Brain+ A/S

CST-Assistant

Cost-effective service for facilitators to deliver clinically validated Cognitive Stimulation Therapy (CST) to people with mild to moderate dementia within Mental Health and Community Care. Operated by CST facilitators, the product can be configured to fit the needs of the CST groups in an easy way.

Features

• 14 digitally-available CST sessions
• Pool of validated content and activities per session
• Adaptable content to meet patient needs and demographics
• User-friendly and easy-to-use session preparation and delivery interface for facilitators
• In-service tips and tricks for facilitators
• In-service printable material to accompany activities
• In-service training and support to facilitators
• Box of things, providing physical items to accompany each session

Benefits

• Certified solution with externally validated and readily available content
• Significant time saved for sourcing, preparing and adapting CST sessions
• Easy, fast and effective start for new facilitators or subs
• Standardised approach and delivery, developed with experts and users
• Clinical benefits of CST: Improved cognition in dementia
• Clinical benefits of CST: Improved quality of life in dementia
• Clinical benefits of CST: Enhanced communication skills in dementia

£9,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sn@brain-plus.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

309091765350972

Contact

Simon Nielsen
+4531127703
sn@brain-plus.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Internet access
  • Access to either Google Play, Apple AppStore or Web Browser
  • Tablet, desktop or laptop computer running Windows or Mac
  • Android 4.4 (KitKat) and later
  • IOS: 12 and later

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours Monday to Friday, and for urgent matters and bugs we have a direct line where we respond ASAP.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: - Email support for non urgent matters typically with less than 24 hours response, and less for bugs and urgent requests; - Phone support weekdays 9-5 ; - Inhouse technical staff for support, and direct lines for early adopters and during implementation
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We offer service training as part of onboarding to the product. A detailed walk-through of the service is provided by Brain+, accompanied by an interactive user documentation as a reference on how to use the product, and navigate all features. ; Furthermore, as part of this training, facilitators go through scenarios in which requires them to prepare and deliver a CST session, with groups of patients with varying needs and demographics. ; We further frequently provide online community and training support as part of the customer success program.; We are currently working on integrating CST facilitator training (to train individuals on CST methodology in general) within the service.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All relevant user data is provided through the customer success program on a frequent basis, and a finale report and data dump of all site specific data is provided before it is deleted in the system.
• End-of-contract process: If renewal of the contract is not desired, the solution ceases to work at the end of the service period. A finale report of usage is be provided.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The application can run on computer or tablet, size of the display varies depending on screen size.; ; Whilst it can be run and is functional on smaller phones, it has not been optimised and there may be layout issues.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: CST facilitators can customise CST session contents, including activities, images, and suggested talking points. ; ; Facilitators can filter and select the appropriate content, from a large pool of externally validated content, based on the following labels:; ; 1) Suitability for patients with different levels of cognitive ability: to ensure maximum cognitive stimulation.; ; 2) Mobility level of group members: to ensure most patients benefit from the positive effects of physical movement.; ; 3) Demographic phenotype of CST group such as age: to ensure maximum engagement with the content and session.; ; 4) Need to bring additional physical items for an activity: to aid the facilitators in time spent on preparation (i.e. can select activities that do not require any additional items to ease preparation).; ; 5) Sensitivity of content, e.g. referring to childhood events that can be traumatic for some patients: to enable the facilitators to avoid if deemed necessary or deliver with caution

Scaling

• Independence of resources: We ensure resource independence using Kubernetes combined with an autoscaler that adjusts resources based on user demand. Additionally, we use a CDN combined with object storage to optimise our content delivery and ability to handle high bandwidth, protecting against potential service disruptions like DDoS attacks.

Analytics

• Service usage metrics: Yes
• Metrics types: The customer success program provide following service metrics; - Overview of feedback provided at end of sessions ; - Preferential data overview at session and program level ; - Time on task for sessions and configurations
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Through contacting support
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLA's are provided upon contract negotiatons with terms aligned with the buying organisation, effectively ensuring the functionality and usability according to the intention for use. If the service is not available when required, and we are not able to resolve the issue until next time of use a full refund is offered.
• Approach to resilience: Our services leverage Kubernetes with multiple pods managed by a load balancer to enable automatic failover and load distribution, maintaining seamless operation even during component failures. ; ; Our relational database service uses high availability configurations and automatic backups every 24 hours.; ; Detailed information available upon request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Email confirmation during signup
• Access restrictions in management interfaces and support channels: We enforce access restrictions in our management interfaces and support channels through a role and permission-based system. Users are granted access based on their roles and responsibilities, ensuring that they only have access to the resources and functions necessary for their tasks.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Information security is handled according to GDPR

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Handled in QMS system with traceability for feature updates and change management, also for user reports leading to changes.; Hardware and data-handling components are tracked using an asset registry.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: - Penetrations tests, and security breaches on services used inform vulnerability and patches are of highest priority along side bugs.; - Use of DPIA to identify and mitigate risks associated with the processing of personal data.; - Automated updates and periodic reviews for updates.; - In our software we assess and audit 3rd party packages, ensuring they are kept up to date frequently.; - A robust CICD process allows for efficient deployment of patches along with 80%+ test coverage.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: - Web Application Firewall installed in our cluster is used to identify suspicious activity/requests and to block.; - Following “Advisories” (descriptions of vulnerabilities that the cloud provider pentesters have found) and following recommendations.; - Act depending on type of compromise (rotating secret keys, passwords, blacklisting user, recommendation from cloud etc.); - Initiate investigations and prioritise rapid response.; - Monitoring tool for unusual traffic on our network to and from our servers with notification system in place for when suspicious activities occur.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: - Procedure entails logging of common events, categorisation, prioritisation, assignment, escalation and resolution.; - Users are able to reach us by phone, email or through our online support forms; - We provide incident reports externally depending of their type. Our reporting options are direct email, website announcements or in app notifications

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Wellbeing

  Covid-19 recovery

  The service enables NHS trusts to deliver frequent CST sessions, on par with pre-COVID levels. This is done through a cost-effective method of CST preparation and delivery which saves facilitators hours of time, and essentially reduces costs of delivery, with less staff.

  Tackling economic inequality

  Making CST program delivery affordable and accessible to more regions through a cost effective service, enables the trusts to offer more CST sessions at a lower cost, benefiting patients who were otherwise unable to receive this clinically-effective treatment.

  Wellbeing

  CST improve wellbeing in people with dementia specifically by improving their cognitive abilities, communication and language skills, and quality of life, leading to better and more independent lives. Additionally, CST also improved the relationship between the patient, and their caregiver and family members, further improving the wellbeing of carers, in general.

Pricing

• Price: £9,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: One month free use, and Q and A session

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sn@brain-plus.com. Tell them what format you need. It will help if you say what assistive technology you use.