Onsite support
Yes, at extra cost
Support levels
A dedicated support desk is available to call or email in the UK to raise any issues or complaints. During Implementation a dedicated Account Manager is available to hand to ensure quick and easy deployment and training for all super users along with access to user guides.
On-Site support after implementation is charged hourly at a contracted rate
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our software offers a wide variety of configuration options to support common procurement functions. The Customer is able to use as little or as much of the system as they like due to the modular approach to the system. A customer can use their own Finance systems to punch out to for internal approvals and use catalog360 as the master cataloguing system.

Catalog360 has been developed to enable rapid deployment of the services available on G Cloud, using self-service facilities where possible.

PunchOut Catalogues can be populated with rich product data using a zero touch Data Loader, or send vendor managed catalogues for approval by procurement management

Suppliers can manage their Orders and Invoices and ensure they can confirm an order when received on the portal.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Videos
  • Word
End-of-contract data extraction
Full access to all data using the online reporting tools built into the system. Additional paid service available to export data into customer formats as required.
End-of-contract process
Head of department is contacted 3 months in advance of contract end or customer can contact us to terminate the contract 3 months in advance.
Catalog360 would work closely with the customer to enable a smooth and secure transition at the end of the contract so the process covers complete data migration.
Read only access can be provided for a small fee after the end of contract if required or customer can extract all data using the built in reports before contract ends.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mostly used for approvals via a mobile device for easy request and invoice approval on the go
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
We provide an easy to use, intuitive user interface that we train super users on to setup and get the most out of the system.
Accessibility standards
None or don’t know
Description of accessibility
Using the web browser the user can change accessibility features and our site will understand those and respond
Accessibility testing
We have not currently performed testing of assistive technology, but our software platform uses standard web technologies and expressly avoids proprietary formats that would prevent assistive access.
API
Yes
What users can and can't do using the API
All services are setup for a registered user using our internal API's. There are API's for EDI and CXML inbound services where orders and invoices can be sent directly into the system without manually creating in the UI. We also allow the ability to punchout directly from 3rd party source into our purchasing basket.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our software offers a wide variety of configuration options to support common procurement functions. The Customer is able to use as little or as much of the system as they like due to the modular approach to the system. Customers can also request specific customisation that we build into the modular structure. Any customisation requests are assessed to usability beyond the requestor, and may be built free of charge if there is a perceived demand

Scaling

Independence of resources
Service performance monitoring is used to establish provisioning criteria. Performance monitoring includes metrics at a systems level, as well as application performance such as request time and database query duration. Given the real-time nature of the software, adequate overhead is given a high priority.

Analytics

Service usage metrics
Yes
Metrics types
There is real time dashboards available to view requests, orders and invoices within the system.
All metrics can be downloaded in various formats so that the data can be manipulated or connected to PowerBI.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
A data loading and extracting tool is available to all customers which is user intuitive.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Xls
  • Xlsx
Data import formats
  • CSV
  • Other
Other data import formats
  • Xlsx
  • Xls

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Our aim is 99.9% availability
Approach to resilience
Our equipment that holds our software is housed in data centres with n+1 levels of resilience.
Outage reporting
Public Dashboard and email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Restricted access with 2-factor authentication across secure channels using TLS/VPN encryption.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials Plus
Regular Audits to ISO27001 Standards
Information security policies and processes
The Company follows best practice information security policies and processes for the industry. It is the established policy of catalog360 to operate within the requirements of a documented Information Security Policy statement as a means to comply with all statutory, regulatory and contractual requirements, and, to protect the interests, property and information of the company, and of its clients and employees, against threats or loss.

In pursuance of this policy its stated requirements have been implemented together with the specified requirements of the company’s associated information security and computer system access management.

The purpose of this Information Security Policy statement is to describe how security is implemented, to give guidance to our employees whose actions can affect the confidentiality and integrity of the business, its product and services, and, to illustrate the overall commitment to security issues within our company.

The Information Security Policy is maintained by audit and review in order to provide effective assurance that all aspects of company, employee and customer specified security requirements are being implemented.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Servers are set to automatically install critical security patches nightly and scheduled patches based on release cycle. Any changes to services are vetted for security impact at the planning and implementation stages. Catalog360 follows an Agile approach to all system changes which go through a rigorous cycle of development, QA testing, UAT testing and Release.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Security managers monitor and evaluate security bulletins for application components. If possible the component is updated, and if an updated is not immediately available, a patch or mitigation is applied within 72-hours. Daily vulnerability scans completed and reviewed.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Preventative monitoring is used to identify potential compromises. When discovered, compromises are responded to within 24-hours.
Incident management type
Supplier-defined controls
Incident management approach
We maintain a security point of contact. Any security related matters are forwarded to the security POC. Cases are raised where they are contained, classified and resolved. Incident reports are emailed to affected customers.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

The Catalog360 platform is a digital cloud service to support supply chain and e-procurement processes, reducing organisations carbon footprint through digitalisation of paper processes. The organisation is working towards net zero through reducing and offsetting carbon emissions.. E-procurement with catalog360 not only means that the users are changing away from paper based procurement but we offer an integrated approach to procurement and technology. By building the requirement for enriched content and electronic trading directly in to the contractual relationship between customers and suppliers a five way match is possible all in one portal.

Covid-19 recovery

The Catalog360 platform has been used in public and private hospitals to assist in their Covid recovery efforts through supporting the supply chain processes for requisitioning, ordering and invoicing.
Users can get access to over 300,000 items that are vendor supplied, validated and cleansed. All of our Healthcare suppliers’ products are also clinically led and checked for quality, safety, service and price, so you can be confident that you are always getting the best value products. Catalog360 has a complete 5 way match like no other bringing Management, Procurement and Finance teams together along with the supplier community. In the pursuit to Covid-19 recovery and the new ways of working a one stop portal for all your staff means everyone can see exactly what has been ordered, when, where and how.

Tackling economic inequality

Catalog360's licensing model allows SMEs access to an enterprise grade platform through an accessible pricing model, encouraging entrepreneurs and new businesses to enter the market to support the public sector, who may not traditionally be able to without an enterprise grade platform for e-procurement and supply chain management.
Catalog360's product incorporates features that were built specifically to enable public purchasing agents to provide opportunity to always buy products that are of quality, safe, excellent service and at the right price. In addition to straight forward economic contracting, the system also supports a Sourcing module that can prioritise any number of socio economic goals or programs.

Equal opportunity

Catalog360 is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

Wellbeing

Mental health, good working conditions, flexible accommodation, and financial participation in company wide success are all central to Catalog360's employer-employee relationship. Reacting to the changing workplace, catalog360 has been ahead of the curve with a flexible work-from-home enabled workplace for more than three years.

Pricing

Price
£50 to £65 a licence a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at customercare@htepg.com. Tell them what format you need. It will help if you say what assistive technology you use.