MOBILISE CARE LTD

Mobilise: Digital support service for unpaid carers

Since 2019 Mobilise has become the UK's leading provider of digital support services for unpaid carers, providing a safe, accessible and effective platform for unpaid carers to access key information to support their caring role and the emotional support of an active online community.

Features

• Provides safe, anonymous and immediate support, including out of hours
• Available 24/7, 365 days a year
• Geo-targeted digital campaigns to reach and identify carers at scale
• Extensive content designed under the COM-B model
• Users can self-refer and register, or are referred by professionals
• Instantly accessible from an web enabled, internet connected device
• Web-based platform and iOS/Android App
• Moderated forums and AI-powered web-chat with trained support team
• Local account manager to ensure effective deployment
• Live analytics dashboards

Benefits

• Increased number of carers known to the authority
• More carers are aware of the support available to them
• Increased resilience of carers in the authority
• Improved access to insights about the needs of local carers
• Reduced demand on expensive interventions
• Improved productivity of social care workforce
• Demonstration of compliance with CQC requirements
• Leverage the benefits of AI in a safe, human-centred way

£70,000 to £100,000 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james@mobiliseonline.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

184957440703738

Contact

James Townsend
07816779635
james@mobiliseonline.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The service is web-based, and consequently all service users will need an internet-enabled device to access support
• System requirements: Service users need an internet-enabled device to access the platform

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 48 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Reviewed through Google Lighthouse
• Onsite support: No
• Support levels: As a Commercial Off-The-Shelf (COTS) solution, we provide a standard level of service across the platform. Commissioners have a named account manager, who can provide guidance on deployment of the platform. Any reported issues will be passed on to technical teams and responded to as soon as possible.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: A local account manager from Mobilise will set up a launch meeting (virtually), including key personnel on the buyer side. This will be a meeting to explain the service in detail, answer any questions and to gather key information from the buyer to ensure that the Mobilise platform can be updated with accurate information relating to carer support in the area.; ; This meeting will be supported by a range of materails. The local account manager will be available to provide any further assistance required.; ; Mobilise will aim for the service to be live within 14 days of the agreement being secured.
• Service documentation: No
• End-of-contract data extraction: We are data controller for the service. Users do not automatically get any right to extract data unless they make a Data Subject Access Request according to our Privacy Notice
• End-of-contract process: As a Commercial Off-the-shelf (COTS) web based platform, Mobilise can easily be switched off if/when a commissioning authority decides to decommission the service.; Buyers will receive an end of contract report summarising performance against the KPIs as agreed.; Buyers will be invited to shape messaging to users of the platform in their area, explaining the cessation of the service and signposting to relevant continuing support.; ; The service will no longer accept new registrations for the location in question. Appropriate safeguarding steps will be put in place for any users indentified as being at particular risk, ensuring they are transitioned to replacement services.; ; This offboarding is included in the price of the contract

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Mobilise's user interface allows service users to access tailored resources and information, participate in community discussions with other carers and join a scheduled one-to-one call with a professional for support.
• Accessibility standards: None or don’t know
• Description of accessibility: We're committed to meeting the Web Content Accessibility Guidelines (WCAG) level AA. ; ; There are still a small number of A-level and AA-level WCAG issues on Mobilise. We have been working hard at training all team members to recognise and avoid accessibility issues.
• Accessibility testing: Assessed through Google Lighthouse
• API: No
• Customisation available: Yes
• Description of customisation: Buyer specific landing pages can be provided

Scaling

• Independence of resources: As a Commercial Off-the-shelf (COTS) solution Mobilise users all engage with a single instance of the service. Regular load testing enables us to ensure capacity for user volumes larger than any historical peak

Analytics

• Service usage metrics: Yes
• Metrics types: Regular reporting dashboards provide a summary of service usage and user journey metrics. These are supplemented by case studies and qualitative data on user experience.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Platform data is stored using AES-256 encryption.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users should make a data subject access request, according to our Privacy Notice
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Mobilise does not commit to specific Service Level Agreements (SLAs) for our service. We do however use SLO (service level objectives.) Our SLO for the core service is 99.65% availability across a seven-day period. This is equivalent to a single five-minute outage per day.
• Approach to resilience: This information is available upon request
• Outage reporting: Mobilise uses remote monitoring to identify if there are outages and send an email to our staff.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: The user account creation and retention policy, last updated in January 2024, mandates that two senior leadership team members be involved in the creation and upgrade of user accounts, with the CEO or COO additionally required for administrator level access. Account reviews are conducted quarterly by leadership team members. Upon an employee's departure or suspension, immediate revocation of their access is required, affecting systems such as Google Workspace, HubSpot, Slack, and various other specific applications like Google Ads, Trello, and YouTube, among others listed. This policy aligned with related documents on data and IT security and the use of applications
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance approach is streamlined yet effective, tailored for our size and capabilities. We adhere strictly to the principles of the Cyber Essentials certification to guide our security policies and practices. This certification ensures we maintain fundamental security controls, protecting against common cyber threats. We conduct regular security training sessions for all team members to foster a culture of security awareness. Decisions related to security are made collaboratively, involving input from all levels of our organization (particularly at Director level), ensuring comprehensive oversight and responsiveness to emerging security challenges.
• Information security policies and processes: Our security governance approach is streamlined yet effective, tailored for our size and capabilities. We adhere strictly to the principles of the Cyber Essentials certification to guide our security policies and practices. This certification ensures we maintain fundamental security controls, protecting against common cyber threats. We conduct regular security training sessions for all team members to foster a culture of security awareness. Decisions related to security are made collaboratively, involving input from all levels of our organization (specifically at Director level), ensuring comprehensive oversight and responsiveness to emerging security challenges.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We manage the lifecycle of our service components using GitHub, which provides robust version control and tracking capabilities. Each component is tracked from development to deployment, ensuring full traceability via repositories and branches. For assessing changes for potential security impacts, we combine GitHub's automated security tools, like Dependabot, with a peer review process via pull requests. This allows us to detect vulnerabilities early and ensure thorough review and documentation of security assessments before changes are implemented.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Our vulnerability management process leverages the advanced security frameworks provided by Google Workspace and HubSpot. We rely on their continuous updates and security bulletins to assess threats and deploy patches, ensuring our data remains protected within their managed environments.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Undisclosed
• Incident management type: Undisclosed
• Incident management approach: Undisclosed

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  Mobilise provides access to online support for carers, which reduces the number of trips needing to be made by carers to in-person support options. Our team works largely remotely and our service therefore has a minimal carbon footprint

  Tackling economic inequality

  The Mobilise service increases the availability of support to unpaid carers who are in work. This therefore enables more carers to stay in work or return to work.

  Wellbeing

  The Mobilise service is a cost effective way of improving the wellbeing of unpaid carers

Pricing

• Price: £70,000 to £100,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at james@mobiliseonline.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.