CACI UK Ltd

Inview - Data Warehouse Designed for the NHS

Inview is a cloud-based data-warehouse that provides a single, consolidated source of operational, management/performance management information. It is aligned with the Health Informatics processes within the NHS and designed to NHS data standards.
CACI provide advanced Inview analytics using the Qliksense end-to-end BI platform, including prebuilt dashboards and self-service visualisations.

Features

• Data Warehouse comprises several fully integrated and intuitive features
• Extract, Transform, Load (ETL layer) data from all sources
• Proprietary data warehouse (star schema data warehouse design)
• Defined data items used for reporting (semantic layer)
• End user reporting (graphical reporting interface)
• Ability to integrate data from multiple-systems; SLAM, Grouping, Pricing Integration
• Grouping and pricing integration
• Statutory reporting including SUS and Unify Submissions
• Extendable allowing the solution to meet all local requirements

Benefits

• Provides a single, governed version of the truth
• Drives consistent numbers to use in decision making
• Enables financial measurement, forecasting and the sharing
• Real time data feeds
• Distributed and devolved analytic applications
• Contributes to transformational outcomes
• Proven pre-built solution reduces costs and deployment time
• Inview strategic development roadmap focused on NHS R&D

£68,778 a licence a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

906999298940554

Contact

CACI Digital Marketplace Sales Team
0207 602 6000
digital.marketplace@caci.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: CACI’s standard Service Level Agreement (SLA) for 'Severity 1 - Critical issues' includes a response time of 1 hour. Resolution, if not achieved immediately when CACI responds, depends on the complexity and severity of the enquiry. Typically this is within 24-48 hours with CACI’s team working on a basis of 'continuous working (within service cover time) until fixed or a workaround delivered'.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: CACI operates a comprehensive managed service that provides customers with access to a dedicated team responsible for answering any queries or resolving any incidents encountered in relation to CACI supported software and solutions.; ; The managed service, which is included in the price quoted, provides:; ; - Access to Service Desk ; - Defined SLA for Incident Response and Resolution ; - Documented Scope of Service and Statement of Work ; - Service Delivery Plan ; - Service Reporting
• Support available to third parties: No

Onboarding and offboarding

• Getting started: For all implementations CACI take a collaborative approach with the customer and users to promote knowledge transfer at all stages. This ensures users are able to effectively utilise Inview, maximising its value. Included in the services offered are:; ; - Onsite (or offsite) classroom based training courses including full training materials; - Software installation documents are with assistance available via the managed services desk; - Table schemes and mapping documentation is provided to help data load process.; ; Before commencing and implementation, a Project Initiation Document (PID) will be written to agree and outline the deployment approach. A joint team will be agreed with clearly defined roles. The implementation will be phased, allowing for regular deployment of integrated data to be loaded to the data warehouse. The agreed phases will take into consideration each customers’ organisational requirements. A typical integration is split in to deliverables per module or modules grouped in to areas, e.g. based on source system.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Microsoft Word
  • Microsoft Excel
• End-of-contract data extraction: A data migration procedure can be run. This extracts the data in CSV format which is then availiable via FTP
• End-of-contract process: At the end of a contract, either due to the customer not wishing to renew or cancellation, the date on which the termination will take effect will be agreed and confirmed with the customer. Data will then be extracted from Inview on the cancellation date and is then securely provided.; ; Once confirmation is received from the customer that all the required data has been received (transferred or extracted) the system is then cleared and shut down. This is then communicated to the customer in writing with confirmation that CACI is no longer in possession of any customer data.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The following can be customised by users within the Inview Data Warehouse:; ; - Local rules for income and activity calculations can be implemented; - Local data items can be added alongside the product provided ones. ; - Users are able to compliment and present non-integrated data at the reporting layer to augment analysis for their organisation; - InView can present data to any reporting tool of choice.

Scaling

• Independence of resources: Every customer is allocated a dedicated resource in cloud environment to prevent any performance issues when using the solution.

Analytics

• Service usage metrics: Yes
• Metrics types: Reports can be provided to customers on usage of Inview with various user defined variables.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can connect to the Inview data warehouse using a tool of choice, subject to security, which will then allow them to extract the data to any location required.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Relational databases (via ODBC: SQL Server, Postgres, MySQL etc.)
  • Txt
  • CSV
  • Excel
  • REST

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: The solution is hosted on dedicated virtual servers within a segregated VLAN located at CACI’s UK based Tier-3 data center. ; ; CACI has implemented security best practice including network segmentation and segregation to protect customer data traversing on our network. ; ; Our data centre has robust physical, technical, and environmental controls protecting systems and data. All systems are installed on highly available hardware, backed up nightly, patched regularly, protected by high-end firewall systems, intrusion detection, data loss prevention and antivirus systems. Network penetration tests are performed annually. Vulnerability scans are performed weekly. ; ; CACI encrypts all data both at rest and in transit.

Availability and resilience

• Guaranteed availability: System availability is over 99%. ; ; Anticipated downtime for upgrades is agreed in advance with customers to avoid any impact during busy periods. This proactive approach enables communications to be sent to the user base prior to the release of upgrades or patches.
• Approach to resilience: Inview is hosted on an IL3 hosting environment within CACI's UK based data centre which has robust physical, technical and environmental controls to protect data. ; ; All systems are backed up nightly on offsite encrypted media, patched regularly, protected by high-end firewall systems, intrusion detection and antivirus systems, dedicated to the secure environment. ; ; The solution utilises the latest HP blade systems and HP 3PAR all flash SANs with redundant networks. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure. ; ; Climate control is in place to maintain a constant operating temperature for servers and other hardware. The Data centre is conditioned to maintain atmospheric conditions at optimal levels.; ; Further information is available upon request.
• Outage reporting: In the unlikely event of service outage an email alert would be sent to the user(s) from CACI Customer Care Team.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: CACI operates a layered, segregated and separated environment with role based multi-factor authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certified by British Standards Institute for ISO27001 (cert # IS501477).
• ISO/IEC 27001 accreditation date: Original Registration Date: 11th April 2006 – last re-certification date was on the 6th July 2021
• What the ISO/IEC 27001 doesn’t cover: Our ISO 27001 certification covers all CACI services, offices, and data centres.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CACI holds Data Seal.
  • ISO 9001 - this includes additional elements regarding security
  • Registered with the ICO - Network and Information Systems Directive
  • Data Security and Protection Toolkit (DSPT)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: CACI also holds Data Seal.; CACI are registered with the ICO under the Network and Information Systems (NIS) Directive.; Additionally, CACI holds ISO/IEC standards in 9001:2015 Quality Management Systems (QMS), ISO/IEC 20000-1 Service Management System (SMS) and ISO/IEC 14001 Environmental management (EMS).
• Information security policies and processes: CACI have implemented an Information Security Management System (ISMS) containing a set of policies, procedures, and technical controls for systematically managing sensitive data, systems, and processes. The foundation of our ISMS is designed in accordance with the ISO27000 series of international standards, industry best practices and regulatory controls. ; We have also adopted the security best practices detailed within the National Cyber Security Centre’s 14 Cloud Security Principles, 10 Steps to Cyber Security and 12 Supply Chain Prin-ciples along with the Government’s Technology Code of Practice into our Information Securi-ty Management System (ISMS) and these form part of business-as-usual operations.; CACI maintains a Risk Management program to mitigate and manage risk companywide. Risk assessments are performed at least annually to ensure appropriate controls are in place to help reduce the risk related to the confidentiality, integrity, and availability of sensitive in-formation.; We maintain ongoing initiatives intended to help minimise the risks associated with human error, theft, fraud, and misuse of facilities. These initiatives include screening, confidentiality agreements, security awareness education and training, and enforcement of disciplinary ac-tions.; Regular audits and a large number of KPI metrics are used to monitor and demonstrate compliance and the continued effectiveness of CACI’s ISMS.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Documented change management systems form part of ISMS. Major/significant changes are peer reviewed and approved by the Change Advisory Board which delivers support to Change Management team who approve, assess, prioritise.; All changes are subject to our Change Control Policy. Where there is the possibility of an impact to user activity, stakeholders are notified for feedback.; Changes are then forwarded to Change Managers for CAB approval, who append plans when appropriate.; Robust systems acceptance testing processes have been established for all new information systems, upgrades, and new versions, conducted by a dedicated Quality Assurance team, ensuring no security impact
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CACI has a comprehensive vulnerability management program that includes conducting weekly vulnerability scans on critical systems and applications. ; New patches are promptly risk assessed and prioritised based on the severity of the vulnerability and the threat intelligence available.; Where an Emergency patch poses an imminent threat to the network it is installed without undue delay. ; All other Windows patches are installed within 14 days of receipt. ; Our system administrators subscribe to alerts and publications to ensure new are emerging threats are countered promptly and effectively and that new Technologies and security best practices are assessed and adopted where appropriate.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Robust security logging and alerting controls are in place to capture events in order to prevent security incidents and malpractices, including Active Directory, Intrusion Protection System (IPS) and Data Loss Prevention (DLP). ; Solutions are also in place to monitor systems and alert administrators of possible capacity, and resource problems.; Logs are stored centrally and reviewed on a daily basis. ; CACI has robust and mature incident response plans and processes and business continuity management to minimise the impact of a cyber-security attack or incident. ; Our Security Teams consultants are available 24/7 to react and respond to critical security and infrastructure events.
• Incident management type: Supplier-defined controls
• Incident management approach: All employees are required to report any real, perceived, or potential security incidents that may affect the confidentiality, integrity, or availability of data. ; All Security Incidents are recorded in-line with our Security Incident Policy and Response Procedure, for each incident a root cause analysis is conducted, a corrective action undertaken, and a preventative action will be implemented to prevent or reduce the probability of the incident reoccurring in the future.; CACI’s cyber security management programme includes cyber incident response plans, advanced technical controls, operation resilience and business continuity management to minimise the impact of a cyber-security attack or incident.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  As a supplier primarily of professional IT services, CACI’s environmental impact is minimal. However, we are constantly looking at how we can operate more efficiently in our fight towards climate change. We are working towards a Net Zero Carbon business model through our delivery to our customers as promoting this to our supply chain. ; ; This commitment is demonstrated by our achievement of ISO14001 accreditation, which we have held for nine years. To attain this standard, we ensure our Environment Management System (EMS) met the following requirements: ; ; Awareness of environmental impact through procedures and controls ; ; Acceptance of responsibility through environmental management systems ; ; Reducing harmful impacts via environmental policies ; ; Displaying community responsibility via staff training and awareness. ; ; We are fully committed to working towards a circular economy approach and where practically possible CACI select the most sustainable means to operate its facilities We remain aware of any and all opportunities to share, lease, reuse, repair, refurbish and recycle existing materials and products.. That includes using recycled paper, enforcing double sided printing, and using Energy Star devices. Our recycling policy includes energy/water consumption, waste materials and paper use. ; ; CACI has an agreed Carbon Reduction Plan (CRP) which is in implementation and is published on our website. This includes a set of carbon reduction targets up until 2050, with a baseline period set from July 2020 to June 2021. We project that carbon emissions for scope 1 and scope 2 will decrease over the next five years to 300 tCO2e by 2026. This is a reduction of 9% on the baseline. ; ; CACI have purchased a licence for Carbon Expert Professional allowing tracking of Scope 1, 2 and 3 emissions, which allows us to robustly assess achievement of targets. Our CRP is reviewed and updated quarterly allowing regular tracking of emissions targets.
• Covid-19 recovery:

  Covid-19 recovery

  CACI has had to adapt significantly the COVID-19 pandemic struck. Our adaptations range widely across the business, including staff, supplier and customer engagement. By enabling remote working for staff and digital delivery from our supply chain, we have been able to continue delivering our services to customers. ; ; In response to COVID-19, CACI has become a member of the Emergent Alliance (EA). EA is a not-for-profit community, aiming to better inform organisations’, businesses’ and Government economic decision-making. It draws on a diverse collaboration of corporations, individuals, Non-Governmental Organisations (NGOs) and the Government. ; ; Since the beginning of the pandemic, CACI’s immediate concern has been the safety and wellbeing of staff. As a leading business in the digital industry, we have adapted quickly to working remotely through the use of technology and training, with minimal impact on our staff or delivery of services. ; ; CACI has implemented a range of measures by carrying out COVID-19 risk assessments, in line with government guidance, across all offices. These took account of staff numbers, layout and facilities. Steps put in place include: ; ; -Enhanced cleaning regimes and better ventilation ; -Hand sanitiser stations ; -New desking plans and working regimes to maintain social distancing ; -Clear COVID-19 signage located around offices ; -Restrictions on communal areas, e.g. kitchens, toilets, stairs, walkways etc. ; -Clear reporting and escalation protocol for breaches or reports of COVID-19. ; ; As of today, we still maintain a hybrid working stance. We are conscious that the new-normal may mean more remote working than pre-COVID-19, and as an employer we are offering continued flexibility. This seeks to reduce travel and office occupancy.
• Tackling economic inequality:

  Tackling economic inequality

  CACI is dedicated to creating employment opportunities, working with local suppliers and hiring local people. We adjust our recruitment and training processes to focus on attributes rather than qualifications, which could exclude those from a disadvantaged background or deprived areas. Inclusivity and accessibility are encouraged via unconscious bias education and positive and inclusive designs, accessible capabilities, and inclusivity in gathering requirements for digital services. ; ; CACI has pledged to promote equality of opportunity within our supply chain, and work with a diverse range, including specialist Small and Medium Enterprise (SME)s. Our network is diverse and wide ranging in terms of skill set, age of business, make up of employees, geographical location, and therefore varying business cultures and diversity of individuals. ; ; We are focussed on creating opportunities from the following groups who experience barriers to employment : ; -Long term unemployed ; -Armed forces veterans ; -Mothers returning to work ; -Care leavers
• Equal opportunity:

  Equal opportunity

  CACI’s Equal Opportunities policy formalises our approach to not discriminate against any employee on the basis of sex or sexual orientation, marital or civil partner status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability or age, pregnancy or maternity or other characteristics defined in anti-discrimination legislation (Protected Characteristics), or trade union membership or the fact that they are a part-time worker or a fixed-term employee. Our employees and applicants for employment with CACI are not disadvantaged by any policies or conditions of service which cannot be justified as necessary for operational purposes. ; ; CACI is dedicated to ensuring our work environment, operational delivery and recruitment processes accommodate people with disabilities. Adjustments are made to ensure that those with disabilities are included and supported in our workplaces. ; ; Our Workplace Adjustment Passport (WAP) enables employees to declare a disability, workplace adjustments are driven at company level. ; ; CACI has signed up to the Disability Confident Scheme, formalising our commitment to play a lead role in changing attitudes for the better. We aim to successfully employ and retain disabled people and/or those with health conditions. When designing internal training or selecting an external partner, staff are consulted to capture any specialist needs to tailor sessions, including location, means of delivery and materials. This ensures all staff can develop in a comfortable and accessible environment. ; ; CACI also works closely with the National Autistic Society to create an inclusive recruitment process, partnering with their Autism at Work programme; actively supporting neurodiverse candidates to flourish. ; ; CACI have funded the creation of a number of staff networks, where employees with protected characteristics have time and resources to share ideas and support in a safe private environment. CACI have also offered specific training and talks from speakers related to these characteristics.
• Wellbeing:

  Wellbeing

  CACI already has a range of comprehensive support initiatives that have been implemented to aid the health and wellbeing of our workforce (including contractors). Below is a comprehensive list, with specific reference to the six standards of Mental Health at Work commitment. ; ; Promotion of an Open Culture around Mental Health: ; -Team of 18 Mental Health First Aiders ; -Conduct regular drop-in sessions for all staff, delivered by a Mental Health First Aider Team, focus on a particular element of Mental Health. ; ; Prioritising Mental Health in the Workplace by developing and delivering a systematic programme of activity: ; -Regular check-ins for staff and our contractor workforce ; -Annual Staff Satisfaction Survey, which includes a section on Health & Wellbeing ; -Free 24/7 professional counselling ; -Private healthcare and health and wellbeing plan (extendable to family members/dependents) ; -Employee Assistance Programme ; -Discounted gym memberships ; -Physiotherapy ; -Medical services ; -Mental Health First Aider programme ; -Stress assessments ; ; Proactively ensure work design and organisational culture to drive positive mental health outcomes ; -Comprehensive property and facilities management, ensuring modern, comfortable and state of the art technology for all employees ; -Distributed Working Programme, allowing employees and contractors to structure their working week in a way that suits their preference and personal commitments whilst delivering against their work accountabilities ; ; Open and honest communications at all levels throughout the organisation ; -Increased organisational confidence and capability: ; -Dedicated area of our company intranet for mental health and wellbeing, including various supporting resources and colleagues ; -Line Managers and Career Coaches trained in aspects of mental health ; ; Provide mental health tools and support: ; -Formal Mental Health First Aid Programme including a team of MHFAs ; ; Increase transparency and accountability through internal and external reporting: ; -Publish the results of our annual staff satisfaction survey to all staff. Includes Mental Health and Wellbeing, actions taken and areas for improvement

Pricing

• Price: £68,778 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.