Dear Mr Yuraszek

 

I acknowledge receipt of your correspondence dated 30 October 2019, in
which you made a request for information.

 

Your request is as follows:

 

“Please could you provide the following information:

 

1) How many employees are working for your organisation, including
full-time, part-time, and contracted staff?

2) What is your annual intranet budget?

3) What is your current intranet solution? (e.g. Invotra, Sharepoint,
Kahootz, Umbraco)

4) How long have you been using this solution, and when does your contract
expire?

5) Do you work with an external partner to supply your intranet? If not,
do you develop your intranet internally?

6) Which team/individual is responsible for managing your intranet
internally?

7) Which other organisations have access to your intranet?

8) Do you share IT services with other organisations?

9) Are you using the Office 365 suite? If so, which applications from the
suite are in use?

10) Who is responsible for your intranet’s procurement within the
organisation?

11) Do you use Microsoft’s Active Directory to manage your people data? If
so, is your Active Directory (AD) managed on-premise or in the cloud?

12) Do you use any other Software as a Service (SaaS) applications? (e.g.
Atlassian/Jira, Slack, Trello, Xero)”

 

CQC will consider your request in accordance with the Freedom of
Information Act 2000 (FOIA).

 

Our statutory deadline for response is 27 November 2019, but we will in
any event endeavour to respond as soon as possible.

 

We will write to you if we are unable to meet this deadline.

 

The information you have requested may be subject to an exemption from the
right to know. Should this occur, we will explain the reasons why when we
respond.

 

Regards

 

On behalf of:

Information Access Team

Regulatory Customer & Corporate Operations 

 

Care Quality Commission

Citygate

Gallowgate

Newcastle upon Tyne

NE1 4PA

 

The Care Quality Commission is the independent regulator of health and
adult social care services in England. [1]www.cqc.org.uk. For general
enquiries, call the National Customer Service Centre (NCSC) on 03000
616161 or email [2][email address]

 

Personal data is processed in accordance with the General Data Protection
Regulation (GDPR) and relevant data protection law. Information on the
processing of personal data by CQC can be found at
[3]www.cqc.org.uk/about-us/our-policies/privacy-statement

 

Statutory requests for information made under access to information
legislation such as the Data Protection Act 2018, GDPR and the Freedom of
Information Act 2000 should be sent to: [4][CQC request email]

 

 

show quoted sections

References

Visible links
1. http://www.cqc.org.uk/
2. mailto:[email address]
3. http://www.cqc.org.uk/about-us/our-polic...
4. mailto:[CQC request email]

Dear Mr Yuraszek

 

Our Ref: CQC IAT 1920 0692

 

I write in response to your correspondence of 30 October 2019 in which you
asked for the following information.

 

1) How many employees are working for your organisation, including
full-time, part-time, and contracted staff?

2) What is your annual intranet budget?

3) What is your current intranet solution? (e.g. Invotra, Sharepoint,
Kahootz, Umbraco)

4) How long have you been using this solution, and when does your contract
expire?

5) Do you work with an external partner to supply your intranet? If not,
do you develop your intranet internally?

6) Which team/individual is responsible for managing your intranet
internally?

7) Which other organisations have access to your intranet?

8) Do you share IT services with other organisations?

9) Are you using the Office 365 suite? If so, which applications from the
suite are in use?

10) Who is responsible for your intranet’s procurement within the
organisation?

11) Do you use Microsoft’s Active Directory to manage your people data? If
so, is your Active Directory (AD) managed on-premise or in the cloud?

12) Do you use any other Software as a Service (SaaS) applications? (e.g.
Atlassian/Jira, Slack, Trello, Xero)

 

I will address each part of your request in turn.

 

Your Request

 

1) How many employees are working for your organisation, including
full-time, part-time, and contracted staff?

 

The below table shows the number of full and part time staff currently
contracted to CQC as direct employees.

 

Full Time 2821
Part Time 450
Grand Total 3271

 

There are a total of 16 contracted staff.

 

2) What is your annual intranet budget?

 

The existing solution is built on legacy technology which is out of
manufacturer support. There is currently in essence a code freeze as we do
not want to risk issues, though content is constantly updated.

 

3) What is your current intranet solution? (e.g. Invotra, Sharepoint,
Kahootz, Umbraco)

 

SharePoint 2007

 

4) How long have you been using this solution, and when does your contract
expire?

 

CQC implemented the existing solution in 2011, it’s a solution that was
developed in-house and subsequently supported & maintained internally.

 

5) Do you work with an external partner to supply your intranet? If not,
do you develop your intranet internally?

 

Developed internally

 

6) Which team/individual is responsible for managing your intranet
internally?

 

Internal Engagement

 

7) Which other organisations have access to your intranet?

 

None

 

8) Do you share IT services with other organisations?

 

Currently our network and application infrastructure, including identity
management, is hosted and managed by Atos as part of a shared service
agreement call IMS3. CQC are in the process of exiting the shared service
by March 31^st 2020.

 

9) Are you using the Office 365 suite? If so, which applications from the
suite are in use?

 

Yes, Teams, SharePoint Online, OneDrive, Exchange, Yammer.

 

10) Who is responsible for your intranet’s procurement within the
organisation?

 

Procurement is a collaborative process between commercial, Internal
Engagement and Digital. Technical decisions will be taken by the Digital
Directorate.

 

11) Do you use Microsoft’s Active Directory to manage your people data? If
so, is your Active Directory (AD) managed on-premise or in the cloud?

 

Currently we use Microsoft’s Active Directory on premise solution for
identity management. However, we are in the process of planning a
migration away from the existing on-premise solution hosted with Atos to
Azure Active Directory Premium on CQCs own tenancy on Microsoft Azure.
This may potentially be completed in the first quarter of 2020.

 

12) Do you use any other Software as a Service (SaaS) applications? (e.g.
Atlassian/Jira, Slack, Trello, Xero)”

 

We currently use JIRA

 

Advice and assistance

 

Under section 16 of the Freedom of Information Act 2000 (and in accordance
with the section 45 code of practice) we have a duty to provide you with
reasonable advice and assistance.

 

If you need any independent advice about individual’s rights under
information legislation you can contact the Information Commissioner’s
Office (ICO).

 

The ICO is the UK’s independent authority set up to uphold information
rights in the public interest, promoting openness by public bodies and
data privacy for individuals.

 

The contact details for the ICO are detailed below.

 

There is useful information on the ICO website explaining the rights of
individuals:

 

[1]www.ico.org.uk/your-data-matters

 

CQC Complaints and Internal Review procedure

 

If you are not satisfied with our handling of your request, then you may
request an internal review.

 

Please clearly indicate that you wish for a review to be conducted and
state the reason(s) for requesting the review.

 

Please note that it is usual practice to accept a request for an internal
review within 40 working days from the date of this response. The [2]FOIA
code of practice advises that public authorities are not obliged to accept
internal reviews after this date.

 

Please be aware that the review process will focus upon our handling of
your request and whether CQC have complied with the requirements of the
Freedom of Information Act 2000. The internal review process should not be
used to raise concerns about the provision of care or the internal
processes of other CQC functions.

 

If you are unhappy with other aspects of the CQC's actions, or of the
actions of registered providers, please see our website for information on
how to raise a concern or complaint:

 

[3]www.cqc.org.uk/contact-us

 

To request a review please contact:

 

Information Access

Care Quality Commission

Citygate

Gallowgate

Newcastle upon Tyne

NE1 4PA

 

E-mail: [4][CQC request email]

 

Further rights of appeal exist to the Information Commissioner’s Office
under section 50 of the Freedom of Information Act 2000 once the internal
appeals process has been exhausted.

 

The contact details are:

 

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

SK9 5AF

 

Telephone: 0303 123 1113

Website: [5]www.ico.org.uk

 

The Information Access Team

Governance and Legal Services

Regulatory Customer and Corporate Operations

Care Quality Commission
Citygate

Gallowgate
Newcastle upon Tyne
NE1 4PA

 

The Care Quality Commission is the independent regulator of health and
adult social care services in England. [6]www.cqc.org.uk. For general
enquiries, call the National Customer Service Centre (NCSC) on 03000
616161 or email [7][email address]

 

Personal data is processed in accordance with the General Data Protection
Regulation (GDPR) and relevant data protection law. Information on the
processing of personal data by CQC can be found at
[8]www.cqc.org.uk/about-us/our-policies/privacy-statement

 

Statutory requests for information made under access to information
legislation such as the Data Protection Act 2018, GDPR and the Freedom of
Information Act 2000 should be sent to: [9][CQC request email]

-------------- The contents of this email and any attachments are
confidential to the intended recipient. They may not be disclosed to or
used by or copied in any way by anyone other than the intended recipient.
If this email is received in error, please notify us immediately by
clicking "Reply" and delete the email. Please note that neither the Care
Quality Commission nor the sender accepts any responsibility for viruses
and it is your responsibility to scan or otherwise check this email and
any attachments. Any views expressed in this message are those of the
individual sender, except where the sender specifically states them to be
the views of the Care Quality Commission. Information on how the Care
Quality Commission processes personal data is available here
http://www.cqc.org.uk/about-us/our-polic...

References

Visible links
1. http://www.ico.org.uk/your-data-matters
2. https://assets.publishing.service.gov.uk...
3. http://www.cqc.org.uk/contact-us
4. mailto:[CQC request email]
5. http://www.ico.org.uk/
6. http://www.cqc.org.uk/
7. mailto:[email address]
8. http://www.cqc.org.uk/about-us/our-polic...
9. mailto:[CQC request email]