Introduction

InvictIQ is committed to preventing modern slavery and human trafficking in all its operations and supply chains. This policy sets out InvictIQ’s approach to identifying and preventing such practices.

Scope

This policy applies to all employees, contractors, suppliers, and any other stakeholders who work with or on behalf of InvictIQ.

Policy Statement

InvictIQ will not tolerate any form of modern slavery or human trafficking in its operations or supply chains. InvictIQ is committed to complying with all applicable laws and regulations, including the Modern Slavery Act 2015.

Responsibilities

All employees and contractors of InvictIQ are responsible for ensuring that they comply with this policy and for reporting any concerns or suspicions of modern slavery or human trafficking to their line manager or the designated point of contact.

Due Diligence

InvictIQ will conduct due diligence on all new suppliers and will review existing suppliers on a regular basis to identify and prevent any potential risks of modern slavery or human trafficking in the supply chain.

Training

All employees and contractors will receive training on this policy and the risks of modern slavery and human trafficking.

Reporting

Any concerns or suspicions of modern slavery or human trafficking must be reported immediately to the designated point of contact.

Corporate and Social Responsibility Policy

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act.

This data is subject to be provided in a timescale determined by InvictIQ depending on the size of the task.

Introduction

InvictIQ is committed to corporate social responsibility, with a focus on ethical and sustainable business practices that benefit our employees, stakeholders, and the wider community. We recognise the impact our business activities can have on society and the environment, and we strive to act in a socially and environmentally responsible manner.

As part of our commitment to sustainability, InvictIQ has aligned its priorities to the United Nations Sustainable Development Goals (UN SDGs), including Gender Equality, Life on Land, and Partnerships for the Goals. We aim to make a positive contribution to these goals by integrating them into our operations and decision-making processes.

Our commitment to corporate social responsibility is guided by the following principles:

Ethical Business Practices

We conduct our business operations with the highest ethical standards and promote transparency, integrity, and accountability.

Employee Wellbeing

We prioritise the health, safety, and wellbeing of our employees, providing a safe and supportive work environment and promoting work-life balance.

Environmental Sustainability

We recognise the importance of preserving the environment and are committed to minimising our impact on it. We strive to reduce our carbon footprint, conserve natural resources, and promote environmentally sustainable practices.

Community Engagement

We actively engage with and support the communities where we operate. We encourage our employees to volunteer and contribute to charitable causes, and we strive to make a positive impact on society.

Responsible Supply Chain Management

We promote responsible supply chain management, working with suppliers who share our commitment to ethical and sustainable business practices.

At InvictIQ, we believe that corporate social responsibility is not just a duty, but a vital part of our business strategy. We are committed to continuous improvement and to working towards a sustainable future for all.

Ethics and Anti-Bribery Policy

Introduction

InvictIQ is committed to conducting business with the highest standards of ethical behaviour and to complying with all applicable laws and regulations, including the UK Bribery Act 2010. This policy outlines our expectations for ethical behaviour and our commitment to preventing bribery in all aspects of our operations.

Prohibition of Bribery

InvictIQ prohibits bribery in all forms, including but not limited to the offering, giving, soliciting, or receiving of any bribe, whether cash or non-cash, to or from any person or organisation, whether in the public or private sector. We will not tolerate any form of bribery, either by our employees or by third parties acting on our behalf.

Gifts and Hospitality

InvictIQ recognises that the offering or receiving of gifts and hospitality can be an accepted part of business culture. However, we will not accept or offer gifts or hospitality that could be perceived as influencing business decisions or compromising our ethical standards. Gifts and hospitality should be reasonable and proportionate to the business relationship, and should always be given and received openly and transparently.

Due Diligence and Risk Assessment

InvictIQ will conduct due diligence on third parties, including suppliers, agents, and other intermediaries, to ensure they comply with our standards of ethical behaviour and to assess their risk of involvement in bribery. We will also conduct risk assessments of our own operations to identify and mitigate potential bribery risks.

Reporting and Investigation

InvictIQ encourages all employees to report any suspected or actual incidents of bribery or other unethical behaviour. We will investigate all reports and take appropriate disciplinary or legal action as necessary. We will also protect employees who make good faith reports from retaliation or other adverse consequences.

Cybersecurity Policy

Purpose

The purpose of this Cybersecurity Policy is to establish guidelines and procedures to protect InvictIQ’s information assets from unauthorised access, use, disclosure, disruption, modification, or destruction.

Scope

This policy applies to all employees, contractors, vendors, and any other third parties who have access to InvictIQ’s information assets.

Policy

Information classification: All information assets must be classified based on their sensitivity and criticality, and appropriate controls must be implemented to protect them.

Access controls: Access to information assets must be granted based on the principle of least privilege, and only to authorised personnel who have a legitimate business need to access them.

Password policy: Passwords must meet InvictIQ’s password complexity requirements, and must be changed periodically. Employees must not share their passwords with anyone, including colleagues, family members, or friends.

Data backup and recovery: Regular backups must be performed, and backup copies must be stored in a secure location. InvictIQ must have a disaster recovery plan in place, and must periodically test it to ensure its effectiveness.

Malware protection: All company-owned devices must have up-to-date anti-malware software installed and enabled, and employees must be trained on how to detect and respond to malware attacks.

Data encryption: Sensitive data must be encrypted both in transit and at rest, using approved encryption methods and algorithms.

Incident response: InvictIQ must have an incident response plan in place, which outlines the procedures for detecting, responding to, and reporting security incidents.

Training and awareness: All employees must receive regular cybersecurity training and awareness, to ensure that they are aware of the risks and how to protect themselves and InvictIQ’s information assets.

Compliance: InvictIQ must comply with all relevant laws, regulations, and industry standards related to cybersecurity.

Business Continuity and Disaster Recovery Policy

Purpose

This policy outlines the procedures for ensuring the continuity of business operations and the recovery of critical systems and data in the event of a disaster or disruptive incident.

Scope

This policy applies to all employees, contractors, and third-party service providers who are responsible for maintaining critical systems, data, and processes that are necessary for InvictIQ’s operations.

Policy

Business Impact Analysis

  1. InvictIQ will conduct a business impact analysis to identify critical systems, data, and processes that are essential for business operations.
  2. The business impact analysis will be reviewed and updated annually or as necessary.

Risk Assessment

  1. InvictIQ will conduct a risk assessment to identify potential threats and vulnerabilities that could impact critical systems, data, and processes.
  2. The risk assessment will be reviewed and updated annually or as necessary.

Disaster Recovery Plan

  1. InvictIQ will develop and maintain a disaster recovery plan that outlines the procedures for responding to a disruptive incident and recovering critical systems and data.
  2. The disaster recovery plan will be reviewed and tested annually or as necessary.
  3. The disaster recovery plan will include procedures for communicating with employees, customers, and other stakeholders in the event of a disaster or disruptive incident.

Business Continuity Plan

  1. InvictIQ will develop and maintain a business continuity plan that outlines the procedures for ensuring the continuity of business operations in the event of a disaster or disruptive incident.
  2. The business continuity plan will be reviewed and tested annually or as necessary.
  3. The business continuity plan will include procedures for relocating critical operations to an alternate site, if necessary.

Data Backup and Recovery

  1. InvictIQ will implement procedures for backing up critical data and systems to ensure data recovery in the event of a disaster or disruptive incident.
  2. The data backup and recovery procedures will be reviewed and tested annually or as necessary.

Employee Training and Awareness

  1. InvictIQ will provide training and awareness programs to employees, contractors, and third-party service providers regarding the disaster recovery and business continuity plans and procedures.
  2. The training and awareness programs will be reviewed and updated annually or as necessary.

Testing and Maintenance

  1. InvictIQ will conduct regular tests of the disaster recovery and business continuity plans to ensure their effectiveness and to identify any areas for improvement.
  2. The disaster recovery and business continuity plans will be reviewed and updated annually or as necessary.

Incident Response

  1. InvictIQ will establish an incident response team to manage the response to a disruptive incident and to implement the disaster recovery and business continuity plans.
  2. The incident response team will be trained and tested annually or as necessary.

Enforcement

Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contract. Any employee, contractor, or third-party service provider who becomes aware of any violation of this policy must immediately report the violation to the appropriate supervisor or manager.

Ready to Join Next Generation of Care Quality?

Smarter tools. Safer care. Stronger outcomes — powered by AI.

Book Demo
FIND MORE