KAYA Wellbeing Platform
KAYA is an Employee Wellbeing Management System (EWMS) that acts as a wellbeing catalyst; it stimulate wellbeing activity and improves wellbeing outputs for employers and wellbeing/employee benefit solution providers. KAYA measures the wellbeing pulse of employees and a business on a quarterly basis, linking employers, employees and wellbeing/benefit solutions
Features
- Wellbeing Index and benchmarks
- Wellbeing impact on performance
- Wellbeing challenges and perceived support
- Wellbeing index and Employee feeling and experience
- Employee relationship quality and wellbeing
- Wellbeing champions support
- Individual ,team and company wellbeing measurement
- Wellbeing support plans
- Wellbeing (Mental, Physical, Social, Financial, Societal) measurement
Benefits
- ROI on wellbeing investment and programs
- Identify wellbeing challenges at Company, team and Individual level
- Quantify wellbeing to understand level of support to be provided
- Invest on wellbeing initiatives that have a positive impact
- Help wellbeing champions perform their role effectively
Pricing
£5 a licence
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
3 8 9 2 8 6 0 2 2 1 4 5 1 5 4
Contact
MY WELLBEING INDEX LTD
Ram Raghavan
Telephone: +447500887279
Email: ram@mywellbeingindex.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- - A planned maintenance during the new software releases. We will make sure it will happen in off peak time and we will inform much advance on this
- System requirements
-
- Any web Browser running on Windows/Linux/Mac OS
- Internet connection to the PC
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- During the week within a day and during weekends within 44 hours
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- They can click on the chat button and post their questions on the chat box. They will be directed to an agent to elicit a response. The agents have been trained to address almost all of the functional problems. If the issue is more technical in nature, they will be help users raise a ticket to get clarity on the issues.
- Web chat accessibility testing
- We have been using tawk.to for our online chat. We have been using it to respond to questions on the website as well as the talent portal for almost a year now
- Onsite support
- Onsite support
- Support levels
- We will have a named account contact to deal with specific queries and provide support. We will also have an onboarding process and help the client navigate the system. It will also be supported by videos and a resource library which will answer the frequently asked questions. This is built in as part of our offering. We have a dedicated cloud support team to answer and address all technical queries. The users can raise a ticket and the team will address their enquiry.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
- Onsite training
- Online training with pre recoreded videos
- Documentation on how to use the system - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- When user close their account, all the data related to the user will be deleted from our database
- End-of-contract process
- At the end of life, the clients account will be closed and all associated data will be removed. There will be no additional cost to the client for this service.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- A mobile app will be provided to access the services
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- Yes
- Description of customisation
-
The heart of our proposition is based on the specific needs of our customers. When they establish their account, they can decide on the level of wellbeing screening they want ( Level 1- Company Level , Level 2 - Team level , Level 3 - Individual level). They can add and remove employees and provide access to various services including mood monitoring, hydration, meditation, support plan creation, market place etc.
The person who has subscribed to our platform can customise the platform.
Scaling
- Independence of resources
-
- The system supports auto scaling, when the demand at the peak, our system will created no.of server automatically
- The system is designed with load balancer which can distribute load to different server to process the requests
Analytics
- Service usage metrics
- Yes
- Metrics types
-
1. Registration information
2. Response information - Reporting types
-
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- Other locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
- Data store in a Virtual Private Network on AWS.
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
-
From the web application.
We can also help if it is a bulk upload - Data export formats
-
- CSV
- Other
- Other data export formats
-
- Microsoft Word
- Data import formats
-
- CSV
- Other
- Other data import formats
Data-in-transit protection
- Data protection between buyer and supplier networks
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Site provision is for 24 hours/ 7 day availability
Support provision will be UK working hours 5 days a week - Approach to resilience
- It is available on request
- Outage reporting
-
- A dashboard on our website
- Email alert
- Phone alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- - Management interface can be accessed using their username/password.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
We have polices and procedures that covers the following areas
1. Information security safeguards
a. Admin, technical & physical safeguards
b. Standards & Practices and information security industry standard
practices as identified in the NIST CSF, ISO/IEC 27002, or other
equivalent authoritative sources.
c. Security safeguards against the unauthorized access, destruction,
loss, or alteration of data & network & internet security
procedures, protocols, security gateways & firewalls
d. Secure code development
2. Audit logs & reporting
3.Information Technology Disaster Recovery
4.Legal Hold/ Regulatory Demand Requirements
5.Destruction & data disposal - Information security policies and processes
- My Wellbeing Index (KAYA) will maintain appropriate administrative, technical, physical safeguards to: (a) maintain confidentiality of Non-public Information; (b) protect against anticipated threats or hazards to the security or integrity of the Non-public Information; (c) protect against unauthorized access to or use of Non-public Information; and (d) detect, respond, recover from identified risks or incidents including Security Breach. KAYA will adhere to information security industry standard practices as identified in the National Institute for Standards and Technology Cyber Security Framework (NIST CSF), International Organization for Standardization ISO/IEC 27002, or other equivalent authoritative sources. Information security safeguards will include: (a) safeguards against the unauthorized destruction, loss, or alteration of Non-public Information; (b) safeguards against unauthorized access to Non-public Information; and (c) network and internet security procedures, protocols, security gateways and firewalls with respect to Non-public Information.2.6.Secure Code Development. Developers will be trained and follow secure coding best practices (e.g., OWASP, Microsoft Secure Development Lifecycle). KAYA will perform application security analysis and testing according to the requirements of an appropriate standard (e.g., OWASP Application Security Verification Standard) prior to software or code delivery. Information from production environments will only be used for testing & development after the data has been de-identified.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
- From our AWS account console, we tract all the resources/service we use.
- All our services and resources are under our Virtual Private Network.
- Most of services/resources are not internet facing. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
- We can monitor all our service/resources from our AWS console. When can check the health status of each service.
- We can deploy any patches in couple of hours time.
- We can monitor any potential threats from AWS console - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
- We enable logging in entire application and infrastructure. Collecting logs from hosts, services and infrastructure. All these log will monitored to identify any potential compromises.
- When we identify any compromise, we act immediately and isolate the respective system to avoid any data loss and analyse the root cause and fix the issue. - Incident management type
- Supplier-defined controls
- Incident management approach
-
- End users will be contacting our support team when they find any issue in the system.
- Support team will collect all the information and create a JIRA ticket.
- Development team will work on the ticket to fix the issues based on the preority and severority of the issue.
- All the critical issues will be addressed immediately.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Covid-19 recovery
-
Covid-19 recovery
The platform helps Managers, Mental Health First Aiders and Wellbeing champions to really understand who is struggling and help them to recover by investing in wellbeing solutions that are relevant. The platform helps identify and support the physical, mental, social, societal, financial and professional wellbeing challenges of the employees and provides support to them. - Equal opportunity
-
Equal opportunity
KAYA helps understand the reasons behind the wellbeing challenge(s) at the individual level. It provides the support mechanism needed to overcome these challenges. As a result it helps build individual resilience and gets them to be more productive, fulfilled and happy. It helps managers become more empathetic to their colleagues needs and genuinely support them to help perform better. Without this understanding, employees will be branded poor performers. Use of the platform creates a level playing field to help managers evaluate their colleagues objectively. - Wellbeing
-
Wellbeing
My Wellbeing Index (KAYA) is a platform designed to provide personal support to individuals to help them understand their wellbeing challenges, understand how it impacts them and their work and helps seek the right support to allow them to progress to be the best they can be. With no judgement individuals are given the opportunity to develop and seek improvement.
As a macro platform the data collected is then used to build wellbeing solutions, programs and support to help the community. It is also used to track what interventions work better for specific challenges and shares that insight to the wider community
Pricing
- Price
- £5 a licence
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Access to Company level audit . Users can set up, collect data, access dashboard, download report and create company level support plans to address their wellbeing challenges. They can also access the market place to seek additional support
- Link to free trial
- https://companyaudit.kayawellbeingindex.com or https://level1.kayawellbeingindex.com