Equine Register Ltd

Integrated API Services (Simple to Complex)

Equine Register's API Service enables the digital exchange of information across our services to enable interoperability, increase administration efficiency and support secure transmission of data.

Features

• Real time data updates
• Synchronisation of databases
• Accessible from multiple devices
• Controlled user group access
• Available 24/7 at minimum 99% availability
• Offline caching
• Comprehensive and ad-hoc reporting

Benefits

• Secure exchange of equine identity and registration documents
• Enables interoperability between government and industry
• Enables real time exchange of data across Equine Register services
• Supports compliance with UK regulations
• Reduces administrative burden and costs

£5,000 to £100,000 a licence a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephanie.palmer@equineregister.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

906186314823498

Contact

Stephanie Palmer
03330 100145
stephanie.palmer@equineregister.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: The complete range of Equine Register services including; Central Equine Database, Digital Stable, Central Canine and Feline and Animal Databases, Border Enforcement, Digital Smartcard and Passport, National Chipchecker, Canine and Feline Identity Checker, Vet App, Transporter App, Animal Welfare App, Digital High Health Certification, Animal Traceability Service, International Hub etc.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: The API services are connected to Equine Register Services.
• System requirements: Available as RESTful or SOAP

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Emails and tickets are acknowledged within 1 hour of receipt.; Questions are responded to within 4 hours of receipt.; ; Acknowledgements and responses are managed between 9am - 5pm Monday to Friday excluding Bank Holidays.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: No
• Support levels: Support is provided by webchat, email and phone to registered users of the service.; ; Support is open from 9am to 5pm, Monday to Friday excluding Bank Holidays.; ; Support tickets are raised and prioritised according to severity of the issue.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide documentation for users to get started on the service, posted on ER's support website.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: There is no data to extract
• End-of-contract process: The service will be shut down.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference between Mobile and desktop service they are consistent.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The API allows organisations to seamlessly connect their databases and applications with those of other organisations, including the CED, Digital Stable and other databases. Equine Register's technical team will work with the organisation to ensure that any API calls are set up correctly.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All customisation is carried out buy Equine Register's technical team, with a defined Statement of Work.

Scaling

• Independence of resources: Equine Register's services and applications are all designed to scale automatically to ensure quality of service for all users, using a combination of load balancers, scaleable resources and multiple failover and availability designs.

Analytics

• Service usage metrics: Yes
• Metrics types: Volume of interactions; Uptime; Number of erroneous, duplicate or incomplete records
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: There is no data to export
• Data export formats: Other
• Other data export formats: There is no data to export
• Data import formats: Other
• Other data import formats: There is no data to upload

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service available 24/7 at minimum 99% availability, excluding planned outages.
• Approach to resilience: Information is available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access to the service is restricted to a list of registered individuals.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: All Equine Register's services and applications are compliant to ISO27001:2013 and Cyber Essentials.
• Information security policies and processes: Policies are approved by the company executive team are embedded in team and individual employee objectives and contracts.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are assessed for potential security impact as part of our Change Request Process. The testing cycle contains a set of security tests.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats are assessed by the security team and critical patches are applied as soon as possible. We gain information about potential threats from a variety of industry sources and databases.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We identify potential compromises using a combination of system controls and processes, and tests carried out by independent companies. ; ; When a potential compromise is identified, a remediation plan is created and actioned and monitored.; ; The resolution plan is created and actioned typically within hours of the compromise being identified. Resolution time varies according to the complexity of the compromise but resolution is monitored at the highest levels in the company.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a defined recovery process for every component of the services, and perform root cause analysis on every incident that interrupts service.; ; Users can report incidents by calling or emailing into the support desk.; ; Incident reports are provided to customers as required in the form of a PDF with follow up with the customer as appropriate.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We recognise our need to help fight climate change. We have introduced hybrid working which significantly reduces the travel of our employees and has significantly reduced our use of electricity and heating in the office. The leased office premises operate a green energy policy and actively encourages the recycling of waste. We aim to use recycled products as much as we can in the office.

  Covid-19 recovery

  We recognise the impact and concerns of our workforce as a result of Covid. We have taken measures; ; • For those most vulnerable, we have identified those individuals and/or their family members who are at risk to allow them to change their place of work to home if they choose to do so; • To help physical and mental health of our employees, we have introduced hybrid working for all employees to allow them to work from home and only come to the office if required or if they wish to ; • To manage cross contamination, we have maintained the position of social distancing in the office and a policy of work from home if someone has signs of any illness; • We are constantly reviewing our policies to ensure that we are taking the most appropriate measures to protect our staff and the business.

  Tackling economic inequality

  We recognise that the digital technology sector is a high growth area. As a business we are experiencing significant rapid growth. Attracting and retaining the right staff is key for us. We also recognise the value of growing our own talent. As such this year we have introduced a pilot to help individual’s to re-skill in our sector and are actively talking with local education, community groups and the DIT on how we can do more.

  Equal opportunity

  We operate an equal opportunities policy and do not prejudice against disabled or minority groups. Our office working policy and work environment and our pilot to re-skill individuals supports our aim to offer equal opportunities to all.

  Wellbeing

  The physical and mental well-being of our staff is important to us. We have introduced this year a range of employee benefits paid for by the company that provides access to private medical health and other health services for both the employee and their families. This includes mental health support lines. ; We have also increased the minimum holiday entitlement, given every member of staff an additional day’s holiday for their birthday and introduced a flexible holiday policy to allow staff to add or reduce their holiday allocation to suit their personal needs.

Pricing

• Price: £5,000 to £100,000 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stephanie.palmer@equineregister.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.