Service Level Agreement (SLA) for the NHAIS Core System.

Document filename: NHAIS Core SLA Directorate / Programme HSCIC Project SSD Document Reference Doc-00010 Project Manager Sean Walsh Status Approved Owner Norman Raphael Version 1.9 Author Graham Ambrose Version issue date 05/07/2014 Service Level Agreement (SLA) for the NHAIS Core System.

Document Management Revision History Version Date Summary of Changes 0.1 4/4/07 First draft for comment 0.2 17/7/07 Appendices added for additional services 1.0 18/01/08 Agreed at Strategic Planning User Group Meeting (SPUG) of 12/12/07 1.1 10/03/08 Restructured for 2008/2009 to follow SSD standards and inclusion of a complaints procedure & approval given at SPUG. 1.2 30/03/09 Annual review. Approved by SPUG on 13/05/09 1.3 12/10/09 Interim review additional notes for customer responsibility in the Disaster Recover Service (Appendix B) and a change to the Group Programme director in the complaints procedure (8.3.8) 1.31 11/01/2010 Minor correction to ensure that all links are current. 1.4 08/09/10 Review - Appendix E Extended Cover amended to remove the option for weekend work and a new section (4.7) to include information about proactive PDS data quality work. PAF updates added to the product set. All links checked and updated where appropriate. 1.5 7/10/10 Section 4.7 reworded following review by the SPUG. 1.6 3/10/11 Appendix A and B - IBM platforms are only supported until 1/4/12 (existing customers have been notified). 1.7 15/11/2012 Annual Review Section 2.8.3 - New Help desk number added and an additional responsibility to send PID via NHS mail. Appendix C requirement added for written approval from Customer to receive and process PID held on backup tapes. Section 2.9 new section to clarify data controller and processor roles on occasions where data is held by HSCIC SSD for processing. Section 2,5 - reference to ISO 20000 added. Appendix B DRS amended to remove reference to terminals, include card readers plus clarification of scope and other requirements. Addition of Appendix F Hosted NHAIS Change to the complaints procedure in section 8.3 Appendix E - Extended support defined to cover Systems, Finance and ICM core applications and various minor changes 1.8 10/9/13 Annual Review - HSCIC rebranding 1.9 5/7/14 Annual review. Addition of a signature page. New Help Desk contact number. Replacement plan required for hardware over 7 years old. DR provided for up to 2 concurrent invocations of a maximum of 4 instances at one location. Page 2 of 37

Reviewers This document must be reviewed by the following people: author to indicate reviewers Reviewer name Title / Responsibility Date Version Norman Raphael HSCIC SSD National Service Delivery Manager 1/10/14 1.9 SPUG Strategic Planning User Group 8/10/14 1.9 Approved by This document must be approved by the following people: author to indicate approvers Name Signature Title Date Version Norman Raphael HSCIC SSD National Service Delivery 8/10/14 1.9 Manager SPUG Strategic Planning User Group 8/10/14 1.9 Glossary of Terms Term / Abbreviation SSD SPUG Supplier What it stands for The Systems and Service Delivery section of Health and Social Care Information Centre The Group represents all Health Authorities in England, Wales and Northern Ireland, or their successors Health and Social Care Information Centre Systems and Service Delivery Document Control: The controlled copy of this document is maintained in the HSCIC corporate network. Any copies of this document held outside of that area, in whatever format (e.g. paper, email attachment), are considered to have passed out of control and should be checked for currency and validity. Page 3 of 37

Contents 1. Parties to this Agreement and Authorisation 6 1.1. Parties to this Agreement 6 1.2. Authorisation 6 2. About this Document 7 2.1. Summary of Agreement 7 2.2. Agreement Principles 7 2.3. Audience 7 2.4. Content 7 2.5. Roles 7 2.6. Validity and Review of this Agreement 7 3. Service Description and Specification 8 3.1. Service Description 8 3.2. Service and Configuration In Scope 8 3.3. Service and Configuration Out of Scope 9 3.4. Help Desk 9 3.5. Service Support and Service Delivery Processes 9 3.6. Performance Targets 9 3.7. Reporting 10 3.8. Roles and Responsibilities 10 3.9. Data Processing data controllers and processors 13 4. Service Availability 14 4.1. Hours of Support Operation 14 5. Support Arrangements 15 5.1. Incident Management 15 5.2. Incident Categorisation 15 5.3. Incident Resolution 16 5.4. Performance Targets (Response and Fix) 16 5.5. Incident Escalation Procedures 16 5.6. Problem Management 17 5.7. Data Quality 17 6. Change Management and Control 18 6.1. Change Requests 18 6.2. Configuration Management 18 7. Service Cost and Charging Arrangements 19 7.1. Service Cost 19 7.2. Additional Service Costs 19 7.3. Charging and Funding Process 20 8. Service Management Board (SPUG) 20 Page 4 of 37

9. Terms and Conditions 21 9.1. Communication 21 9.2. Changes to Agreement 21 9.3. Complaints Procedure 21 9.4. Contract Escalation and Arbitration 22 10. Appendix A Unix Support 23 10.1. Scope of Service 23 10.2. Exclusions 23 10.3. Customer Responsibilities 24 11. Appendix B Disaster Recovery Service 25 11.1. Scope of Service 25 11.2. Exclusions 25 11.3. Inclusions 25 11.4. Continuity Recovery Services 25 12. Appendix C File Backup Verification 31 12.1. Scope of Service 31 12.2. Customer Responsibilities 31 13. Appendix D System Shadowing Service 32 13.1. Scope of Service 32 13.2. System Management 32 13.3. Exclusions 32 13.4. SSD Responsibilities 32 13.5. Customer Responsibilities 33 13.6. Invocation of Shadowing Service 33 14. Appendix E Extended Cover 34 14.1. Scope of Service 34 15. Appendix F Hosted NHAIS Solution Service 35 15.1. Scope of Service 35 15.2. Business Benefits 35 15.3. Customer Responsibilities 35 15.4. SSD Responsibilities 35 15.5. Service Availability details 36 15.6. Help Desk 36 15.7. Performance Targets 37 15.8. Service Out of scope 37 15.9. Service Reporting 37 15.10. Security 37 15.11. Pricing 37 15.12. Termination 37 15.13. Further Details and Contacts 37 Page 5 of 37

1. Parties to this Agreement and Authorisation 1.1 Parties to this Agreement This Service Level Agreement consists of the following parties: Strategic Planning Group representing NHS England, and Health and Social Care Information Centre Systems and Service Delivery. 1.2 Authorisation Agreed on behalf of the Strategic Planning Group Sign: Date: Print Name: Agreed on behalf of Systems & Service Delivery Sign: Date: Print Name: Sean Walsh, HSCIC, Systems and Service Delivery Page 6 of 37

2. About this Document 2.1. Summary of Agreement This document is the Service Level Agreement between The SPUG and Health and Social Care Information Centre Systems and Service Delivery for the support and delivery of the NHAIS Core Service and additional associated dependant services. The Agreement forms part of a suite of documentation which, collectively, underpins the management and delivery of the NHAIS Core Service. 2.2. Agreement Principles The following principles underpin this Agreement: This Agreement is to be managed and administered by both the SPUG and Health and Social Care Information Centre Service Management. The SPUG and Health and Social Care Information Centre Service Management will assess and present proposals for major change to this Agreement to the SPUG for approval. 2.3. Audience This document has been written for internal use within SSD and for NHS staff using the NHAIS system. 2.4. Content This document comprises the standards and levels of service to be provided by the Supplier and other associated parties. 2.5. Roles The following roles are identified and referenced throughout this document: Title National Service Delivery Manager Service Delivery Manager (Eastern) Service Delivery Manager (London) Service Delivery Manager (North, North West and Northern Ireland) Service Delivery Manager (West Midlands and Isle of Man) Service Delivery Manager (Southern) Service Delivery Manager (Wales) Name Norman Raphael Mark Hillman Saghir Akbar Graham Ambrose Clare Westrop Phil Moores Mike Hogan 2.6. Validity and Review of this Agreement A structured review will take place annually to evaluate and prove the performance and appropriateness of the Agreement. Any changes proposed and agreed will then be implemented at that time by the parties. Page 7 of 37

3. Service Description and Specification 3.1. Service Description The provision of support and maintenance of the applications and associated technical infrastructure that are defined herein as the NHAIS Core Service. The Service includes: Provision of qualified technical resources to undertake application support and development; Provision of a Help Desk for the receipt and processing of User Incidents; Provision of qualified technical and service management personnel to monitor, measure, report and administer the performance of the Service; and Provision of a Change Management process, including a standard for minor modifications and enhancement. The following additional services rely on the provision of the NHAIS Core Service and hence are also covered by this document: Unix Support (see Appendix A for additional details, variances and exceptions) Disaster Recovery (see Appendix B for additional details, variances and exceptions) File Backup verification. (see Appendix C for additional details, variances and exceptions) System Shadowing Service (see Appendix D for additional details, variances and exceptions) Extended Support (see Appendix E for additional details, variances and exceptions) Hosted NHAIS Solution Service (see Appendix F for additional details, variances and exceptions) 3.2. Service and Configuration in Scope Health and Social Care Information Centre undertakes to provide support services in relation to the NHAIS Core System Product Set listed below. Full details of functionality of these products can be found in the Product and Service Descriptions available at http://systems.hscic.gov.uk/ssd/prodserv / or from your designated Service Delivery Manager. A full range of support services is provided for this product set, from installation of new software through to preventative maintenance, ad-hoc training and day-to-day telephone support. The terms of the agreement and full details of the services included together with all exclusions are described in this document. Core System Product Set Registration Finance NHS Health Check Cervical Cytology Screening Breast Screening Independent Communications Manager (ICM) HA / GP Links HA / Pathology Laboratory Links HA / Breast Screening Office Links NHS Central Register Organ Donor / Blood Donor Page 8 of 37

Organisation Links Systems Software PAF updates 3.3. Service and Configuration Out of Scope Meetings requested by Customers relating to projects outside the scope of the core system may be chargeable in addition to normal support services (eg, where general technical advice or consultancy is required but it is unrelated to core system functionality or any links with it). Weekend working is excluded. Where the SSD Service Delivery team require assistance from a third-party to resolve a problem, the fix time targets may no longer be applicable. The Supplier is not responsible for contacting third-party organisations in respect of hardware or software for which no contract has been purchased from the Supplier. Such advice and guidance may be available, subject to additional charges being levied. The Supplier does not provide support for printer hardware, printer cables or printer sharing. Fix times on NHAIS core system software where unauthorised software has been installed against the advice of the Supplier. Charges for licences for third-party software elements (eg, Unix, Cache etc). Guaranteed installation times for application or systems software where the length of time is proportional to the content and complexity of the installation. Installation of operating system software (eg, Unix) can be undertaken via the Unix Support Contract subject to additional charges being levied. 3.4. Help Desk The Help Desk service will be carried out from Supplier offices and will undertake call handling, incident categorisation, incident escalation to technical teams, and user communication activities. The Help Desk will utilise the Supplier s standard incident logging database application which has been adapted specifically for this purpose. 3.5. Service Support and Service Delivery Processes The processes to be used for Service Management will be in conformance with the requirements of ISO/IEC 20000 and will, as far as practicable, utilise ITIL best practice. 3.6. Performance Targets This Agreement includes a number of performance targets (see section 4.4) for the provision, delivery and measurement of service performance. Performance targets are to be used positively, as a means of identifying both good service performance, and areas of weakness where management effort and pressure should be applied. The setting of performance targets will be identified and agreed at the SPUG, initially during, and as part of the evaluation of this Agreement. Subsequent reviews and updates to performance targets will be agreed at the SPUG, based upon analysis of historic service performance. The period of calculation of performance targets will be monthly. The method of calculating performance targets will be determined by the process to be Page 9 of 37

measured, e.g., incidents passing through the Help Desk service will be measured from statistics produced by the Help Desk application. Specific performance target measurement methods will be discussed and agreed prior to the issue of this Agreement. The Service review process within this Agreement will set out the process for managing and amending performance targets, appropriate to the levels of performance displayed under this Agreement. 3.7. Reporting Monthly NHAIS Core SLA Statistics are published at the following location: http://systems.hscic.gov.uk/ssd/sdm/service-reporting These reports are produced from HP Open View and include Response and resolution against the SLA targets (national). Trend Analysis. Additionally, on request: A monthly report of calls together with priority, resolution and closure description can be sent to individual customers. 3.8. Roles and Responsibilities 3.8.1. The SPUG Role and Responsibilities The SPUG will carry out the following roles and responsibilities: Party to this Agreement; In partnership with the Supplier: Take ownership for the lead delivery of the Service; Forecast Service delivery and associated capacity management with the Supplier; Undertake to review Service performance; Escalate live or potential issues and problems with Service delivery and performance; Undertake performance management of this Agreement with the Supplier, including operational reviews: Change Management, Service Review, Escalation; Working with the Supplier and other appropriate bodies to plan for long term future of the service including the impact of the implementation of initiatives supporting the NHS reorganisation and future business requirements. 3.8.2. Supplier Role and Responsibilities Party to this Agreement; Assign a Service Delivery Manager for each customer who will be responsible for day-to-day Service delivery management; Undertake performance management of this Agreement, including operational reviews: Change Management, Service Review, Escalation; To provide Help Desk staff to take calls during the service hours; To provide an answer-phone service to record calls outside normal working hours; To make Service Delivery staff available to support all product areas during the service hours; To allocate calls with an initial priority via discussion between the Help Desk and the Customer; Page 10 of 37

Second-line support staff to verify the initial priority set at the Help Desk, via discussion between Service Delivery personnel and the Customer, and offer an initial assessment of the time it will take to resolve; To deal with calls raised with the Help Desk in line with the priorities and response rates indicated below; To ensure that a call remains open until a satisfactory resolution has been reached in agreement with the customer; In the event that a customer is unavailable and two attempts have been made to contact the caller, Service Delivery staff will close the call. If this is the case a message will be left with someone at the customer's office and an email sent to the caller; To notify all Key Users of any problem or issue that may significantly impact their business and, where applicable, update the software; To provide follow-up communication providing detail of resolution to the problem/issue identified above; To provide communication about call resolutions by telephone, fax, email or post as appropriate. Relevant information will also be posted on the internet at: http://systems.hscic.gov.uk/ssd/newsletters. To administer the change request process for enhancements or amendments to application software as described at http://nww.hscic.gov.uk/nhais/cr; To provide third-line staff for the resolution and fixing of software problems; To undertake planned remote checks for the purposes of preventative maintenance. To undertake site visits if necessary to resolve calls raised with the Help Desk and to endeavour to attend within 2 hours. To undertake planned site visits to provide ad-hoc advice and guidance or agreed NHAIS system upgrades or other work as agreed with the Service Delivery Manager; To provide details of any prerequisite requirements for installation work at least 5 working days prior to the work being planned; To undertake the installation of new application or systems software (on site if necessary) at a time mutually agreed with the customer; To provide representation at national, regional/cluster and local user groups and associated meetings relevant to the core system software with the aim of maintaining close working relationships and providing technical advice to support decision making; To ensure that no member of staff makes unauthorised access to a computer or makes unauthorised changes to the programmes/data; To ensure that all staff are fully briefed in their responsibilities under the Data Protection Act 1998 as it relates to the processing of information relating to individual people covering the obtaining, use, storage or disclosure of such information; To ensure that all staff complete the IGTT modules and comply with the provisions of the Data Protection Act (1998), including related Caldicott Guardian principles, and the Computer Misuse Act (1990); To ensure that all staff operate under the good practice included in the Health and Social Care Information Centre security policy in particular to its provisions relating to Computer Viruses; To recover application access or data from backups in the event that such action is required as a result of activity by Service Delivery personnel; Page 11 of 37

In the investigation of incidents, advice may be offered on the root cause of the problem should it lie outside of the application software, although the responsibility for fixing this remains with the User; and Working with The SPUG and other appropriate bodies to plan for long term future of the service including the impact of the implementation of initiatives supporting the NHS reorganisation and future business requirements. 3.8.3. User Responsibilities (for information and reference only relating to this Agreement) To raise all requests for support services with the Supplier Help Desk by telephone on 0300 3034034 or via e-mail (Exeter.Helpdesk@hscic.gov.uk); The following information will be requested by the Help Desk: Name of individual; Name of organisation; Organisation code; Telephone number of individual; Email address of individual; Subject heading (e.g. NHAIS); Details of Incident; and Incident category requested (if applicable). To complete any prerequisite work for installations within the stated time prior to the installation. In the event that prerequisite activities are incomplete when a member of the Service Delivery team arrives to undertake the work, additional charges may be levied due to the inconvenience of them not being able to carry out the planned task. Not to install software which could affect NHAIS applications, without first seeking authorisation from the Supplier. To provide a minimum of 2 working days notice prior to cancelling or rescheduling pre-planned visits. Late notification of cancellation or unavailability of key personnel on a scheduled visit may result in additional charges being levied if activities subsequently need rearranging or if visits need to be rescheduled. To be responsible for any loss or corruption of data or malfunction of the live system, caused by the use of Programmer Access by any PCT/agency staff. The rectification of such loss or corruption falls outside ALL normal support agreements with the NHAIS support service provided by the Supplier. To utilise the Change Request process administered by the Supplier to request any software changes - for details refer to: http://nww.hscic.gov.uk/nhais/cr To ensure that new members of staff receive appropriate and relevant application or systems administration training prior to using the core software and are made aware of the available electronic and hard copy documentation and help files. To allocate the function of Key User to a named individual to undertake the responsibilities outlined in the Key User Responsibilities document: http://nww.hscic.gov.uk/nhais/prodservs To allocate the function of System Administrator to a named individual to undertake the responsibilities outlined in the Key User (System Administrator) Responsibilities document: http://nww.hscic.gov.uk/nhais/prodservs Page 12 of 37

To ensure that the Supplier is notified of any changes in personnel carrying out Key User or System Administrator roles. To maintain details of personnel on the NHAIS Contacts Database noting that inaccuracies herein may cause delay in the resolution of incidents, especially where these concern PDS data quality. To provide any special requirements for site visits to the Service Delivery Manager at least 1 calendar month prior to the scheduled visit. This is so that any necessary rescheduling of Service Delivery staff can be undertaken to meet the customer's request. To ensure all necessary licensing and support arrangements are in place for 3rd party software. To ensure any prerequisite activities have been completed prior to Service Delivery personnel attending to carry out implementation work. To obtain printer control sequences for the set up of new and existing printers from the supplier of the printer and to retain these for future reference. To ensure that printers are correctly configured on the network and are accessible from the NHAIS system and that the printer configuration / emulation settings are correct in relation to the setups as recorded on the P1 and P2 screens. Prior to any problems being reported, a successful test print should have been produced (e.g., through the use of the P1 screen facility). NHAIS support will investigate problems beyond the test print. In the event support is required with other issues concerning printers, it may be possible to provide additional assistance on a consultancy basis. This will be chargeable on a time and materials basis to the nearest half day and a successful outcome is not guaranteed. The Key User should arrange such help with their Service Delivery Manager. To read, note and action the report from the monthly planned remote site checks. Customers should ensure that any personal data sent to SSD during the investigation and resolution of incidents is sent securely via NHS mail. 3.9. Data Processing data controllers and processors The following information defines the roles and responsibilities around data ownership and control where such data is sent to HSCIC SSD for processing tasks related to this service (e.g. FBV, DRS, ad-hoc processing requests, software development testing and incident investigation and resolution). There are two distinct roles in relation to personal data; that of the data controller and that of data processor. The data controller (FHS Agency or PCT) determines the purpose for and manner in which personal data is processed. They have responsibility for compliance with the Data Protection Act 1998 including the protection principles, for responding to subject access requests and directing their data processor. The data processor (HSCIC SSD) processes personal data on behalf of and as directed by the data controller. Processing data means obtaining, holding or recording data, carrying out disclosure, retrieval, consultation, organisation or erasure of data on behalf of the data controller. HSCIC SSD is responsible for ensuring adequate physical and logical security arrangements for the data in storage and in transmission. HSCIC SSD also provides the framework for access control under direction from the SPUG (as representatives of the data controllers). Page 13 of 37

4. Service Availability 4.1. Hours of Support Operation Mondays to Fridays excluding English and Welsh Public Holidays Core Standard Enhanced (upgrade) Extended Cover Hours 9.00 am - 5.00 pm 8.00 am - 5.00 pm 5.00 pm - 10.00 pm Site Visits per core system 3 per annum + 12 remote checks 7 per annum + 12 remote checks Purchased at extra cost Service Delivery support personnel will be available to work on calls or undertake site visits during these hours. Out of hours or weekend work can be made available under the terms of the Extended Support Service. For full details of the Enhanced upgrade or Extended Cover service please contact your Service Delivery Manager. Page 14 of 37

5. Support Arrangements 5.1. Incident Management 5.1.1. Help Desk Service The Help Desk service is the first point of contact for users to raise requests for technical help and support affecting the service. Its primary responsibility is to handle user requests for assistance where it is believed the application is not operating according to its agreed specification. Incident handling and management is the Help Desk s primary service delivery activity. The Help Desk service will carry out the following functions for Incident Management: Maintenance of overall ownership of the user relationship for incident handling; Incident receipt and handling, using pre-agreed introductions and greeting; Incident diagnosis, using appropriate questioning techniques to identify and define the nature of the incident; Incident categorisation, through the understanding of the actual or potential IT (users business) impact. The available categories are 1 through to 4, with 1 being the highest priority; Incident logging, using the incident logging database application to record the required amount of data and information appropriate to assist in the identification and resolution of the incident; Incident definition, through understanding as much data and information surrounding the nature of the incident as possible, which will assist in the resolution activities by support personnel; Attempt at incident resolution: if the incident can be diagnosed and resolved within the Help Desk, without additional technical resources assisting, this will be attempted, and confirmed as satisfactory by the user; the incident record will then be closed; Advising the user of the intended course of action required to progress and resolve the incident, (eg, assigning the incident to the 2nd or 3rd level support team), and notifying them of the incident reference number; Identifying the most appropriate team (2nd or 3rd level support) as appropriate, which possess the required level of expertise with which to diagnose and resolve the incident; Assigning the incident on the incident logging database to the appropriate team personnel; As requested by the user, provide an update regarding the incident s progress once transferred to a 2nd or 3rd level support team. 5.2. Incident Categorisation Incidents handled and logged by the Help Desk using the incident logging database application are assigned categories, identified by the impact, or level of inconvenience, asserted by the incident. The incident category is assigned by the Help Desk based on information imparted by the user at the time the call is taken and initially analysed. The incident category may be requested or challenged by the user, in which case the incident will be categorised / prioritised according to the wishes of the customer. This deviation to normal logging would be recorded in the incident log. If the support team subsequently believes that a different category or priority should be used, they will negotiate with the Page 15 of 37

user accordingly. All calls are dealt with in order of category allocation. Incident categorisations, and target response and resolution timescales are as detailed in the below table: Priority Maximum Response Target Maximum Resolution Target Examples 1 30 minutes 8 hours Unavailability of the entire system, a key module or major function, causing significant business impact. 2 1 hour 8 hours Unavailability of the entire system, a key module or major function, causing limited business impact. 3 2 hours 5 working days Problems causing inconvenience, minor disruption or restricting performance. 4 4 hours As agreed Non urgent problems causing slight irritation but where workarounds are available; integrity checkers; cosmetic or general enquiries for information. 5.3. Incident Resolution Resolution of the incident should be undertaken by the most competent and qualified individual or group (Help Desk, 2nd or 3rd level support), with the appropriate levels of skill, knowledge and experience. The support team staff will use the incident logging database application as the priority means of entering, accessing and updating data and information on the nature and extent of service incidents and problems. These records should be as up to date as possible, detailing the history of incidents and problems, and acting as an audit trail for the calculation and assessment of performance targets and overall service performance. Incident analysis, cause identification and resolution will take place within the HSCIC SSD support team. The closure of an incident record will occur once the user has confirmed satisfactory resolution. 5.4. Performance Targets (Response and Fix) The following performance targets apply to Incident Management 98% of reported support calls to be responded to within target 90% of reported support calls to be resolved within the target 5.5. Incident Escalation Procedures Incident Escalation is the process of communicating information on an Incident, or other live operational service issue for the purpose of raising its profile, and requesting senior management attention and/or intervention. If the customer requires an update on an incident or is not happy with the progress of an incident they may: Contact the Help Desk requesting escalation of an incident Page 16 of 37

Contact the relevant Service Delivery Manager 4.5.1. Documentation To aid the support of the Service, a suite of documentation will be used by the Supplier, which is stored both electronically and in paper form. During the development and implementation of the Service, draft documentation will be subject to an approvals process to ensure it is fit for support purposes. All documentation will have a designated owner, together with a process for requesting and making changes to text, under version control. Draft and approved documentation will be made available and accessible to appropriate personnel nominated to provide support to the Service. 4.6. Problem Management SSD will undertake Problem Management which is the process of analysing and resolving the root cause of one or more similar incidents or a single significant incident and can be both reactive and proactive. Problems may be identified from the analysis and trends of incidents raised by the customer. (See section: 4.1.1 Help Desk). 4.7. Data Quality SSD development and support staff may occasionally have a need to access NHAIS systems to undertake proactive data quality work. For instance a routine analysis job is run weekly on all systems to produce a trend analysis of data discrepancies between NHAIS and the PDS. This (and similar ad-hoc activities) help identify issues with particular GP Practices, facilitate investigations where there is evidence of practice systems incorrectly updating patients on the PDS and assist in correcting the PDS data. Overall such system accesses are made with a view to improving the quality of patient data on the PDS, such that for the most part, the PDS data reflects that stored on NHAIS agree. Where appropriate, one of the major uses of the output from these activities will be in applying pressure to GP System Suppliers to fix or enhance their system functionality. For the most part, the system access will be invisible to the users and certainly any reports will be set to run out of hours. As such system owners are unlikely to be aware of the work although very occasionally it is possible that such a job could clash with predefined system activities and cause some minor inconvenience. Page 17 of 37

5. Change Management and Control Change Management and Control is the process of identifying, assessing, communicating and implementing proactive and reactive change to the IT Infrastructure. It is a businesscritical Service Management process that assures the integrity of the IT Infrastructure, and protects its operation, design and performance, for the benefit of Users and this Agreement. 5.1. Change Requests The change request process is documented on the SPUG web pages: http://nww.hscic.gov.uk/nhais/cr 5.2. Configuration Management Configuration Management is the means to effectively manage the components of the IT Infrastructure, and is an integral link to overall service management. The configuration of the IT Infrastructure will be identified, recorded, managed and maintained by the HSCIC SSD. Configuration Management databases shall be the main repository for the storage of the IT Infrastructure s configuration owned and maintained by the HSCIC SSD. Changes to the Configuration Management databases shall be made, primarily, following the implementation of a change. Page 18 of 37

6. Service Cost and Charging Arrangements 6.1. Service Cost The cost elements for the service are identified and agreed between customers and their local Service Delivery Managers and documented in the Contract Schedules. Recurring charges for subsequent years will include inflationary uplift. 6.2. Additional Service Costs Where additional service costs are anticipated or likely to be incurred over-and-above the obligations and cost schedule set out in this Agreement, the following process will apply, either reactively or proactively, according to operational circumstances: Customer Identification: The nature of the service to be delivered is documented as a request in an appropriate format by the SPUG and submitted to the National Service Delivery Manager, including: Description of service required; Reason for service requirement; Timescales service required within Benefits of service to be provided; Budgetary parameters and tolerance for service to be provided; Whether service change is permanent or temporary. The National Service Delivery Manager will acknowledge the request and confirm the delivery of the service, together with appropriate actual or estimated costs, and timescales. The Parties will decide the outcome of the request, and implement/reject as and where appropriate. Supplier Identification: Note: this process is separate to that of implementing an emergency change, where requests for financial assistance form part of the Minor Modifications process. The nature of the service to be delivered is documented as a request in an appropriate format by the National Service Delivery Manager and submitted to the SPUG, including: IT Infrastructure configuration item affected; Reason/Justification for service requirement; Timescales service to be delivered within; Benefits of service to be provided; Estimated additional service cost; Recommendations on permanent or temporary service change; Timescales financial agreement required within. The SPUG will acknowledge the request, and confirm satisfaction or otherwise with its outline, together with providing, or otherwise, the necessary financial authorisation. The Parties will decide the timetable for the request to be implemented/rejected as and where appropriate. If the delivery of additional services affects or causes to affect the achievement of Performance Target(s) within this Agreement, prior identification or exclusion of the Target(s) will be discussed and agreed by the Parties. Page 19 of 37

6.3. Charging and Funding Process Contract Schedules will be agreed with individual customers and invoices will be issued annually by the supplier for the agreed elements. All charges identified are exclusive of Value Added Tax which will be charged at the appropriate rate. 7. Service Management Board (SPUG) The Strategic Planning User Group (SPUG) is a sub-group of the Strategic Planning Group (SPG). The Group represents all PCTs/Agencies in England, Wales and Northern Ireland, or their successors - the main responsibilities of the Group are to: Act as the Service Management Board for the NHAIS service. Be responsible for the ownership and monitoring of the NHAIS service which includes the SLA, the monitoring of the minor modifications fund and to agree the content and funding of the Group's work programme through a voting system; Negotiate with the Strategic Planning Group funding of major developments where appropriate; Represent the views of users as a whole and to disseminate information on Group activities to users through the regional representatives. This section of the Health and Social Care Information Centre Web Site provides a view in on the workings of this group. http://nww.hscic.gov.uk/nhais/spug; Page 20 of 37

8. Terms and Conditions 8.1. Communication This Agreement will be copied and made available to all staff who will have authority and responsibility to deliver the services specified within it. It should remain a priority point of reference for all staff. Where and when appropriate, supporting documentation will be produced by either Party to emphasise and expand upon the obligations each Party has agreed to provide. This could include the construction of appropriate processes and procedures, and/or the updating of existing processes and procedures to meet the requirements of this Agreement. 8.2. Changes to Agreement Day-to-day or operational changes to this Agreement can be proposed at any time, in writing, by either Party with a minimum of 1 month s notice. Major changes to this Agreement will be proposed and discussed at the SPUG, with a decision made at the time on its approval or rejection. If further analysis is required in order to make a decision, an action will be identified and taken forward for resolution at the next SPUG. The content of proposed changes to this Agreement will be as follows: Submitter details, etc. General description of the change, and the area/section of the Agreement affected; Brief benefits of the change; Actions required to effect the change, together with roles and responsibilities; Impact of change on any historic data and information analyses, e.g. change of performance targets, and existing processes and procedures; and The estimated (if possible) financial impact of the change, e.g. on Service cost, or effort to administer the Agreement. For each change proposed it will be necessary to understand if a baseline in service delivery will be necessary, in order to track and measure corresponding change in the performance of the Parties. This may take the form of selected data and information, but each proposal must be agreed by the Parties prior to decisions being made. The process for identifying and agreeing additional Service costs is specified within section 9.2 (Additional Service Costs). 8.3. Complaints Procedure 8.3.1. Complaint Circumstance Where a customer or user is not satisfied with the service or support provided by SSD through the usual channels of the SSD Help Desk or escalation to the responsible Service Delivery Manager, they have the option of raising a formal complaint. 8.3.2. Complaint Format Complaints should be written and submitted as an email or letter, outlining the situation and the basis of the complaint. 8.3.3. Complaint Recipient By mail to the HSCIC SDD National Service Delivery Manager Norman.Raphael@hscic.gov.uk Page 21 of 37

Or by post to: Norman Raphael National Service Delivery Manager Systems and Service Delivery Hexagon House Pynes Hill Exeter Devon EX2 5SE 8.3.4. Complaint Acknowledgement An acknowledgement will be returned within 2 working days of receipt of the complaint using the same media as the original complaint (ie, by email or post). 8.3.5. Complaint Resolution SSD will seek to resolve the complaint to the satisfaction of the complainant within 20 working days of the receipt of the complaint. 8.3.6. Complaint Escalation If the complainant is unhappy with the manner in which the complaint has been dealt with or resolution of the complaint they may escalate the issue to the HSCIC SSD Director (Sean Walsh) at the above address or by email to: sean.walsh@hscic.gov.uk 8.4. Contract Escalation and Arbitration The performance of this Agreement will ultimately be administered and governed by the authorised signatories. If it is necessary to escalate any aspect of either Party s obligations or performance under this Agreement, an escalation route is available as means of arbitration, and to achieve a mutually acceptable solution or decision. The escalation route should only be used as a means to highlight or raise the profile of a particular service delivery issue, should all other opportunities fail. At the point where it is agreed between the signatories that decision or solution to a service issue cannot be resolved within normal means, details of the issue should be escalated to their immediate line managers, dependent upon the nature and context of the issue. Liaison should be undertaken with the escalation point to discuss the circumstances surrounding the issue, and aim to achieve a satisfactory conclusion, including consensus on decision, and action plans. Where it is appropriate to escalate an issue external to the Supplier, one or both of the signatories will communicate directly, as appropriate. It will be the responsibility of the signatory to achieve and reach a satisfactory conclusion to the issue, and communicate, as appropriate to personnel involved in the delivery of this Service. Page 22 of 37

9. Appendix A Unix Support 9.1. Scope of Service The Unix Support service is only available to customers running the 'NHAIS' application (including ICM) on HP PA-RISC & Itanium platforms and for the current manufacturer's (Hewlett Packard) supported version(s) of Unix. A replacement plan should be in place for any hardware over 7 years old. Should the manufacturer discontinue support of a particular UNIX version it will be the customer's responsibility to organise an upgrade to the appropriate supported version with guidance and support from SSD. Under the terms of the agreement, Support Team staff will install shell scripts that enable menu driven administrative functions for start-up/shutdown and access to the NHAIS application along with scripts for automated daily backup of the NHAIS system. The Unix Support service includes monthly capacity monitoring of both the Unix environment and the NHAIS application. The customer will be advised accordingly of any preventive action that may be required. The Unix Support service includes basic performance monitoring for the purpose of identifying one-off performance related issues by agreement with the customer. The Unix Support service provides a 'virtual' Systems Administrator role to customers including: Installation of Unix release level upgrades and patches (excluding supply of media) to effect O/S software upgrades or maintenance level fixes to release level versions of the O/S. software as appropriate. One 7.5 hour man-day per annum is allocated under this SLA for such upgrades and where necessary, any additional requirement will be charged at prevailing SSD man day rates pro rata for a 7.5 hour day including any travel-time incurred and subsistence charges if appropriate. Initial investigation of any problems related to the Unix software environment hosting the core NHAIS system. The need to call for a hardware engineer will be recommended to the customer where appropriate. File system management and maintenance as appropriate to ensure efficient use of storage capacity and effective organisation of directories and files. User configuration as appropriate and in accordance with customer requirements. The Unix Support service also includes advice and guidance on: Memory management. Hardware faults including liaison with engineers and/or maintenance contractors on the customer's behalf to progress recovery from a fault. 9.2. Exclusions Upgrade of microcode for system hardware is not offered in this agreement. Advice and work related to purchase of and installation of new machines or machine relocation is not included under the terms of this agreement. Such work will be chargeable at prevailing SSD man-day rates pro-rata for a 7.5-hour day including travel time and subsistence where appropriate. Unix support will be refused where non-ssd software is installed without the prior knowledge of the SSD. All remedial work necessary to rectify any impact on SSD developed software or applications arising directly from third-party actions or third-party software installation will be charged at prevailing SSD man-day rates pro-rata for a 7.5-hour day including traveltime and subsistence where appropriate All remedial work undertaken by the SSD to rectify problems deemed to be impacting upon the customer's 'business' and subsequently established to be arising directly from Page 23 of 37

third-party actions and/or software installations, will be charged at prevailing SSD manday rates pro-rata for a 7.5-hour day including travel-time and subsistence where appropriate. Advice and work on tasks to implement System Shadowing is not included under the terms of this agreement. The SSD System Shadowing service is optionally available and separately chargeable. See System Shadowing Service (Appendix D). 9.3. Customer Responsibilities The customer is responsible for the purchase costs of any patch and release level upgrades as may be required by the manufacturer. The customer is responsible for the arrangement of any release level upgrade as soon as they are notified of a pending cessation of support from the manufacturer of a version they are currently running. The customer should ensure that any pre-requisites for a software installation, for which they are responsible, are completed in ample time for the installation. Any upgrade cancelled as a result of pre-visit actions not having been taken will also be subject to recharge at prevailing SSD man day rates pro-rata for a 7.5 hour day including any traveltime incurred and subsistence charges if appropriate. The customer must provide a minimum of 5 working days notification in order to cancel or reschedule pre-planned visits. The customer is responsible for consulting SSD with regard to the installation of any proposed new non-ssd application or non-approved hardware and to reach agreement in writing with support staff on any potential impact of its installation on the use of SSD software. The customer is responsible for the loss or corruption of data or malfunction of the 'NHAIS application (including ICM) caused by the customer using 'Super User' mode access. Any remedial work required to correct such corruption/malfunction will be subject to re-charge at prevailing SSD man day rates pro-rata for a 7.5 hour day including any travel-time incurred and subsistence charges if appropriate. The customer is responsible for making 'Super User' access available to support staff as and when required to carry out this Agreement. The customer is responsible, if applicable, for having a current Unix maintenance contract or equivalent at the minimum of "basic level" with their Unix supplier to ensure that the customer receives regular updates. The customer is responsible for ensuring there is a hardware replacement plan in place for any hardware over 7 years old. The customer is responsible for granting access, where necessary, to specialist technical personnel such as those employed by proprietors of the installed Unix and Cache software. The customer accepts full responsibility for any consequences arising from the refusal of such requests. The customer is required to back up the Unix system, at a minimum quarterly interval, and on an ad-hoc basis as requested by SSD Support Staff both prior to and following any system upgrade activity. Page 24 of 37

10. Appendix B Disaster Recovery Service 10.1. Scope of Service SSD offer a Disaster Recovery Service (DRS) for customers utilising the NHAIS System. In the event of a disaster, the service would help to keep the customer's NHAIS core business running. The service provides disaster recovery for up to 2 concurrent invocations of 1 NHAIS instance (system/site) per geographic location for up to 6 weeks. The service can be tailored to match the scale of a disaster, from the loss of a processor to the total loss of equipment and personnel space. The DRS Service is not applicable for customers using the System Shadowing Service. The service can be provided for a second and any subsequent NHAIS instances up to a maximum of 4 instances co-located at single geographic location (site) at an additional charge. This service provides for: The provision of one Disaster Recovery invocation or assistance in each financial year. If the customer needs to invoke this service more than once annually, then charges will be incurred on a time and materials basis. The duration and approach of the service are detailed later in this document. The opportunity for the customer to perform an annual test of the service from any one of four designated HSCIC Recovery Centres, these being at Exeter, Redditch, Leeds and Newcastle. Note: the London Office location is not currently available due to space limitations. Should this situation change in the future, Customers will be informed. 10.2. Exclusions The Disaster Recovery Service will not be invoked for hardware that is not covered by a maintenance contract. The Disaster Recovery Service will not be invoked for short-term technical difficulties that are likely to be resolved within a period of 48 hours. The Disaster Recovery service is NOT intended to cater for disruption due to planned equipment maintenance, hardware movement to an alternative site, hardware or software upgrades, program failure, database corruption or short term equipment failure. 10.3. Inclusions The Disaster recovery service is only available to customers running the NHAIS (Exeter) application (including ICM) on HP PA-RISC & Itanium platforms and for the current manufacturer's (Hewlett Packard) supported version(s) of UNIX. Should the manufacturer discontinue support of a particular UNIX version it will be the customer's responsibility to organise an upgrade to the appropriate supported version. 10.4. Continuity Recovery Services Each centre provides accommodation for up to ten key staff to maintain the major NHAIS core business functions. Equipment will be made available which will assist business Page 25 of 37

continuity. The DRS Service includes the use of a Continuity Recovery Centre for a period of up to three weeks in duration. However, an extension to this can be negotiated between the Customer and HSCIC. 10.4.1. Annual Test SSD invites the customer to undertake an attended annual Disaster Recovery test from a HSCIC Recovery Centre. The customer can arrange for a limited number (max 3) of personnel to attend the test at the recovery centre. The annual test automatically provides a restore, verification and validation of the customer's system and provides the customer with an opportunity to test their Disaster Recovery procedures and establish responsibilities. Alternatively, if preferred, the customer can undertake an unattended test whereby no customer personnel need to physically attend. In such a case, a full test is undertaken by SSD personnel, full recovery functionality is tested and, on successful completion, a DR Test Confirmation letter sent to the customer for Audit purposes. 10.4.2. Testing Procedures The HSCIC will provide the following for the annual test: The Central Computer (Host UNIX machine with appropriate hardware) PCs (Up to ten PC s for desktop applications, for use by customer's key staff to provide access to N3 and provision of Card-readers) Printers (Line printers are available within the Recovery Centre and the Exeter HSCIC office. PLEASE NOTE: the provision of any specialised stationery requirements, other than listing paper, remains the responsibility of the customer.) Additionally in the event of a true disaster: the re-establishment of DTS (Data Transfer Server) connectivity (ICM). SSD is unable to provide the customer with an annual test of the re-establishment of DTS (Data Transfer Server). This aspect of the service will be periodically tested internally by SSD personnel. 10.4.3. Disaster Recovery Options SSD offers four possible methods of recovery, dependent upon the circumstances pertaining to the actual disastrous incident. These options are: Transport Processor to PCT/Agency site. Build system @ Exeter, link via NHSNet/N3, users based at PCT/Agency site. (Will require VPN Router set-up and ICT attendance) Build system @ Exeter, link via NHSNet/N3, users based at Alternative site. (Assuming a prior site visit has agreed use of the Alternative site) Build system @ Exeter, link via HSCIC network to a Recovery Centre. 10.4.4. Option Details. Option (i) In the event of a customer experiencing the localised loss of their NHAIS Unix server, but their communications infrastructure remain intact, SSD can provide the Customer with a replacement Unix server for a period of up to fifteen working days, to enable Customer s NHAIS business to continue. This service option is designed and intended as a short-term solution to be used until such time as the site acquires replacement hardware. Page 26 of 37

Option (ii) In the event that the customer lose their computer facilities but retain NHSNet/N3 connection, SSD can provide the customer with a replacement UNIX server housed at an SSD recovery centre, with user access across NHSNet/N3. This option is only available if the PCT/Agency is able to provide SSD with suitable registered IP addresses. The reconfiguration of the site firewall to enable remote access remains the responsibility of the Customer. Subject to suitable hardware being available on PCT/Agency premises printing may be possible over NHSNet/N3. Note: This option is not available for the purposes of the annual test. Option (iii) As detailed above in Option (ii). However, if the Customer wishes to provide an alternative venue, this venue must have been previously notified to SSD and a detailed site survey carried out. Note: This option is not available for the purposes of the annual test. Option (iv) In the event of the total loss of the PCT/Agency premises or other disastrous system loss, SSD, utilising the latest system backup, will provide a replacement UNIX server, the re-establishment of DTS (Data Transfer Server) connectivity and accommodation for up to ten key staff at one of the following SSD offices: Redditch, Newcastle, Leeds or Exeter. 10.4.5. SSD Responsibilities On invocation of the Disaster Recovery Service, SSD will appoint a local co-ordinator, either a Service Delivery Manager or a member of the Service Delivery Team, who will: Arrange a restore of the customer's system from their last back-up media. Provide support and advice at the Recovery Centre. Provide on-going liaison with all service sources and with the customer until recovery or replacement is complete. Arrange for the restoration of the recovered system. Arrange for re-establishment of DTS connectivity both when the Disaster Recovery Service is invoked and after DRS is stood down. 10.4.6. Customer Responsibilities The responsibilities of the customer are as follows. The customer must maintain regular, accurate and effective back-up procedures and media; and must ensure the safekeeping of the most recent back-ups. SSD cannot be held responsible if the back-up supplied by the customer is nonrestorable. Note: Please see Appendix C for details of the File Backup Verification Service (FBV). The customer must notify SSD as soon as possible of any event that may cause the Disaster Recovery service to be invoked, so that SSD personnel can be put on standby. The customer must then work with SSD to establish the full nature and impact of the disaster or potential disaster. When the customer believes that a disaster has occurred or that a disaster will occur, they must receive a situation assessment and advice from SSD personnel. Page 27 of 37

The customer must then liaise with SSD to decide whether to invoke Disaster Recovery immediately or to postpone it, subject to a further situation review at an agreed time. The final decision to invoke and which option to use resides with SSD. The customer must provide the SSD with the latest successful back-up of the system when Disaster Recovery is invoked. The customer must provide the SSD with such details and information as are required to ensure a timely, effective and accurate recovery of the system. The customer must keep SSD liaison personnel up-to-date with any related issues. The customer must ensure that all hardware components are covered by a maintenance contract with their hardware supplier. SSD will not invoke disaster recovery for a system which does not meet this requirement. The customer should ensure that they have made provision for the availability of Fallback Smartcards. These allow registered users, without their Smartcard, temporary access to the Spine. The customer should register a Fallback account, create these cards and issue them through their local defined process to a named custodian. It is the custodian s responsibility to make these cards available to registered users The Customer should ensure that any specialist stationary, such as Medical Cards, are available. SSD are unable to provide any stationary other than normal listing or A4 paper. 10.4.7. Service Details SSD agrees to provide the following service under the terms of the Agreement: Invocation Stage On receipt of a confirmed request via the SSD Help Desk for the invocation of the service, SSD will liaise with other involved parties - such as key customer contacts, system maintenance contractors, etc. - and establish the full scope of the disaster. Upon establishing the nature of the disaster, SSD personnel will advise the Customer s primary point of contact on the factors to be considered, on whether the Disaster Recovery Service will be invoked and which option is likely to provide the best solution for the customer. Assistance, advice and guidance will also be offered on any technical issues highlighted in this document. If the Disaster Recovery Service is invoked at an SSD Recovery Centre, (these being: Exeter, Leeds, Redditch or Newcastle) SSD personnel will liaise with the key customer contacts to assist in providing appropriate hotel accommodation. A local co-ordinator will be assigned to deal with the requirements for the commissioning and running of the customer s NHAIS System at the designated recovery centre. Arrangements will be agreed with the customer s key personnel for the delivery of the customer s latest successful system back-up media to the appropriate SSD office (this location may differ from the Recovery Centre). The back-up media should arrive by courier as specified below, to be restored onto the emergency hardware architecture provided under this service. Implementation Stage: 1. All efforts must be taken to ensure that the delivery of the Customer s Backup media to the SSD office in Exeter is no later than 9:00 a.m. on the next working day. Page 28 of 37

2. Workstations will be provided for up to 10 customer personnel at the designated recovery centre (Exeter, Leeds, Redditch or Newcastle) with access to the customer s restored NHAIS system. The restored system will have access to printers and standard listing paper. If the affected customer requires any specific printing materials, e.g. labels, then the customer should ensure that these materials are delivered to the appropriate recovery centre. 3. If the most appropriate solution for the customer is for SSD to provide a replacement UNIX server at the customers premises then the following conditions apply a) SSD will provide a replacement system for a period of up to 15 working days. b) The customer is responsible for providing a secure environment with adequate power and cooling to ensure the integrity of the replacement system. c) The customer is responsible for providing a suitable network connection and IP addressing details for the replacement system. d) The customer is responsible for providing the backup media. e) Following the return to normal business the customer must provide SSD staff full access to recover the loan system. 4. If SSD deem that the most appropriate option for the customer is to link across NHSnet/N3 from the customer to a recovery centre then the following conditions will apply: a) The customer must supply SSD with registered IP address of any systems that will be communicating with the restored NHAIS system. b) If the customer wishes to print across NHSnet/N3 then HP Jet Direct print servers must be used and a suitable registered IP address must be supplied. c) Telnet and Jet Direct printer access are the only access methods permitted by SSD. d) The site is responsible for any network and firewall reconfiguration required at the customer site. e) The customer is responsible for the security of any data passing across NHSnet/N3. f) The customer will be responsible for the taking and storage of regular backups. g) This service option is not available as part of the annual test procedures carried out between the customer and SSD. h) If the customer wishes to use an alternative venue then this venue must have previously been surveyed and agreed with SSD. Should the customer request an alternative site survey, this may be a chargeable service. Operational Stage: 1. Whilst in SSD s possession all back-up media (both those supplied originally and those taken during the period of disaster), and any other essential computer media, will be stored in a fireproof safe. 2. Accommodation is only guaranteed for three weeks. However, depending on circumstances it may be possible to negotiate an extension. Should a time extension be negotiated, the customer may incur additional costs. 3. Regular meetings will be staged to ensure that all parties are working as efficiently as possible to provide a normal service and a return to normal operations. 4. If the customer has specific stationery requirements which cannot be satisfied by the standard print facilities, customer personnel must liaise and agree with SSD Page 29 of 37

personnel to arrange for the specific stationery and printing architecture to be delivered and initiated for use at the recovery centre. The customer may incur additional charges. 5. During the period of disaster, SSD personnel will liaise with all necessary service sources to progress the recovery or replacement of the customer s system. Frequent progress updates with the customer and service contractors will take place. 6. In the event of the Disaster Recovery service being invoked, subject to a suitable network connection being available at a customer s alternative premises, SSD will allow access to the restored system across NHSnet/N3. If this option is taken, SSD will not be responsible for the on-site configuration of any equipment, including terminals, printers and PCs. Re-instatement Stage: When the customer s site has been re-instated, tested and confirmed by SSD personnel so that a return to normal operations can be invoked, the following key tasks will be initiated: 1. All parties will agree their responsibilities and the date of re-instatement. 2. Up-to-date back-up media will be created on the recovery system, and arrangements will be made for delivery to the customer site no later than 9:00 a.m. on the next working day so that the system can be restored. Controlled decommissioning of the disaster recovery system and associated services will take place. Page 30 of 37

11. Appendix C File Backup Verification The File Backup Verification service provides customers with a comprehensive and secure audit of their backup, to help satisfy their own internal disaster recovery procedures. The ultimate test to prove a backup has worked is to restore the data from the backup media onto another system and validate that data. This is time consuming for most organisations and impossible to achieve with any regularity. File Backup Verification allows this testing to take place with minimal time constraints on the customer. 11.1. Scope of Service SSD agrees to provide the following service under the terms of the Agreement: SSD will advise the customer of the date by which the customer backup should arrive at the SSD Exeter Office. It is the responsibility of the customer to ensure that any backup tape sent to SSD has had the contents encrypted via the SSD NHAISBU backup encryption scripts. These are now the standard backup scripts for all SSD supported NHAIS systems. Additionally, all tapes/media must be sent via the Royal Mail s Special Delivery Service. SSD will perform the following functions: A total restore of the Customer System Database. Full system integrity checks (`Validate' and `Verify') on the restored database. Securely store the most recent successful backup tape and electronically degauss the previous tape and dispose of it via a specialised company or, at additional cost to the customer, the tape will be returned via Special Delivery The customer will be informed within two working hours if verification fails. SSD will advise the customer of the date for the next backup to be verified. This service is dependent on the customer utilising NHAISBU shell scripts. Other scripts may be possible for verification, at an additional charge. Where this service is required, it is the responsibility of the customer to contact the Service Delivery Manager. The backup tapes will be stored in a fireproof safe whilst in the possession of the SSD. Every effort will be made to safeguard them when they are in use. Customers will inform Bureau Services if their Backup tapes are to be returned or destroyed. Returned tapes are sent back to the Customer via Registered Mail. Tapes to be destroyed are dealt with by a specialised Company (Crown Records) and are visually destroyed on site and a certificate produced/provided to confirm destruction. 11.2. Customer Responsibilities The responsibilities of the customer are as follows. The customer must provide written authorisation to allow SSD to receive and process the PID held on the backup tapes in accordance with the scope of the FBV service. Page 31 of 37

12. Appendix D System Shadowing Service 12.1. Scope of Service SSD offers a System Shadowing Service for customers utilising the NHAIS System. In the event of a disaster, the service can be invoked to help facilitate business continuity for the customer's NHAIS operations. The System Shadowing Service is a replacement service for DRS (Appendix B) where customers have the capability to maintain a secondary NHAIS system to replicate the live system. The service provides for one instance of invocation in any financial year and any subsequent requirement to invoke the service will be subject to additional charges at prevailing SSD rates. Other aspects of the service are: Preventative Maintenance Remote checks will be made remotely on the status of the system and a report provided to the Key User detailing any action required by the site. Switchover Check - The switchover facility will be tested at the time of implementation and thereafter annually on or around the anniversary of the installation, or to coincide with other local implementation activity as required. 12.2. System Management Support is given in the management of memory, hardware and the UNIX file system. Memory Management consists of: re-configuration of the kernel, and adjustment of parameters to achieve optimum use of memory. Hardware Management consists of adding new or upgraded devices or peripherals to the operating system software configuration, in line with the supported hardware and approved peripheral list. Advice is given on hardware faults. File System Management consists of setting up a UNIX directory and file structure, and maintaining as appropriate to ensure efficient use of storage capacity and effective organisation of directories and files. 12.3. Exclusions Travel costs and subsistence costs for any invocation of the service will be charged separately. The NHAIS Shadowing Service will not be invoked for short-term technical difficulties that are likely to be resolved within a period of 48 hours. Any requirement for hardware or software upgrade for equipment installed for the purposes of the NHAIS Shadowing Service will subject to implementation charges at prevailing SSD rates. 12.4. SSD Responsibilities To provide Help Desk staff to log the initial call during the service hours detailed above. To make service delivery staff available to attend a customer s site as soon as reasonably possible following receipt of the Priority 1 call. To provide service delivery staff to run regular checks on the system as detailed in the service scope. To provide service delivery staff to undertake a switchover test on an annual basis (excepting the year of installation where the test will form part of the implementation activity). To provide contact numbers for the Incident Manager and the member of the support Page 32 of 37

team assigned to the invocation. To provide details of any prerequisite requirements for installation work at least 5 working days prior to the work being planned. To undertake the installation of new application or systems software (on site if necessary) at a time mutually agreed with the customer. 12.5. Customer Responsibilities Ensuring that appropriate system backup tapes are stored off-site for use should they be required for invocation. To raise all requests for support services with the SSD Help Desk on (0845) 3713671. To complete any prerequisite work for installations within the stated time prior to the installation. Additional charges may be levied if prerequisite work is not completed prior to a member of the Service Delivery Team arriving on site. Not to install software which could affect the SSD applications, without first seeking authorisation from SSD. The site is responsible for any network and firewall reconfiguration required at the customer site. The customer must notify their SDM as soon as possible of any event that may cause the NHAIS Shadowing service to be invoked, so that SSD personnel can be put on standby. The customer must then work with SSD to establish the full nature and impact of the disaster or potential disaster. The customer must ensure that all hardware components are covered by a maintenance contract with their hardware supplier. SSD will not invoke the NHAIS Shadowing Service for a system which does not meet this requirement. To provide a suitable location for the secondary systems in a location remote from the live boxes. 12.6. Invocation of Shadowing Service To invoke the NHAIS Shadowing Service, the Key User (or representative) should log a Priority 1 support call with the Exeter Service Desk 0845 3713671. The member of the support team picking up the call will contact the duty Incident Manager who will: Inform the appropriate Service Delivery Manager; Arrange for a support team member to attend site to undertake the switchover process; Provide on-going liaison with all service sources and with the customer until recovery or replacement of the live system is complete and all services switched back to the live machine. Page 33 of 37

13. Appendix E Extended Cover The aim of the Extended Cover Service is to provide out of hours emergency assistance in the event of a crisis situation for the NHAIS core system, specifically Systems, Finance and ICM. 13.1. Scope of Service Support staff may be contacted out of working hours via a pager service. The local Service Delivery Manager has details of the pager numbers. Once a call has been made it is advised that the customer stays near the telephone on which the support staff will make contact. Where possible the problem will be dealt with over the telephone. However, support staff will travel to the Supplier office to assist further over the N3. Support staff are not expected to travel out to the site unless the work has been pre-scheduled. At their discretion, and in agreement with the customer, support staff will travel to the customer's site to give further assistance as appropriate Health and Social Care Information Centre agrees to provide the following service under the terms of the Agreement: 1. Extended cover provides on call support for emergency assistance in the event of a crisis situation involving NHAIS core software (Systems, Finance and ICM). 2. Extended cover is available only to customers who have support for the NHAIS and is restricted to the NHAIS core applications Systems, Finance and ICM. 3. Extended cover is only available to customers who have purchased this service prior to the service being requested. 4. Extended cover is available from 5pm to 10pm hours Monday to Friday, excluding public holidays for emergencies. 5. Support staff providing the Extended Cover service can be contacted via a paging service. Calls will initially be dealt with by telephone. In an emergency, the support staff on duty may travel to the support office to assist further by remote access. At their discretion and in agreement with the customer, support staff will travel to the customer's site to give assistance if appropriate. The appropriate day rate charge and travel and subsistence will be levied for this work. 6. Where the intervention of a third party is required to resolve the problem, support staff will proceed as far as possible, within the time agreed. 7. Extended cover is charged in two parts: An annual subscription fee. An additional fee for emergency calls. 8. The customer is required to make a direct line available to support staff, outside normal business hours, to prevent closed switchboards or answer phones hindering the work of the support staff. 9. The customer is required to ensure the presence of appropriate members of the customer's staff at all times to meet Health and Safety regulations when Health and Social Care Information Centre support staff are at the customer's site. In addition, the customer's staff must have appropriate knowledge and authority, in order to deal with any queries or key decisions, which may be required. Page 34 of 37

14. Appendix F Hosted NHAIS Solution Service 14.1. Scope of Service The Hosted NHAIS Solution Service enables organisations providing FHS services the ability to host their NHAIS system(s) with HSCIC SSD rather than accommodating and maintaining them locally. The Hosted NHAIS Service will be supported by the SSD Help Desk available from 8 am to 5pm weekdays. HSCIC SSD is able to provide a cost effective Hosted NHAIS Solution Service by utilising hardware to co-locate multiple NHAIS systems in a virtualised environment for the benefit of the NHS. This provides an opportunity for local organisations to access a managed service thereby removing the need for this facility to be provided locally. The service offers potential benefits in terms of value for money and efficiency, thus releasing local organisations from any requirement to host physical hardware and operate associated maintenance contracts locally or to make arrangements for IT service departments to do so. The service is protected by UPS and back-up power generation and provides access to a standby facility in a second remote Data Centre. The service will provide comprehensive data backup operations and management. The service will provide managed hardware to the customer to support a secure connection for local printing. 14.2. Business Benefits The benefits of this service include: Competent: Systems housed in Data Centres conforming to CPNI standards. Resilient: Systems protected by UPS and back-up power generation with a hot failover to a secondary server at the primary Data Centre.. Recoverable: Standby facility in a second remote Data Centre. Secure: Data back up operations and management. Maintained: Hardware acquired, maintained and fully supported. Experienced: Fully managed by HSCIC Systems & Service Delivery. Predictable: Banded prices fixed for 4 years. SSD will provide a Single Point of Contact for all NHAIS application, operating environment and hardware issues within the scope of the service. No requirement for the customer to have additional 3rd party hardware maintenance contracts for their NHAIS application. 14.3. Customer Responsibilities Provide local ICT contacts to deal with the configuration of local infrastructure and to work with HSCIC SSD staff to identify and resolve any incidents impacted by local infrastructure; Ensure that the organisation s local N3 link has sufficient bandwidth for NHAIS traffic; Retain responsibility for the operation and management of the NHAIS application and security system. 14.4. SSD Responsibilities Page 35 of 37

Administer the supplier s IT Infrastructure, and manage it in accordance with appropriate internal and external dependent third party suppliers; Undertake performance management of this Agreement, including operational reviews: Service Review, Escalation; To provide Help Desk Staff to receive telephone calls and process emails during the Core NHAIS SLA Service Hours; Service Delivery personnel will be available to manage calls during Core NHAIS SLA Service Hours; To ensure that appropriate service delivery staff are available to support the service during service hours; Provision of UNIX Operating System administration and maintenance; Technical staff to monitor and review log files and proactively identify availability and capacity issues thus ensuring optimum performance of the service; To ensure that all Supplier staff working on the service are fully briefed in their responsibilities under and comply with the provisions of the Data Protection Act (1998) as it relates to the process of information relating to individual people covering the obtaining, use, storage or disclosure of such information; To ensure all Supplier staff working on the programme are fully briefed in their responsibilities in respect of the local IM & T Security Policy and operated under the good practice included therein, especially the provisions relating to computer viruses; To recover application access or data from backups in the event that such action is required as a result of activity by Service Delivery personnel; In the investigation of incidents, advice may be offered on the root cause of the problem should it lie outside of the application software and hosted hardware, although the responsibility for fixing this remains with the User; 14.5. Service Availability details Hours of Service Operation The Service providing user access to their NHAIS system will be available between the hours of 00:01 and 00:00 Monday to Sunday, 365 days per year, excluding scheduled backups and planned downtime agreed with the customer. Access will be unsupported and not guaranteed outside of the operational support hours. Hours of Support Operation The hours of operational support will be between 09:00 (08:00 for Enhanced Support) and 17:00 Monday to Friday, excluding English Public Holidays. 14.6. Help Desk The Helpdesk service will be carried out from Supplier offices and will undertake call handling, incident categorisation, incident escalation to technical teams, and user communication activities. The Help Desk will utilise a standard Service Desk database application (Currently HP Open View V4.5). Help Desk Business Continuity and Disaster Recovery provisions are provided out of dedicated alternative locations. The delivery channels for the reporting of Incidents to the Help Desk will be; Page 36 of 37

By telephone on 0300 3034034 or via e-mail (Exeter.Helpdesk@hscic.gov.uk) 14.7. Performance Targets The following performance targets apply to the availability of the Service: Total service availability during Hours of Support Operation: 99.5% Period of downtime: Change window maximum of 5 working days per annum. Any planned availability issues will be advised to customers at least 5 days in advance. 14.8. Service Out of scope SSD does not provide support for the customer s local infrastructure including desktops, printers and other local hardware, software and connections to N3 Existing services provided under the Contract Schedules stay in place and are paid in addition to the hosted systems service, i.e. Cache licence maintenance, etc. Operation and management of the NHAIS application and security system remains the responsibility of the customer. 14.9. Service Reporting Availability Reports including details of performance will be made available monthly on request. 14.10. Security Security of data is achieved as follows: The NHAIS system will be hosted in secure Data Centres conforming to CPNI standards. Communication to and from customer offices are secure and encrypted using the N3 network. The service is protected by UPS and back-up power generation and provides access to a hot standby in a second remote Data Centre. The service will provide comprehensive data backup operations and management. Provision of a fully managed VPN tunnel to support a secure connection for printing over N3. This will include the supply and management of a router for local implementation. 14.11. Pricing The annual subscription charge for the service is based on population bandings and is fixed for 4 years. Further details can be provided on request. 14.12. Termination The service will be provided on an annual rolling basis. Both parties may terminate with a minimum of 90 days written notice. The annual subscription charge is not refundable or refundable in part and there will be no pro-rata charge for a part year subscription. 14.13. Further Details and Contacts If further details are required or you wish to discuss the service in more detail please contact your Service Delivery Manager: Page 37 of 37