Skip to content
Contents

IT Software Systems & Storage

Reference: 24-25196

Date response sent: 22/08/2024

Details of enquiry

Please provide the following information regarding the essential business software systems used at Tavistock and Portman NHS Foundation Trust:

  1. Storage & Cloud Infrastructure:

Please address the following questions regarding your Storage & Cloud Infrastructure:

i. Does your organisation use on-premise or cloud storage or both?

ii. Please confirm the on-premise hardware manufacturer.

iii. Please confirm your cloud storage provider (AWS, Azure, Oracle, etc.).

iv. What is your annual spend on cloud storage?

v. How do you back up your data and with whom, e.g., Backup as a Service?

  1. Telephony
  2. ERP (Enterprise Resource Planning)
  3. Finance & Payments
  4. Cyber Security
  5. HR (Human Resources)
  6. Payroll
  7. Finance BI and Analytics System

ITSM

Response sent

Please provide the following information regarding the essential business software systems used at Tavistock and Portman NHS Foundation Trust:

  1. Storage & Cloud Infrastructure:

Please address the following questions regarding your Storage & Cloud Infrastructure:

    • Does your organisation use on-premise or cloud storage or both?

Both

    • Please confirm the on-premise hardware manufacturer.

Dell / Barracuda

    • Please confirm your cloud storage provider (AWS, Azure, Oracle, etc.).

Microsoft Azure

    • What is your annual spend on cloud storage?

£20k per annum

    • How do you back up your data and with whom, e.g., Backup as a Service?

Data Withheld, under exemption 31(a) of the Freedom of Information Act, FOIA:  the prevention or detection of crime. Please see notes below for explanation of this exemption.

  1. Telephony

Enghouse

Contract Expiry August 2025

  1. ERP (Enterprise Resource Planning)

Not applicable

  1. Finance & Payments

Oracle but contracted out to Shared Business Services

The Trust’s finance system (Finance ERP and Requisitioning System is outsourced to Shared Business Services, and is a national NHS Digital procured system. NHS Digital have now merged with NHS England, whom you may wish to contact directly via their FOI team:  england.contactus@nhs.net

  1. Cyber Security

Data Withheld, under exemption 31(a) of the Freedom of Information Act, FOIA:  the prevention or detection of crime. Please see notes below for explanation of this exemption.

  1. HR (Human Resources)

ESR (Electronic Staff Record)

(National contract negotiated by NHS England, whom you may wish to contact directly via their FOI team:  england.contactus@nhs.net

  1. Payroll

The Trusts payroll system is outsourced to Civica, since 2016 and the contract expires in August 2025

  1. Finance BI and Analytics System

Microsoft Power BI, part of the Microsoft Office Suite.  Expires in March 2025.

Shared Business Services (SBS).  Expires in December 2025 (see our response to Q4 above).

  1. ITSM

Hornbill.  Licences/Subscriptions end June 2025

 

FOIA Exemption s31(a), Explanation and Public Interest Test

With regards to the above exemptions engaged under s.31(a) of FOIA, Law Enforcement: the prevention or detection of crime, this is a qualified exemption that requires the authority to carry out the public interest test.

We have carried out the public interest test and have set out below the public interest arguments which we have considered:

Arguments in favour of disclosure:

Promoting accountability and transparency on how public funds are utilised and spent

Arguments in favour of maintaining the exemption:

The Trust has a duty to ensure that its information systems and assets are kept secure

Disclosure of the requested information could facilitate criminal activity, in particular cybercrime, and especially when combined with other information already in the public domain or which could be gleaned from other sources, including any information that the Trust has previously provided or may be forced to disclose in the future.

Disclosure of the requested information could, therefore, increase vulnerability to malicious attack, including the corruption or loss of data, software, hardware or other equipment, which would impact on the Trust’s ability to provide essential services

These vulnerabilities could extend to suppliers on whose services the Trust relies.

Weight of Balance

We have concluded that, on balance, the public interest in maintaining the exemption outweighs the public interest in disclosure. This means that the Trust will withhold the requested data.

Back to top