NHS Counter Fraud Authority (CFA) - Case Management System

Description

The NHS Counter Fraud Authority (NHSCFA) requires a solution that will be used by 450 users who work for different health and government organisations with the appropriate access and control permissions. It needs to be able to: • Increase scalability of licences should there be a business need. The Licences must include the ability to collect and then disseminate data to third parties. • Create fraud/crime allegation reports that can be developed by users and then be promoted to investigations and the ability to create investigations and add allegation report and intelligence. • Capture investigative activity undertaken as part of criminal investigations: record, retain, review, reveal activity notes, tasks, reasonable lines of enquiry, key investigative events (arrests, searches, interviews, court appearances etc) decision making, outcomes (criminal offences, internal and external disciplinary, financial outcomes), nominal data (people, subjects, addresses, telephone number, emails, bank accounts, organisations and vehicles), statements, exhibits, unused material, financial investigation and intelligence and risk assessment/checklists. • Have assessment, sanitisation and actioning functionality that allows for the management of an investigation or case from the beginning of the process, including the ability to have them endorsed at or by tasking with rationale and then transfer to operational teams with all relevant intelligence and evidence. • To manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. MG9 witness list and statement bundle; MG12 exhibit list and exhibit bundle; MG6 disclosure schedules can be generated and submitted; other MG forms can form part of a prosecution file submission to Crown Prosecution Service by direct a Two Way Interface or similar integration, or export functionality. Functionality to populate other forms in the MG suite. • Information exchange with the CPS by exporting case files and exhibits to their systems, support email notifications from system disclosure. • Issue and manage task workflows, data requests, assigned lines of enquiries, updates via a local tasking and coordination process. Should have information and activity recording, to illustrate new tasking and to highlight when actions have, or indeed have not, been completed by target date. • Record, sanitise, manage, and disseminate 3x5x2 intelligence (including financial intelligence) reports to internal, external users and third-party intelligence organisations. Manage confidential sources and ability to capture pieces of information from external sources. • The solution should be able to record Financial Investigation activity in terms of Proceeds of Crime (2002) investigations and proceedings as well as manage disclosure (CPIA) and create and update prosecution bundles submitted to Crown Prosecution Service. Centrally it needs to capture Fraud Risk (Prevention) Assessments with the ability to disseminate across users to communication fraud risks across the NHS. Information management reporting needs to have capability for all record data, including time, resource, and cost management. • Different levels of configuration and customisation are required that are available to admin users within the system. It should have the ability to easily change the status of a person from subject to witness and vice versa. The solution must allow users to delete or archive data in accordance with NHSCFA internal retention schedule. The solution should facilitate marking records following the Government Security Classifications Policy. • The solution must incorporate into the design the ability to hold any forms required during managing cases, such as investigations plans, disclosure strategy and any associated documents, and allow their searchability.) • The solution should have the ability to RAG rate operational fraud risk activity as part of the ongoing review process. The system must have the ability to rapidly allocate and report upon a risk for any assessment recorded, this could for example be a person, an organisation, or a particular investigation.