FATHOM MANAGEMENT SOLUTIONS LIMITED

CaseflowFusion

CaseflowFusion is a Case Management System designed specifically for managing all aspects of outstanding accounts from inception of demand for payment through to collections and litigation. The software is integrated with Microsoft Office products and provide a to build an efficient cost effective digital solution.

Features

• Remote Access
• Real time Reporting
• Full integration with office products
• Workflow Automation
• Email automation and scheduling
• Integrated SMS Texting
• Payment Gateway interfaces for direct debit, card payments and banks
• Customer and Client Online portals
• Customer Journey full visibility
• GDPR compliant

Benefits

• Workflow Automation and full digital output
• Full visibility of customer contact
• Quick implementation
• Greater visibility of case management
• Ability to take payments online
• Two way integration with Outlook
• Configurable solution
• Fast Return on Investment
• Integrates quickly and easily with third party solutions

£82 to £160 a user a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at deborah.cox@fathom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

989784974362848

Contact

Deborah Cox
01189131211
deborah.cox@fathom.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No the system is available 24-7. Dta is stored in a Tier 3 secured data centre. Operating system maintenance takes place at pre-agreed times
• System requirements: Access to the internet

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response to tickets is based on the severity of the issue raised. If the issue is not critical, a typical response is within 60 minutes of the log time. Standard support is available Monday to Friday between 9 am and 5.30 pm. Support servers are available outside of those hours at extra cost.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Fathom will then in conjunction with its client establish the impact of the issue on the customer’s business and apply support as follows:; ; Category A Support; Severity Level 1 The level of support required when the Customer reports a fault which totally prevents the Software from performing the key business functions. Category A Support issues requires a qualified technician be made available remotely to work on the problem within 30 minutes of the Log Time. In reality, this tends to be within 10 minutes of the initial communication.; ; Category B Support; Severity Level 2 The level of support required when a fault is reported which partially prevents the Software from performing the key business functions for which it was purchased. Category B Support issues requires a qualified Fathom support technician be made available remotely to work on the problem within 60 minutes of the Log Time.; ; Category C Support; Severity Level 3 The level of support required when the Customer reports a fault effecting the general performance of the Software for which reasonable workarounds exist. A qualified support technician be made available remotely to work on the problem within 24 hours of the Log Time.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All customers are provided with training manuals and "how to" guides as part of the service. Depending on the nature of the implementation customers typically receive between 5 and 15 days days training which covers a variety of training courses from Administrators, Financial posting and reconciliation, Operator training, Database Reporting. Training can be carried out on site or remotely using screenshare and MSTeams.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Whilst the users can extract their own data using an SQL ODBC connection to the database. Fathom can also provide data extracts containing their customer data and details of their accounts and cases.; Full histories are also supplied in accordance with the users' requirements. ; If the user requires Fathom to produce extracts these will be produced in text delimited format.; Once the data has been extract Fathom will retain this for a period of 30 days following which it will be delete together with any backups in accordance with the regulations of GDPR.
• End-of-contract process: Data deletion is included in the price of contract.; ; Data extraction at the end of contract attracts an additional cost

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Proactive monitoring within the data centre is provided to us for memory and disk usage, Operating System updates, and network performance and connectivity issues. This is monitored 24-7, 365 days of the year with instant alerts should an environment need additional resources.

Analytics

• Service usage metrics: Yes
• Metrics types: Collections performance can be provided in real time based on collections for the day, month to date by operator , portfolio of accounts or organisation.; ; Up to 12 bespoke reports are also provided as part of the service detailing status of accounts, operator activity, money recovered at various statuses
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Fathom provides a number of standard export processes and interfaces with a number of finance systems including SAP, Sage, Oracle Accounts. The system also includes interfaces to the credit reference agencies for financial reporting and tracing activities. ; ; Users can also extract their data using a SQL ODBC connection to the database tables.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • XML
  • XLS
  • PDF
  • DOC
  • PRN
  • TXT
  • HTML
  • JSON
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • XML
  • TXT
  • PRN
  • JSON
  • SOAP
  • XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The system is available 24-7, 365 days of the year subject to scheduled maintenance.
• Approach to resilience: This is available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to customer data is controlled by use of VPN. Each user has their own VPN certificate. Access to the database is control with a unique login.; Passwords are encrypted and can expire depending on customers policy.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 29/01/2021
• What the ISO/IEC 27001 doesn’t cover: Certification is in accordance with the Statement of Applicability dated 01 September 2020 version 1.1
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO9001:2015
  • ISO27001:2017

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are ISO27001 Certified via British Assessment Bureau. Our ISO standard follows a Statement of Applicability and is audited annually by third party auditor.; We are in the process of upgrading this to ISO27001:2022 Certification

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have a clear defined change management and release management process. This includes definition of the change, version and patch controls, developer unit testing, change documentation, regression testing and acceptance testing
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: There are potentially two types of threats to the service. The first is availability, security and operating system vulnerabilities which are monitored by the Data Centre. ; The second relates to our databases and software. Any fault is assessed for severity which includes data or functionality. If a fault is considered high priority a qualified engineer will work on this to find a solution with a view to releasing a fix based on best endeavours.; More information is available on request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: A potential compromise could be caused by upload of bad data from a third party or by a software fault. Data imports are checked for faults and vulnerabilities and alerts are provided. ; Where a fault has arisen a dedicated resource is allocated within 30 minutes of this being identified depending on severity of the issue.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident Management is processed as part of our ISO27001 policy and procedures. Full details of our policy are available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We aim to minimise negative environmental impact using video conferencing where possible to meet with customers. We encourage use of public transport, where possible.

  Covid-19 recovery

  We have a hybrid working policy in place for our staff and support physical and mental employee wellbeing.

  Tackling economic inequality

  We promote equality in pay and other employment conditions regardless of gender or disability.

  Equal opportunity

  We have policies in place to cover equality and diversity, radicalisation and discrimination and encourage our staff to adopt the same principles both at work and in their personal lives. We offer equal career opportunities, special working arrangements. Reduced working hours, flexible work, or absences (family or care leave, sick leave, etc.) do not affect an employee’s career development.

  Wellbeing

  We work with our employees to support a good work/life balance. We also provide private healthcare and mental wellbeing services which are available through our insurers.

Pricing

• Price: £82 to £160 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at deborah.cox@fathom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.