Coplug D&T Ltd

Sidm Systems

Sidm Systems is a location data analytics GIS based SaaS platform that provides targeted insights for planning of places, services and infrastructure. Sidm Health, a sub-product of Sidm Systems provides data driven insights and forecasting to support healthcare estates, services planning and population health-management.

Features

• Scalable AWS cloud location-based data analytics platform
• Fully managed services that are automatically and regularly updated
• Customised role, service and geography based data insights and interface
• 1million+ combination of maps and insights across range of indicators
• Inbuilt benchmarking and trends analysis across services and geographies
• Inbuilt industry validated forecasting algorithms with manual user inputs
• Robust calculator framework to simulate scenarios with user manual inputs,
• GIS map based interfaced with integrated statistics dashboards
• No code create digital report function
• Upload user data and export data functions

Benefits

• Support data driven decisions making across multiple stakeholders
• Single platform integrating health, housing, wider determinates and transport data
• Analyse health of a community and links to healthcare estates
• Understand the drivers and risks to support better outcomes
• Identify trends in activity, diseases and patient flows and behaviour.
• Analyse the direct impact of growth and housing on services
• Direct insights from R&D led algorithms developed with governments organisations
• Readily available insight accommodating varying levels of data availability
• Intuitive map dashboard interface for varying levels of digital readiness
• Generate map and statistics based digital stories and reports

£3,000 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@coplugdata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

872478647251079

Contact

Darshana Chauhan
00447581262906
contact@coplugdata.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: There are no constraints for buyers.
• System requirements:
  • A standard broadband internet connection
  • Modern web browser: Safari, Firefox, Chrome, Edge

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Responses are providing within 1 working day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: We provide one level of support and this depends based upon the implementation and licensing period. Support costs are described in our pricing document.; ; Each enterprise client will have a dedicated project manager assigned.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The SidM Systems application has been developed to be intuitive by design. ; ; For onboarding, we work with you on a deployment plan, which can be the whole or a subset of the following:; ; 1. Engage with key stakeholders; ; 2. Complete Service Level Agreement (SLA); ; 3. Information Governance and security readiness assessments; ; 4. Organisation technical readiness; ; 5. Operational readiness; ; 6. Deployment; ; Online training is provided via the implementation phase free of charge.; ; Training materials are available as documents and in video format.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data provided by clients is deleted at the end of the contract following a 30 day grace period following the contract end date. Processed data can be extracted within the contract period via the product interface.
• End-of-contract process: Prior to contract end, contact is made to understand if the client wishes to extend contract. A grace period of 30 days is provided once the contract expires. Client data is deleted after the grace period if the contract is not renewed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile version has limited analytics capabilities.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: This is available from within the SidM Systems product.; ; Support is provided via a form within SidM Systems that users can complete. ; ; Raised issues are sent to Coplug support directly.
• Accessibility standards: None or don’t know
• Description of accessibility: Users can access maps and charts across the product. Features such as icons have hover functions to describe their functionality. Each chart has a dedicated title. Each set of charts and maps have meta data provided for further details. Map legends provide details of different components of the maps. Where possible, suitable colours and contrasts are used. Maps do not have dedicated titles or explanation of the insights interpreted from the map as maps are dynamic in nature and change each time a user changes filter options.
• Accessibility testing: None.
• API: No
• Customisation available: Yes
• Description of customisation: Requirements are taken from customers and used to configure the platform as part of the set up of the product. Requirements are used to customise:; ; * Role-based access; * Data and interface - these are customised based upon a number of factors including area, geography and insights suitable for the role and user. ; * Customised assumptions - inbuilt calculators, industry models, assumptions can be updated via the SidM interface; * Local data can be integrated with SidM as part of user customisations

Scaling

• Independence of resources: Scalable cloud architecture in place to enable on-demand scaling against user needs.; ; Caching is employed were appropriate to enable a seamless user experience.; ; Other technical architecture supporting scaling includes the use of Docker containers to support a scaled user experience.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The product allows export of data via:; ; 1) Download map function as an image; 2) All charts and statistics allow download in csv format or as an image; 3) A download pdf functionality is available to download digital stories and pages or pre populated reports
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Pdf
  • Png
• Data import formats:
  • CSV
  • Other
• Other data import formats: .png

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLA terms are client based and standard terms include 5 days availability between 9am to 5pm UK business working hours. In case of any breach, the clients are compensated based on client contractual agreements.
• Approach to resilience: The Amazon Web Services offers highly resilient systems, and therefore service availability. The application databases are not replicated but backed up every night and backups are kept for up to 7 days.
• Outage reporting: Email notifications are sent out to all registered users.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Only nominated staff members, e.g. Database Manager and Head of Engineering have access to make configuration changes and amend client instances of SidM Systems.; ; For support channels for buyers, access to customers information is limited to specific staff members as appropriate.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have a suite of security policies that are embedded across our organisation to uphold security governance. We also provide training for staff on cyber security.; ; Datacentre is ISO 27001 compliant; ; NHS Data Security and Protection Toolkit Standards are met; Cyber Essentials certification has been achieved
• Information security policies and processes: All employees of Coplug D&T Ltd must undergo information governance training. All employees are contractually obliged to adhere to data security policies, including but not limited to Acceptable Use Policy, Data Protection & Awareness Training Policy, and to be aware of our Business Continuity Plan and how that affects their role specifically. Information security incident reporting structures are in line with those outlined as best practice by the ICO and ISO27001 standards. Coplug D&T Ltd ensures regular penetration testing of the application, and Cyber Essentials certification has been achieved. Our data hosting service is ISO27001 certified. Certificates can be provided to customers upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The application assets are fully deployed and managed within Amazon Web Services Cloud Infrastructure. They are tracked and monitored using AWS monitoring tools.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The application software components are patched and updated twice a year depending on the security updates and patches released by vendors.; ; The SidM Systems app and its infrastructure are tested for vulnerabilities on regular basis. We run regular penetration tests to identify security vulnerabilities inline with the OWASP top 10 review of threats.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Static code analysis tools are used to find potential security loop-holes during QA testing. Pen-test tools are utilised to find potential loop-holes during runtime and find any endpoints exposing sensitive data by API, frontend. Appropriate security fixes are be made by Senior engineers documented and submitted to the Change Review Board- Senior Management within the company. Changes are deployed to production and monitored by the support team.; We have SLA of 8 hrs to respond to high severity incidents reported on the product and team is deployed to handle the fix with appropriate change review mechanism.
• Incident management type: Supplier-defined controls
• Incident management approach: We have defined processes for incident management that are underpinned by an incident management policy. Our incident management plan follows the NIST approach to information security incident management. (Prepare, detect and analyse, contain, eradicate, restore, review). We have an incident management log onto which, every incident is reported and tracked.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  Analytics include insights related to environmental factors against impact on estates and infrastructure and patients.

  Tackling economic inequality

  Analytics include insights related to highlighting areas of economic inequality against access to services, workforce and infrastructure

  Wellbeing

  Analytics include insights related to highlighting areas of health inequalities and health outcomes against access to services, workforce and infrastructure.

Pricing

• Price: £3,000 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@coplugdata.com. Tell them what format you need. It will help if you say what assistive technology you use.