AMERICAN WELL CORPORATION UK LIMITED

SilverCloud - digitally enabled therapy for CAMHS and CYP services

A digital mental health platform for providers and commissioners, a range of internet-based cognitive behavioural therapy (iCBT) programmes. Our platform has treated over 1 million people & delivered over 2 million hours of therapy. The platform includes programmes and tools covering depression, anxiety, stress, resilience, sleep, long-term conditions & more.

Features

• Evidence based digital mental health solution
• Population-level solution for managing mental health remotely
• NICE evidence standards framework for digital health technologies (Tier C)
• Onboarding and triage tool to assess needs and direct appropriately
• Dedicated portal for professionals to provide asynchronous support
• Reporting dashboard to track patient outcomes
• Training, project management and support included
• Cloud-hosted Software-as-a-Service, with full service management

Benefits

• Recovery rates for supported interventions upto 74% (equivalent for adults)
• Increase patient access and service capacity using digitally enabled therapy
• Cash releasing benefits from shifting from face-to-face to digital treatment
• Integration with patient case management systems (i.e. Iaptus and PCMIS)
• Open APIs to integrate with other IT systems, including EPRs
• Strong evidence-base with 50+ peer-reviewed research publications
• Flexible population delivery model from unsupported to therapist supported
• Automated tools (e.g. templates, reminders) to drive efficiency and engagement
• Online training platform with unlimited access
• Service-level pricing to provide economies of scale and cost-effectiveness

£6.25 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at finance@silvercloudhealth.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

261647086817967

Contact

UK Sales
353 1 554 9771
finance@silvercloudhealth.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements: Modern Web Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday 8am-6pm (GMT)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Users have access to the service helpdesk via phone or email for technical support.; ; Customers have an Account Manager and Customer Success Manager who works with clinical teams to ensure optimum use of the platform for their service users.; ; SilverCloud provide excellent and ongoing support to all NHS services using the platform via a dedicated Customer Success team. The team is available to provide and support the full deployment of the system from project initiation through to post go-live and long-term support.; ; This partnership approach to supporting the NHS results in named individuals providing the function, in addition to the standard helpdesk functions that would be expected.; ; All support levels are included as part of the Software-as-a-Service annual subscription 'Platform Licence'.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The implementation process consists of a project initiation meeting to discuss the service and pathways.; (i) We work together to develop operational processes to safely deliver SilverCloud and collect the customers requirements for their specific configuration;; (ii)A project plan is created identifying all the elements that need to be covered to go live;; (iii) We provide a sample operational policy, best practice guide and a number of customisation documents to services;; (iv)We work with the services clinical team to ensure the assessment, clinical support and risk management of service users is reflected in operational guidelines and this is communicated to all teams;; (v) We consult with the communication team on how they can promote SilverCloud;; (vi) Training is carried out face-to-face or via weblink dependent upon the services needs;; (vii) Services are reviewed quarterly to provide advice and support on service development, and;; (viii) System users will have access to an online supporter centre with how to guides and ongoing help and support information.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: SilverCloud can provide an extract of data in CSV format when the contract ends.
• End-of-contract process: At the end of a contract, a demobilisation plan would be put in place in advance to allow a safe exit from using the platform. A cut off date for when new users cannot be added to the system. A period of 4-12 weeks is agreed to support current users without disruption to care. Once the last user has completed, we agree with services how they would like to have a copy of their data (encrypted) and delete it from our server.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The desktop version is accessed via a web browser, the application is fully compatible with mobile browsers with no loss in functionality. There are also native mobile apps that support extra features such as push notifications and secure bio-metric authentication.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: The API enables services to refer end users to the service, view summary information of the end users' status and transfer clinical information to other systems.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: A variety of parameters can be configured based upon the need of the service ranging from the instruments and indicators used and their timing, to the levels of sharing of data communicated and accessible to the users or supporters/clinicians during the programmes.

Scaling

• Independence of resources: SilverCloud continually monitors the performance of its application. At regular intervals SilverCloud performs load testing of its network infrastructure and performs any maintenance necessary as part of its Information Security Management System (ISMS).

Analytics

• Service usage metrics: Yes
• Metrics types: A variety of parameters can be configured based upon the need of the service ranging from the instruments and indicators used and their timing, to the levels of sharing of data communicated and accessible to the users or supporters/clinicians during the programmes.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: SilverCloud provides an export functionality for users to export relevant information from the platform. Comprehensive exports can be requested via support channels.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: UPTIME: SilverCloud is available 24/7 and will use best endeavours to achieve uptime in respect of access to the application via internet of not less than 99.5% during each month.; ; EXCLUSIONS: No credit shall be allowed where the Service is unavailable due to the Customer as a result of difficulties with the Customer's own systems, the Customer's connection to the internet or any other system or link outside the direct control of Service Provider.; ; Unavailable Hours shall be calculated during any 4-week monitoring period.; ; A detailed Service Level Agreement will be put in place for customers.
• Approach to resilience: With regard to customer data, asset protection and resilience are achieved through multiple controls to ensure integrity and availability, in accordance with the Information Security Management System.; These include:; (i) Physical and environmental controls offered by the hosting providers to protect against threats such as fire and flooding;; (ii) Access controls to protect against unauthorised modification or destruction of data;; (iii) Multiple backups (daily system images, daily off-site data backups) to allow restoration in case of disaster, and;; (iv) Redundancy of services and equipment including storage, power, network offered by the hosting providers.; ; Resilience and data handling is assured through various ISO certifications, including ISO 27001:2013 and ISO 13485:2016. The latter certification required for medical devices and is based on ISO 9001:2008.
• Outage reporting: SilverCloud reports outages via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to systems hosting customer data is limited to specific SilverCloud employees on the operations team identified with individual log-in accounts.; ; Support and operations staff have limited access to management interfaces that aims to obscure sensitive and identifying information where possible, and limits the ability to extract data.; ; In addition, access to the hosting provider network is via a VPN and jump server, which provides additional logging and access control.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe
• ISO/IEC 27001 accreditation date: 14/08/2013
• What the ISO/IEC 27001 doesn’t cover: The certification scope is: The Head Office of SilverCloud Health Limited and the SilverCloud platform provided to SilverCloud Health’s clients worldwide.; All services offered are covered by the our ISO/IEC 27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • NHS Data Protection and Security Toolkit (DPST)
  • Digital Technology Assessment Criteria (DTAC)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: SilverCloud Health has a full ISMS Policy, which is approved and ratified at Director level, and serves to have processes in place to protect SilverCloud Health’s information assets from all threats.; ; It is the policy of SilverCloud Health to ensure that:; (i) Information should be made available with minimal disruption to staff, clients and authorised parties as required by the relevant business process;; (ii) The integrity of this information will be maintained;; (iii) The confidentiality of information will be assured in accordance with its classification, and;; (iv) That all regulatory, contractual and legislative requirements will be met.; ; This will be achieved through business processes, continuity plans, information security education, awareness and training.; ; Implementation will mean: (i) appropriate access control will be maintained and information protected against unauthorised access, (ii) an internal audit function will have direct responsibility for ensuring the ISMS operates in accordance with the above, (iii) all managers will be directly responsible for implementing the ISMS Policy within their units, and (iv) It will be the responsibility of each member of staff to adhere to the ISMS.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are handled in line with our Change Management Policy and in compliance with ISO 13485 and ISO 27001 standards. Changes are tested and approved before deployment.; ; A risk assessment will be performed to evaluate the information security requirements for new systems or major changes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Monthly automated vulnerability scanning is performed against service hosts with a PCI-DSS scan profile for known vulnerabilities. The output of these scans is addressed through information security management processes.; ; Software version monitoring and updating is in place on SilverCloud workstations and in the hosted environment to ensure that vulnerable software is identified and updated where possible.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The hosting provider operates network intrusion detection systems and OS integrity monitoring on behalf of SilverCloud to identify potential compromises. Security-relevant events are logged in the hosted environment and application. These include operating system, authentication, database and web server logs. Logs are monitored periodically with automated analysis and alerting where possible. Monitoring procedures are in place to guide the operations team.; Potential compromises are handled according to the Incident Response Policy, with the timeline set out for incident management below.
• Incident management type: Supplier-defined controls
• Incident management approach: SilverCloud has a documented Incident Response Policy, which includes a pre-defined process for managing incidents.; ; Customers may report incidents via support channels, by email or telephone.; ; SilverCloud shall notify customers in writing within 12 hours of any Security Incident(s) which result in, or which SilverCloud reasonably believes may result in, unauthorised access to, modification of, or disclosure of a Customer information, Customer Information Systems or other Customer applications. SilverCloud shall provide customers with a written Remediation plan within 24 hours of the Security Incident. Notification requirements are specified in the Incident Response Policy, which can be made available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  The SilverCloud platform is an online digital mental health platform used by providers to support virtual care and service delivery. Virtual care has been shown to have a measurable impact on the environment. As an example, a customer case study from a large US health system tracked 1.5 million virtual visits over a 12 month period and found that those visits equated to ~37 million miles not travelled and ~7.5 million litres of fuel saved, cost savings of ~£3.2 million, and reduced greenhouse gas emissions equivalent to planting over 250,000 trees and removing more than 3,000 cars from the roads for an entire year. Furthermore, a 2017 study tracked telemedicine savings between 1996 and 2013 and found patients avoided more than 5 million miles of driving. Virtual visits also prevented nearly 2,000 metric tons of carbon dioxide and 50 metric tons of carbon monoxide. As enablers of virtual care SilverCloud/Amwell is making it possible for more people to connect to care and for more use cases, greatly extending the environmental impact.; Additionally, SilverCloud/Amwell has begun formalising our environmental, social and governance (ESG) approach at the direction of management and with oversight from the Board. We have engaged an outside consultant and are in the process of fully evaluating our ESG issues and developing a comprehensive strategy connected to our strategic business initiatives. We expect to provide more information regarding our ESG initiatives in a future published ESG report that aligns with leading ESG reporting frameworks. Key ESG issues that have emerged are human capital management, diversity, equity and inclusion, and data privacy and cybersecurity.
• Covid-19 recovery:

  Covid-19 recovery

  SilverCloud has been at the forefront of the fight against COVID-19 as a key partner of digital enabled therapies to many NHS and Private mental health service providers. SilverCloud has not only played a vital role in allowing patients and providers to continue treatment during the pandemic, but it has also supported service providers as they navigate the operational and financial stresses the pandemic has put on their business. ; ; SilverCloud played nothing short of a vital role, allowing patients who were stuck at home to get access to needed mental health care, while diverting unnecessary visits from A&E departments. At the same time, SilverCloud technology allowed sick health care workers to continue treating their patients from home.
• Tackling economic inequality:

  Tackling economic inequality

  SilverCloud is focused on delivering greater access to more affordable, higher quality care by connecting and enabling providers and patients through our platform and services. ; ; Virtual care has been shown to be a more affordable option for quality care and can increase access to care for those in rural and underserved communities.
• Equal opportunity:

  Equal opportunity

  SilverCloud is an equal opportunity employer. We believe our innovation and success are direct results of our employees’ diverse experiences, backgrounds, and areas of expertise. Diversity, equity and inclusion (DE&I) is integral to our operations. In 2020, we formally established our Diversity, Equity & Inclusion committee, and in the past year created four working groups focused on: communications, events, research, and HR/training. Across these groups, we greatly expanded our DE&I programs and initiatives in 2021. We conducted our annual DE&I survey, held DE&I ambassador trainings, offered company wide trainings and specific leader-based inclusion trainings, and attended a 4-day facilitator session, launched the DE&I discussion channel, and educated, recognised and celebrated global holidays. ; ; We remain focused on building a diverse pipeline of talent. Partnerships developed with universities and other organizations across our markets and our virtual workforce strategy have allowed us to expand our national recruitment opportunities. We continue to prioritize our diverse recruitment strategy to build a stronger pipeline for women and people of color in our management and leadership roles.
• Wellbeing:

  Wellbeing

  SilverCloud continuously seeks ways to grow, develop and retain our talented workforce through a range of programs and employee development resources. We encourage open and frequent dialogue between our employees and managers to support career development. ; Offering a comprehensive benefits package is another way we take care of our employees. We offer the full scope of healthcare coverage, retirement planning, life and disability insurance, employee assistance programs, financial education, mental health support and wellness days off, Covid leave policy, volunteer days, unlimited PTO and access to our own suite of heathcare products and services. We offer full access to all telehealth services to our employees and their immediate family members. We believe mental wellbeing is just as important as physical wellbeing and offers employees and their loved ones free access to behavioral health support. We also provide mental health days and provide mental health programming for employees to normalise the conversation while providing coping strategies from our clinical team. ; We value employee feedback and listen to our employees through various outlets including all hands meetings and yearly engagement surveys. These avenues have provided us with valuable feedback and has shaped our investments in programs and initiatives for employees. Specifically in 2021, employee feedback led to shape our virtual work strategy, the creation of additional technology resources, investment in learning and development platforms, and employee benefits. The employee voice is the most powerful tool we have for increasing our engagement and the development of a strong and inclusive team.

Pricing

• Price: £6.25 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at finance@silvercloudhealth.com. Tell them what format you need. It will help if you say what assistive technology you use.