Renaissance Managment Consultancy Ltd

Includmi mental health and wellbeing mobile application

Includmi affords people a platform to talk about their mental health in a safe and supportive manner that builds resilience and self care.

Includmi helps build positive and supportive social relationships and community connections to buffer the effects of risk factors in people’s lives.

Features

• Real time wellbeing reporting
• Multi disciplined team collaboration
• Digital dashboards of live enterprise wide data
• Mood journal/vlog
• Alerts for early intervention
• Cognitive behaviour therapy intelligent self care
• Integrated video interventions and live support

Benefits

• Improved mental health and wellbeing for people/patients
• Quicker access to mental health and wellbeing support
• Better communication with and between multi agency support teams
• Substantial savings for commissioners of mental health support
• Real time data analytics for better decision making and evaluation

£1.00 to £250.00 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.paice@renaissancemanagement.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

176057726269413

Contact

David Paice
+447971830208
david.paice@renaissancemanagement.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Earliest supported operating versions; iOS version: 12; Android version: 5.0
• System requirements:
  • IOS - version 12 or above
  • Android - version 5 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Renaissance/ Includmi shall use commercially reasonable endeavours to make the Includmi Service available 24 hours a day, seven days a week, except for maintenance which will normally be carried out in such a way that seeks to minimise disruption to End Users.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Virtual online meeting space provided for meetings with users - https://www.includmi.com/meet
• Web chat accessibility testing: We worked extensively with special schools in the North of Wiltshire to ensure the service was accessible to assistive technology users.
• Onsite support: Onsite support
• Support levels: Includmi shall use commercially reasonable endeavours to make the Includmi Service available 24 hours a day, seven days a week, except for maintenance which will normally be carried out in such a way that seeks to minimise disruption to End Users.; ; The Client recognises that the Includmi Service is provided through a third party hosting provider. While Includmi will endeavour to ensure demands are met through the existing infrastructure, the Client acknowledges this may not be possible. Use is also limited to the current Usage Level as agreed in App Fees and detailed in the App Schedule. If usage is above the current Usage Level then the Includmi Service may not be available until an applicable higher Usage Level has been agreed.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We set up the enterprise user. We help them set up their organisations and help the organisations set up their mobile users. This is done by onsite training, online training, explainer videos and user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Includmi will work with the Client to archive Client Data and End User Data according to the Client’s aspirations and requirements. A Statement Of Work will be created setting out the Additional Services related to the archiving of such data and the charges related to this as agreed by the parties. ; Standardly:; Includmi will delete all the Client Users and End Users when the LEA stops paying the App Fees. ; However, Includmi will give the Client one month to renew the service, during which time Includmi will just block the Client and End Users, and their posts will still be visible on the mobile application. During this time there will still be a charge for the Client related to data storage plus any hourly or day rate costs incurred in managing this.; If after 1 month the Client does not renew their contract, all Accounts will be deleted, and data will be moved to cheaper AWS storage for archiving.; Includmi will pass this cost on to the Client as part of an agreed archiving Statement Of Works.
• End-of-contract process: Includmi will work with the Client to archive Client Data and End User Data according to the Client’s aspirations and requirements. A Statement Of Work will be created setting out the Additional Services related to the archiving of such data and the charges related to this as agreed by the parties. ; ; The Client will also pay Includmi for any services provided by Includmi around decommissioning the Includmi Service, extracting data and/or transfer to another cloud provider and/or any other services associated with termination of the Includmi Service. The charges for services under this clause will be at the current hourly rates applied by Includmi.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The administration and set up of the software as a service is through a browser. The application is provided for use with Android and Apple mobile devices and can be downloaded through either Google Play or Apple App Store.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: There is an administration panel to manage the service that can be accessed from a browser. Through this admin panel the commissioning entity can add users and set up organisations within their enterprise. They can also track the wellbeing of the mobile users in real time through a reporting function.
• Accessibility standards: None or don’t know
• Description of accessibility: Mobile users can upload files and share them with their support team in a similar manner to common social media applications. They can edit their profile and share it with their support team. There is an inbuilt chat/group chat function.; ; Users can't share their profile with people who are not approved support team members of approved organisations.
• Accessibility testing: The app has been tested with teachers and pupils at a number of special schools including those with profound and multiple learning difficulties.
• API: No
• Customisation available: Yes
• Description of customisation: The service is an enterprise scale software as a service. The enterprise administrator sets up the organisations within their enterprise. The organisations set up the mobile users in their organisation.

Scaling

• Independence of resources: We use AWS for elastic scalability

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly Data Usage per Account
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The administration users can export their data in CSV, XLS and PDF format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Xls
  • Pdf
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Xls
  • Pdf/a
  • Html5
  • Mp3
  • Mp4

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Our service has been CHECK penetration tested to ensure that data is protected.; We have achieved Cyber Essentials across the business.; User data transiting networks is protected against tampering and eavesdropping through a combination of:; (1) Network protection:; i) We use multi factor authentication to access the system.; ii) Strong passwords and biometrics are enforced for all mobile users; iii) Account lockout; iv) Anti cross-site scripting measures; v) Jailbreak Detection; vi) Code obfuscation; ; (2) Encryption:; i) Data is encrypted; ii) All user ID is randomised and over 10 digits; iii) Screenshots disabled
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Includmi shall use commercially reasonable endeavours to make the Includmi Service available 24 hours a day, seven days a week, except for maintenance which will normally be carried out in such a way that seeks to minimise disruption to End Users.; ; The Client recognises that the Includmi Service is provided through a third party hosting provider. While Includmi will endeavour to ensure demands are met through the existing infrastructure, the Client acknowledges this may not be possible. Use is also limited to the current Usage Level as agreed in App Fees and detailed in the App Schedule. If usage is above the current Usage Level then the Includmi Service may not be available until an applicable higher Usage Level has been agreed.
• Approach to resilience: We centre our resilience strategy around availability, performance, and disaster recovery (DR). We use a full suite of AWS tools to ensure we are resilient. ; ; We deploy across multiple Availability AZs in the UK region. This AZ has redundant resources and uses separate physical facilities located a meaningful distance apart from other AZs. This means we can withstand the loss of a physical facility for disaster recovery purposes.; ; We also maintain essential components like databases replicated in Amazon S3 buckets giving us a responsive recovery time.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: 2FA and Multi Factor Authentication; Biometric authentication
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CHECK penetration test

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: We are working towards formal ISO/IEC 27001 accreditation.
• Information security policies and processes: Our information security policies are the result of NHS DCB0129 & DCB0160 clinical risk assessments, in which vulnerabilities are identified and safeguards are chosen.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: At the start of product development we identify all classes / types of item that will be subject to configuration management using Jira and Confluence. ; Configuration management, that tracks changes, implements version control, and enables reproducibility is applied throughout the lifetime of our application development. ; Configuration items are version controlled, with full details of any modification (including the author and time / date) recorded. This allows root cause analysis to be performed when defects are discovered.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: CHECK penetration testing by approved organisation
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Identification:; We combine on-device logging, device compliance reporting and attestation capabilities with monitoring data from network-layer devices such as internal firewalls, network proxies, and the VPN gateway and service logs. ; ; Response:; We work with the West Midlands Cyber Resilience Centre where we are members. Fortunately we have not yet had to formally respond to a compromise. The centre would be our first port of call.; ; Quick:; Our systems are monitored 24/7 and we would aim to address any compromise immediately.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Any incidents are reported to us via our online and telephone help desks which operate 24/7.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  Equality and diversity policy.; ; We want to be recognised as a great business that delights its customers, is sustainable and one which we all can be proud to work in. To achieve this, we recognise the importance of establishing a fair and inclusive work place and business environments, where our people are valued, their differences are respected, and discrimination is eliminated.; ; We are committed to; ; Respecting and upholding the human rights and dignity of all our people.; ; Providing safe environments for all our people to work and do business in.; ; Creating a culture where all our people feel able to speak up about any concerns.; ; Addressing any instances of inappropriate or unacceptable behaviour such as harassment, bullying, discrimination and victimisation.; ; What you should expect from us; ; We will support managers to uphold the commitments we make in relation to diversity and inclusion.; ; We will treat you with dignity and respect, regardless of any personal characteristics, and in accordance with the law within the countries we operate in. For example, characteristics may include your, age, a disability, marriage / civil partnership status, pregnancy / maternity, race, religion or belief, sex, or sexual orientation and gender.; ; We will provide guidance, training and support to help our people deliver our diversity and inclusion commitments.; ; How we achieve this; ; We will regularly review and update our employment approach and practices to maintain our focus on diversity and inclusion.; ; We ensure the principles of this policy are reflected in our employment practices and standard terms and conditions of employment.; ; Although Renaissance Management Consultancy Limited is a private limited company it does take equality very seriously and has a public sector ethos.

Pricing

• Price: £1.00 to £250.00 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Everything is included

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.paice@renaissancemanagement.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.