POSITIVE REWARDS LIMITED

Feeling Good for Workplace Health

Feeling Good App offers cost-effective audio programmes for mental health, uniquely combining relaxation with Mental Training and CBT. Evidence-based, from workplace studies for burnout, low mood, stress, anxiety, sleep. Builds resilience, confidence, coping maintaining focus, concentration and job satisfaction. Easy-to-use, self-managed or referral.

Features

• Audio app with 50k+ downloads/year. 90% ORCHA score
• Very easy-to-use and set-up giving rapid effective help
• Remote access - use offline after set-up - anywhere, anytime
• Incorporating Cognitive Behavioural Therapy (cCBT) for additional benefit
• Applying sports coaching techniques to everyday situations for better performance
• Non-stigmatising relaxing audio tracks supporting inclusivity and accessibility
• Tracking and displaying in-app measures; mental health, wellbeing, goal achievement
• Enduser customising for language, reader, background music, reminders
• Engaging through messaging, psychoeducation videos, interactive features, anonymous
• Lifetime access: dip-in and out, use when needed, always available

Benefits

• Used for NHS staff wellness and resilience post-covid recovery
• Cost-effective, Flexible delivery. Fits into daily routine
• Empowering staff to look after their own mental health
• Reducing burnout, and low mood. Increasing creativity and job satisfaction
• Self-managing, life-long skills plus increasing workforce productivity,
• Service providers real-time dashboard anonymously tracking employee engagement/outcomes
• Applying sports coaching techniques to everyday situations for better performance
• Webinar wellbeing training for managers and wellbeing teams
• Prize-winning whole University approach for staff and students
• Customisable design and function to fit your needs

£1,425 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sheila@positiverewards.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

527977831480698

Contact

Sheila Ross
07799768879
sheila@positiverewards.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Our service has no scheduled down time or maintenance time. Our uptime is 99.98%. However if you need service support we will do our best to respond to you within these timeframes: 4 hours for a red alert (service is not operational); 24 hours for amber alert (problems with using the service causing significant issues); 48 hours for yellow alert (service fully functional but modifications required)
• System requirements:
  • Smart phone required for app use (android or iOS)
  • Internet required only for first opening and downloading app content

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: App users can email us through the app and we will respond usually within 48 hours during the week and weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Organisation support is via your customer account manager for set up and business questions and is your first call should you need support. Your account manager will arranged regular online meetings to ensure your service is running smoothly and is also able to connect you with other support teams as appropriate, such as our comms team for marketing support and the technical team for technical support,, adaptation and trouble shooting. We will do our best to respond to you within these timeframes: 4 hours for a red alert (service is not operational); 24 hours for amber alert (problems with using the service causing significant issues); 48 hours for yellow alert (service fully functional but modifications required). User support is via email accessible in the app. End user emails will be triaged and directed to the appropriate department for successful outcomes. We endeavour to respond to end users within 48 hours, and usually within 24 hours. 24/7 enduser telephone support helpline can additionally be offered which can provide basic technical support and also information and signposting service.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will work with you to smoothly set up the service /onboarding which will involve: 1. A dedicated account manager to discuss your requirements by email and phone; 2. Agree how many access codes to be created and date of commencement of service; 3. Discuss any customisation/bespoke content (some of which may have an extra cost); 4. Issue memorandum of understanding; 5. Signing off the service licence agreement; 6. Liaising with all key department heads and contacts that you want to receive information on the new service; 7. Onboarding website form options discussed to gather some data and release relevant codes and where hosted ie your website or ours; 8. Discuss where access codes will be displayed/promoted, ideally not in public facing areas but secure intranets; 9. Issue onboarding toolkit for your use (logos, quotes, other information to support launch and engagement); 10. Our comms manager will liaise with your nominated communications contact re comms and marketing support we offer.; 11. Training date agreed for staff overview within first 3 months
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: End-users cannot extract their data from our dashboard as it is anonymised and so cannot be attributed to an individual . Their device collects their own user outcome data and is available for the user at the end of the contract as the user still has access to the app with all their the data on their device. The customer/service provider who has access to the data dashboard will have continuing access to their data for an agreed period of time, in order to allow them time to download their data when the contract ends.
• End-of-contract process: At the end of the contract , with due notice, we will implement our exit plan, providing a smooth conclusion to the end of the contract within the agreed offboarding timeframe. This will involve the inactivation of the access codes, meaning no new users will be able to access the free content. Please note - existing users will not lose access to their existing app content. ; The website onboarding pages and related links will be taken down. We will agree when the service user's access to the dashboard will be closed so that the service user will be able to download their data before it is deleted from the dashboard (usually up to 30 days after termination). There is no additional cost for the exit plan, helping users migrate from the service and extraction of documentation. We will also give you renewable options.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A user downloads the Feeling Good App from their app store, enters the organisational referral code to unlock and access all their tracks/modules, and can immediately start listening to the audios to quickly feel benefit. There is a users guide, psychoeducational videos, reflective exercises, encouraging messaging, listening reminders functionality, user choice of voice, music and language (Polish, English), personal mood tracking and goal satisfaction. Users either follow the suggested programme or dip in and out, where and when needed,. Available offline with lifelong access to these tracks - even after the licence ends. Simplified version on the website.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: We are integrating the service for IAPT use - as guided self-help and blended therapy. For this we are connecting with IAPTUS/ PC MIS service interface. This is a service which is optional. This will allow user's data collected in the app (eg mood tracking) to be integrated with their IAPT records and be seen and monitored by the IAPT practitioner. There will also be risk indicators, alerts and text messages. This enables blended care, and supervised self-help.
• Accessibility standards: None or don’t know
• Description of accessibility: The app is easy-to-use (user tests 99%), the user only has to add in a referral code, There is no signing-on process and optional questionnaires. The app adjusts to resizing with scrollable pages. The website supports zooming and text resizing. Audio format enables accessibility. Closed captions are in videos and being implemented on audios. Our graphic bear has non-identifiable ethnicity, gender and age, echoing the non-stigmatising and transcultural approach of the programme. On the website, we use a contrast checker tool, accessibility plugins like Wave to check html, following semantic html guidelines, to ensure it is in line with WCAG.
• Accessibility testing: Manual testing using assistive technologies for visual impairment, such as text colour contrast, screen magnifiers, screen readers and speech recognition software. We are working with a local deaf action group to make the app more useable by those with hearing difficulties and using a group to test the subtitles and other features for suitability. Internal teams (e.g. user interface designers, Quality Assurance) test functionality and usability. User satisfaction- anonymously completed, consistently shows 99% say it is easy to use and 98% would use it again.
• API: Yes
• What users can and can't do using the API: The API is customised by us for the supplier, they cannot make changes directly to it, but can request us to make changes, for example incorporate new text or data collection e.g. we can add in data field to be displayed in the data dashboard, or customise text for what is seen in the app by the end-user .The buyer can directly customise the data dashboard display through searching on different codes, across different time points and choose different reports to download and also choose to download the data as a csv file to allow a deep dive into the data for greater data analysis. ; The end user cannot directly change the API but can through their app use make choices from what's on offer in the API e.g. choice of reader in the app.
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Buyers can request the supplier to add in customisation of the service with for example their own logo and specific text pages with for example local services. They also can choose the content of the app through which modules the codes unlocks for the end users , such as different modules for students/patients and for staff (eg work life balance). They can choose which in-app questionnaires to present to the app user such as demographics or not, PHQ8 or PHQ9. We can also add in external services such as telephone helplines, and PC MIS IAPTUS interoperability (extra costs apply). Suppliers can also customise the data collected on the onboarding page and we are happy to work with them to further meet their needs with new services. The end-user can customise their own use of the app for voice, language (English, Polish, and soon to come Japanese and Ukrainian) and background music of the tracks, track selection through goal setting and setting reminders. We are continuing evaluating the app and actively recruit user feedback through UX and UI reviews to improve the app for users benefit.

Scaling

• Independence of resources: We use multi-tiered architecture, with a scalable virtualised infrastructure that uses load balancing and monitoring to effectively scale to the demands on our service. Our database servers exist separately (Firebase Cloud services) and algorithms are used to direct demands to available support to effectively manage any spikes in usage so the service is not affected by demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide - Service level performance (e.g. response times),; Number of incidents and time to resolution; Security metrics (e.g. virus detection); Number of users, date and time of first use., Number of users per defined area/ organisation (i.e. per code), User groups/access routes -profession/area/workplace etc. (customisable). Demographic data -age, gender, ethnicity; Outcome data: mood scores (PHQ8 and PHQ9) at start, weeks 2 and 7, number of tracks/modules listened, goal satisfaction; User satisfaction and benefit through open text Q & A.; User data is tracked on an anonymised individual, one line per user basis.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Google Firebaseuses the Advanced Encryption Standard (AES) algorithm to encrypt data at rest. All data at the storage level is encrypted with AES256 by default, with the exception of a small number of Persistent Disks created prior to 2015 that use AES128. AES is widely used because (1) both AES256 and AES128 are recommended by the National Institute of Standards and Technology (NIST) for long-term storage use (as of March 2019), and (2) AES is often included as part of customer compliance requirements.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: End user cannot export their data out of the app unless via screen capture and share. Service providers can customise data reporting and exporting in the data dashboard, choosing different reports or screens presentations, data visualisation by codes showing app use over chosen time periods, outcome data and user satisfaction scores and comments. . They can export via print or save the reports as a pdf or download the data in csv format to allow for greater data analysis.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Pdf from the print options
• Data import formats: Other
• Other data import formats: Only when interfaced with for example IAPTUS/PC MIS

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Uptime: Guaranteed availability: The Feeling Good App and access to its modules is available round the clock and has an expected uptime of 99.98%. In respect to access to the app via the internet, and we will use our best endeavours to maintain this level of service. We cannot be held responsible for access problems that arise from difficulties from the customers' own systems, their connection to the internet or any other system or link outside our direct control. If you need service support we will do our best to respond to you within these timeframes: a) 4 hours for a red alert (service is not operational); b) 24 hours for amber alert (problems with using the service causing interruption of service); c) 48 hours for yellow alert (service fully functional but modifications required). We do not refund customers in the very unlikely event that we do not meet this level of service. We are willing to discuss this on an individual customer basis.
• Approach to resilience: We have a number of measures in place to protect our company from risk and to make us resilient. Maintenance is managed and controlled through multiple channels to ensure integrity and availability. These are documented in our Information and Security policies and procedures. ; Our data centre is Firebase who have their own systems in place to be resilient and to prevent and manage the risk of technical issues. Their datacentre is Tier 3 which has an expected uptime of 99.982% per year. Data is backed up at all times. Outages are reported via a dashboard and email. ; RTO (Recovery Time Objective) is usually around 1h, with maximum of 6h - 24 hr. RPO (Recovery Point Objective) is. max 24h of data. Zero-point of-failure system is - each app user can recover if the cloud is down through the cache is the app's backup, while the cloud is backed up by firebase people.; We can give more information on request.
• Outage reporting: We report outages by email alerts to customers and via a landing page

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Users codes are authenticated via our call and response system from the app to our API
• Access restrictions in management interfaces and support channels: Can be restricted to particular domains or IP addresses, restricted to user accounts with relevant privileges, username and complex password, two step authentication, and separation of environment at Management/Network/Storage layers
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • DTAC
  • ORCHA - 90%

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: DTAC, Cyber Essentials, ISAME, MASVs-L1 and L2
• Information security policies and processes: We have our internal security processes, documented in our security documentation which include working to ISO27001 standards, employees vetted before joining, employees given regular security briefings (e.g. annually), incident and dispute reporting scheme

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The status, location and configuration of service components (both hardware and software) are tracked throughout their lifetime, based on ITIL principles and the defined process within ISO9001. Changes affecting the customer will need customer approval prior and all changes go through a rigorous internal testing and validation process. Changes to the service are assessed for potential security impact. Then managed and tracked through to completion.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This includes: A network operations centre monitoring 24x7, regular (weekly) vulnerability scans and threats raised and penetration tests annually. Security patches devised and released (weekly, critical patches asap). Our R&D teams are trained on security integration supported by external expertise to continually develop and innovate for security and customer data protection. We have a security information and event management (SIEM) solution to identify, triage ,mitigate vulnerabilities through our risk assessment and threat management procedures, timescales for severe threats - max 4 hours, medium threats - 24 hours and lower risk - 48 hours. Information from alerts, emails, networks and reviews.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are discovered through Firebase alerts and email alerts from other suppliers. Suitable response is taken according to the assessed degree of threat. If deemed an red alert posing immediate threat this will be responded to immediately, at least within 4 hours, an amber alerts with 24 hours and a yellow alert in 2 days.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents management is documented in our management systems Incidence Response Policy which details notifying customers in writing within 12 hours of any Security Incident(s) relating to their personal identifiable data and/or their systems which may contain their customers personal identifiable data. We shall notify them our action plan within 24 hours ensuring end-to-end communication is maintained and customers receive detailed report after incidents if they have been affected. We have an Incident Management team that responds to real or suspected violations and security incidents are logged, raised with the CTO.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We are committed to fighting climate change through effective stewardship of the environment. ; All of our resources are online with local printable options. This reduces the use of resources and transport, and is part of our commitment to fighting climate change. We will deliver additional environmental benefits in the delivery of any contract by bringing our awareness and ethos to Influence staff, suppliers, customers and communities to seek and support the lowest environmental footprint process to help seek net zero greenhouse gas emissions and maximum environmental protection and improvement.
• Covid-19 recovery:

  Covid-19 recovery

  We will support recovery through Health and reduced demand on public services through the provision of our services. We are flexible and innovative and able to respond quickly to situations to help the mental health of people. For example we responded to the Covid-19 pandemic by releasing in April 2020 within 2 months of the 2020 lockdown, free access codes to the Feeling Good App supported by webinars on building resilience for all healthcare staff across Scotland, while advertising this on twitter, local NHS Covid-19 bulletins and local and national Scottish radio. During the first 6 months 1503 people had accessed the app via this route. We continue to support the wellbeing of health and social care workers across Scotland.; We are responding to the war in Ukraine by working with Ukrainian refugees in Poland and Belarus to translate the app into Ukrainian so that we can provide this, and the Polish translation, for free.
• Tackling economic inequality:

  Tackling economic inequality

  Operating across the UK, we work through our sister charity The Foundation for Positive Mental health, to serve various communities, providing multifaceted mental health and wellbeing education and training, supporting around 3000 people per year, working alongside our sister organisation, donating and distributing their ‘Feeling Good’ app to disadvantaged groups; the charity works as a vehicle for running socially valuable projects. ; For example, we believe that mental health and wellbeing should be highlighted in a positive way within schools, and the charity works with schools, particularly in disadvantaged communities, across the UK to support their mental health and wellbeing education, delivering Feeling Good for Schools - two 6-week programmes over two years (Yr7/S1 and Yr8/S2), alongside provision of the ‘Feeling Good Teens’ wellbeing app for the pupils, and adult ‘Feeling Good’ app for teachers and parents/carers. Mental skills for resilience can help young people be more future ready and able to positively contribute to the workforce in later life. Working in schools and prisons allows us to reach the more disadvantaged communities - those who need these skills the most.; Additionally this approach by example is inclusive, it will positively influence future attitudes towards those that are disadvantaged and improve inequalities and opportunities.
• Equal opportunity:

  Equal opportunity

  Positive Rewards Ltd., producers of the Feeling Good App, is an ethical company which operates within its fair work and equality policy. The Feeling Good app does not collect or sell any personal data. ; Positive Rewards is committed to social value and operates within ethical principles of equality, and inclusivity, along with its sister Charity Foundation for Positive Mental Health, since 2010.; Currently the charity is working with improving mental health in schools and prisons. Both the charity and Positive Rewards share the same workforce, funded by Positive Rewards and we employ people from different ethnic backgrounds and with lived experience of mental health difficulties and provide a supportive workplace for women, e.g. flexible hours, child friendly approach.; The co-operation with the Charity means that we can innovate and initiate projects for social good that have no monetary value to the company (Positive Rewards)
• Wellbeing:

  Wellbeing

  As a company that works to improve the mental health and wellbeing of the nation, it is of prime importance to us that we lead by example and look after the mental health and wellbeing of our workforce, and reflect these values in those we work with as well, for example we adhere to fair working practices, promote training and personal development and have a culture where all our workers are valued and feel they positively contribute to the organisation. ; We value the experience of our users and their communities and work to ensure that their voices and views are sought and taken on board. We do this through seeking evaluation of our product for example through anonymous webinar evaluation surveys with the professionals we work with; with in-app questions from our users inviting their views and experiences of using the app; through more in depth user experience and insight interviews, through reaching out through social media to extend our community engagement, for example with Black Minds Matter. These allow us to co-design the development of the app, and have led to innovations such as for example different voices and background music in response to user feedback. We also value our customers/contract and will work with them to help the app better meet their needs, and have a programme of active engagement across the whole service delivery team through to the end user, building a strong integrated community.

Pricing

• Price: £1,425 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial option consists of test codes to unlock the app to show the content that can be revealed or hidden with different codes. These codes are usually valid for 1 month from being inputted into the app. We can also give a trial dashboard for report viewing.
• Link to free trial: Please contact us for a free trial access codes.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sheila@positiverewards.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.