Clarity Workforce Technology Ltd

Clarity Workforce Technology - Staff Bank

Clarity Staffbank offers streamlined payroll, allows candidates to self-register and self allocate, and can SMS workers immediately available vacancies. Single click, multi-shift posting on one screen; auto-matching ensures suitably qualified and available candidates are allocated to shifts. Compliance-focused ensuring staff records are updated in real-time with dynamic management reports.

Features

• Create & maximise the use of your internal bank
• Staff group agnostic
• Real-time management information
• Compliance monitoring / enforcement tool
• e-timesheeting tool
• Links Roster and Agency Management solutions with PSL/tiering
• Easy use across mobile/ PC applications for people on move
• Regional bank capability
• Compliant with new Junior Doctors contract
• Seamless integration with other technologies

Benefits

• Streamlined process automation saves time, money and resource effort
• Reduced reliance on Agencies through maximised use of your bank
• Collaboration with neighbouring trusts through shared banks
• Greater engagement with bank staff, through optimised shift communication
• Stringent compliancy rules support in managing clinical (workforce) risk
• Dynamic staff deployment on the move
• Intuitive software that requires limited training
• Improved productivity from contingent workforce (fully utilising ‘overtime’ hours)
• Interoperable, offering simple integration with other technology solution
• Improved business efficiency – quicker deployment with fewer people

£45,000 to £60,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Contracts@clarityworkforcetech.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

925357542081014

Contact

Tom Gellett
08450 063 752
Contracts@clarityworkforcetech.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No constraints
• System requirements:
  • Internet connection
  • Mobile enabled device (desktop/tablet/mobile phone)
  • Microsoft Office or equivalent to open reporting

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tickets will be responded to within SLAs that will be agreed during implementation. Over the weekend support is reduced but core services are covered to ensure up time and service to the client.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We use a service provided by Freshdesk, so abide by their standards.
• Onsite support: Yes, at extra cost
• Support levels: Support is provided by a front end service desk that is free of charge and included in the licence fee for the software. Any technical issues will be escalated through this support service to the technical/development team and resolutions and feedback given by phone or email.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: An implementation of Clarity follows a set process and will have a dedicated project manager. ; ; The role of this project manager will be to guide you through mobilisation, data gathering and implementation. As part of this, a guide for the process will be given and training will be provided both in terms of documentation and actual training sessions. These can be onsite or remote whatever is best for the client.; ; Updated documentation will be provided through the life of the contract with release notes for new features and updates.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Clients will have the ability to download their data at the end of their contract via the standard suite of reporting which will give them all of the information required. These include user reports, timesheet reports, shift reports and finance reports for invoice information.; ; These can be exported whenever the client wants and with the parameters they require.; ; Any additional requirements for exit information will be discussed and scoped should this data not fall within these reports.
• End-of-contract process: At the end of the contract, the client will serve notice in line with the contractual terms. At this point Clarity will engage and start to advise on how the client should begin to extract it's information.; ; Clarity will happily form part of any meetings if a new supplier is replacing our service to advise on how the current process has run.; ; Additional reporting or data needs that can't be ascertained by normal documentation will be scoped and priced according to the complexity and relevance.; ; Dates will be agreed for system shut down and this will be communicated to users. Once that date has passed a grace period will be given for select users, but past this access to data and the system will be removed. If data is required post shut down the requirements will then be scoped and priced if the data is still possible to be accessed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No differences
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service provides a web-based user interface, mobile app and JSON REST API
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We do not complete any user testing with live client users
• API: Yes
• What users can and can't do using the API: The users can interface with all elements of the system using the API and use this to create, update and remove information.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users as standard will buy an off the shelf product but there is the ability to set certain customisations in the product. This can be achieved in terms of changing labels, branding and also configuring between different options. This will all be discussed during the implementation phase and as part of the client data upload.

Scaling

• Independence of resources: The system is actively monitored in terms of the live usage of the system and controls and warnings are put in place to notify the system administrators should any over demand be put on the systems. As the number of clients increases the amount of resource and dedicated processors of jobs to ensure that there is no impact from client to client. The system is designed to allow quick scaling should the load peak too high.

Analytics

• Service usage metrics: Yes
• Metrics types: The system provides usage metrics in terms of user logins, shifts and spend information.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users have the ability to extract certain screens of the system via csv or they can extract the data in set reports in xls format.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Pdf
  • Xls
  • .doc
  • .adi
  • .dat
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The standard SLA for availability is 99.95% and details of the SLAs and service refunds are included in the service overview documentation. These would be agreed during the contract discussion phase.
• Approach to resilience: Our service is deployed to a Kubernetes cluster managed by Akamai/Linode. Services are monitored and self-healing, with redundant databases and automatic failover, plus point-in-time recovery capabilities from encrypted offsite backups. Datacentre resilience is described here: https://www.linode.com/legal-security/
• Outage reporting: Reports to external clients will be reported by email, but internally notifications that feed through monitoring to dedicated Slack channels are used.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All of our system and support channels link back to the same user management which is defined by the user authentication and also by the restriction in place in the system. These are based and user permission and data access level and can be managed by the client directly.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certified International Systems Limited
• ISO/IEC 27001 accreditation date: 13th March 2015
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The IT Director regularly reviews the security posture of the organisation. Training is given to all employees, and they report any concerns or propose any changes directly to the IT Director.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Both the application software and the service infrastructure are managed as code. All changes are tested, scanned for code quality, and for potential vulnerabilities, peer-reviewed, then staged first in quality assurance and then in user acceptance environments before final sign-off sees rollout to production. In production, services are continuously monitored, with automated alerts triggered when metrics fall outside tolerances.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our application's third-party software dependencies are continuously audited for vulnerabilities by GitHub Dependabot. Additionally, every build of our container images is scanned for vulnerabilities by Docker Scout, while our Kubernetes infrastructure is monitored by Snyk. We have a policy of continually reviewing all highlighted vulnerabilities for severity and asses our risk of exposure. We then choose the appropriate channel for deploying security patches: critical fixes/mitigations are escalated rapidly through the test stages into production, while routine upgrades are included in our regular release cycle.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We utilise continous monitoring tools to detect anomalous activity and network traffic. Automated alerts are assessed and an appropriate response is escalated as required. If a compromise is discovered, affected parties are notified and forensic analysis conducted to establish the precise scope and nature of the compromise. All incidents are logged and reviewed, with further analysis identifying actions to be implemented for future mitigation.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident detection occurs when monitoring tools trigger system non-availability all requiring IT Operations/Infrastructure team to confirm the cause, or any employee realizes that the data processing environment has been disabled, damaged, or destroyed by an unplanned incident or event. If an event like this does occur, a member of the IT Operations/Infrastructure team will be the first to be notified.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Wellbeing

  Covid-19 recovery

  At Clarity we centre our service and our system build and design around bringing as many benefits to those that use it from a national, client and personal level. When focussing on how Clarity can support the recovery from COVID-19 there are several key areas that are focussed on when working on the workforce platform:; • Allowing visibility and tools for greater workforce productivity through intuitive and easy to use systems for both management and worker;; • facilitating rapid deployment of staff to high demand areas ensuring compliance and skill match;; • access to a greater range of staff from permanent, additional hours or agency staff;; • cost control and management tools in-built into the system to allow, at a time where use of funds is critical, for appropriate use of funds.

  Wellbeing

  At Clarity we centre our service and our system build and design around bringing as many benefits to those that use it from a national, client and personal level. When focussing on how Clarity can support well-being there are several key areas that are focussed on when working on the workforce platform:; • Focus on all stakeholders in the process to ensure well-being for all groups not just one;; • Ease of use for managers to allow them stress free access to data when they need it to react to crisis, or inform key decisions;; • Workers have access to flexibility of shifts and greater work life balance should they require;; • They also have full visibility of their earning potential, as to better financially plan at a time when cost of living is so important.

Pricing

• Price: £45,000 to £60,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A free trial (pilot) can be offered for the software and will form part of the initial conversations with the client. If agreed this will be limited in time and in amount of usage of the system.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Contracts@clarityworkforcetech.com. Tell them what format you need. It will help if you say what assistive technology you use.