Brain in Hand

Brain in Hand

Brain in Hand provides practical human support and personalised digital tools to help people manage overwhelm, reduce anxiety, and gain independence. 1:1 personalised coaching and digital resources provide support to those who are neurodivergent (e.g. Autistic or ADHD) or have a mental health condition (e.g. anxiety or depression).

Features

• Users can plan and manage their daily routines
• Users can record and manage levels of anxiety
• Users can request help from trained professionals 24/7
• Our co-production approach ensures a truly personalised solution
• Our technology integrates with existing care pathways
• Our service is accessible via Android and IOS
• User can access personalised coping strategies
• Users receive prompts and reminders for important tasks

Benefits

• Achieve set goals and outcomes
• Reduce the likelihood of crisis events
• Users feel supported in between care interventions
• Increase independence through self-management
• Data available for self-review and to support professional review
• Users linked to their support networks
• Services step down care, saving up to £6,500 per year
• Reduction in demand for services such as crisis interventions
• Prevention and maintenance of long term conditions
• Users can monitor the efficacy of their care plans

£1,550 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at traceyjasper@braininhand.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

639892420724906

Contact

Tracey Jasper
07368293158
traceyjasper@braininhand.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • IOS 15.0 or above.
  • Android 6.0 or above.
  • Web browser (Chrome, Edge, Safari, Firefox)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours Monday to Friday 9-5.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: For customers who purchase an individual licence, we provide first-line technical support via telephone 9 am to 5 pm Monday to Friday. The cost of the support is included in the licence fee.; ; For organisational customers who purchase a group of licences, we provide a dedicated programme manager who provides first-line technical support via phone or email 9 am to 5 pm Monday to Friday. The cost of the support is included in the cost of the licence fee.; ; Second- and third-line support is provided indirectly to end users (via the call handler or programme manager) by a member of our development team or, ultimately, our CTO.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: End users are provided with personal planning sessions - typically four hours, but can be varied to suit the user's needs and delivered in any configuration (two two-hour sessions, four one-hour sessions, and so on) - with a Brain in Hand Specialist. This will be delivered in a fully remote online format.; ; They begin by working through a workbook which helps them to think about their strengths, needs, and goals; the Specialist helps them to complete this process and to formulate this information so that it can be populated in the user's Brain in Hand system. Once these sessions are completed, users should understand what they want to use Brain in Hand for, how its functions can work best for them, and how to independently use the software (updating and accessing their resources and coping strategies, requesting remote support, and monitoring their own mood, wellbeing, or anxiety levels).
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract data will be retained for 2 years and anonymized after this date. Details can be found on our privacy policy.
• End-of-contract process: When a user's contract term ends, they and their supporters are no longer able to access their Brain in Hand system or any of the information within it. Information is permanently deleted after two years (to allow for the possibility of data requests or licence reactivation).; ; Individual Brain in Hand subscriptions are purchased annually and include personal planning sessions, web and mobile software, and a remote response service. There are no additional costs. Users can renew their licences in subsequent years at a lower price if they do not need additional personal planning.; ; Organisational purchases include a number of individual software licences, personal planning and response services for each user, and professional support to the organisational team managing the project.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our mobile and web (desktop) services serve two different functions. Our mobile service provides uses with access to their diary, coping strategies, tasks, and the traffic light response service. The desktop technology enables users to make changes to the information accessed through their mobile software, review their progress with an appropriate supporter, and access support including video tutorials.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our system can scale outwards when required.

Analytics

• Service usage metrics: Yes
• Metrics types: For organisational customers who purchase a group of licences we provide metrics to cover: ; Active Users (by Responses), Active Users (by Traces), Users with no response or trace, App Openings, App Openings+, Presses of Events, Presses of Activities, Presses of Problems, Presses of Solutions, Presses of Green, Presses of Amber, Presses of Red
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: By making a request to info@braininhand.co.uk in accordance with our privacy policies, users will receive a zip file containing a json document. These documents are a direct download from our document database. There is no additional cost for this service.
• Data export formats: Other
• Other data export formats: A zip file containing JSON documents
• Data import formats: Other
• Other data import formats: Data cannot be uploaded into our system

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We have not been asked guarantee service availability in our contracts, however our service availability is over 99%.; ; We have not been asked to include a refund structure for service availability within our existing contracts. We would be happy to do so if a client organisation requests it.
• Approach to resilience: The components that form the backbone of the BIH service are hosted within a cluster. This cluster has been designed to migrate required services from failed to healthy nodes in the cluster. So, if we have a node failure (or a failure in an Azure failure domain) then the system can still run.
• Outage reporting: Any exceptions and outages are reported via SMS and email to key members of staff.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Only users with sufficient privileges can access the management interfaces.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Security Essentials - Basic
  • Cyber Security Essentials - Plus

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: No
• Security governance approach: Security of our system is the responsibility of everyone in our organisation. We empower everyone in the company from developers to support staff with the right to raise security concerns; our procedures ensure that these concerns are listened to and actioned where appropriate.
• Information security policies and processes: We operate several formal policies relating to specific areas such as access to confidential information, data protection, records management, and security risk management. The purpose of these is to ensure that we are acting in accordance with all relevant guidance and legislation and in such a way that we can deliver the best possible service to our users and organisational customers.; ; In order to deliver our service, we are likely in the course of our business to hold sensitive and confidential data about individuals. We take our duty of care to our users, clients, staff, suppliers, and others extremely seriously, ensuring that data is accessed only by those with a legitimate business requirement and protected against loss or unauthorised access. We only collect and process personal data as is necessary to provide Brain in Hand. ; ; We undertake regular assessments of our compliance with legal requirements and our internal policies relating to how we keep and manage information, especially information about people who use the Brain in Hand system.; ; Our SMT manage compliance and updates our policies as required. Regular training is also undertaken for staff and completion is recorded. Users are also able to report issues via our website.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Brain in Hand system is hosted on Azure and only a small number of key personnel can make changes to this environment. Each change must be associated with a change request and all changes are logged as fundamental part of Azure.; All changes to infrastructure and software must be approved by CTO before being released.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: At Brain in Hand we regularly assess the components that make up our service for potential vulnerabilities. As our system is built upon open source software, information about vulnerabilities and updates, will come directly from the vendor GitHub pages. We review these pages on a monthly basis. Depending on severity patches to our system are normally released between 24 hrs and 14 days of being notified of the issue.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: As we host our system on Azure we use different features of Azure to monitor access to our system and infrastructure. Alerts will be sent out from the system if certain conditions are met; this includes increased amount of traffic associated with hacking attempts. This allows us to quickly respond to potential compromises.
• Incident management type: Supplier-defined controls
• Incident management approach: At Brain in Hand we have a set of pre-defined processes for security and data breaches. ; ; End users can report incidents directly and there are links on our website and on our support pages which is available in our software.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  We endeavour to meet the wellbeing needs of our workforce and offer a range of flexible working patterns including remote working – the majority of our teams are remote. Plus we have a well-being policy whereby employees work a 9 day fortnight we every second Friday dedicated as a well-being day. With 94% of our colleagues citing happiness at work, and 91% experiencing a strong sense of purpose, we're a place people love to work.; Our team is diverse in age, gender, sexual orientation, nationality, religion, and beliefs, and we strongly support neurodiversity in our teams.; Additionally, we’re a Disability Confident employer

Pricing

• Price: £1,550 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at traceyjasper@braininhand.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.