LIMBIC LIMITED

Limbic Care - a mobile AI therapy assistant for patients and clinicians

Limbic Care is a mobile therapy assistant designed to support patients and clinicians on the waitlist or during treatment. Conversational A.I. helps patients record experiences, concerns and thoughts which support identifying repeated patterns.
Therapists access submitted information to inform treatment decisions and assign educational courses based on specific treatment needs.

Features

• Real time reporting and customisable clinical dashboard
• Customised and personalised to complement and enhance provider service pathways
• GDPR & NHS IG Compliant
• Collect and display clinical measures GAD7, PHQ9, W&SAS etc.
• Available 24/7/365
• Safeguarding & risk stratification
• Clinician mobile app available as well as patient app
• In app technical support

Benefits

• Instant support on the waitlist or collaboratively when in treatment
• Friendly mobile app for patients at the point of entry
• Prompt patients to log their mood and associated thoughts
• Improves patient safety as flags and prioritises high risk patients
• Provides in app evidence-based CBT, in the moment, 24/7
• AI chatbot drives interaction and usability
• Activate patients and help reduce DNA rates
• For clinicians, easily review data and spot key patterns
• Accelerate treatment formulation and evaluation through better data
• Re-enforce therapeutic messaging by engaging patients in-between sessions

£16.50 to £20 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at syed@limbic.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

894650862540675

Contact

Syed Abrar
07425 111222
syed@limbic.ai

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • Internet access for Website
  • Android devices = Android 6 or above
  • Apple (iOS) devices = iOS11 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a policy to respond within 1 working day to all requests. In all responses, we include a specified timeline if the query isn't resolved in the first instance.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Service user testing as part of Innovate UK grant which included testing of web chat function
• Onsite support: Onsite support
• Support levels: All support is included in the cost of the product and there is no additional costs to any support received.; Every customer will have a dedicated implementation lead and a technical lead available to them.; We offer weekly meetings to support setup and deployment. This includes any education and training required for service staff.; We offer email and phone support for all queries on top of this.; We provide real time analytics to all customers to see the status of the system and resolve any potential queries without having to contact Limbic.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: 1. Determining timelines and customisation with dedicated project delivery expert.; 2. Online training materials provided to senior leadership and staff; 3. Live or onsite training webinars/sessions provided post implementation
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data related to the product is held for 5 years and then appraised for each use and necessity. After which we follow procedures around the safe deletion of data and maintain audit deletion logs of this.; Any data can always be extracted or deleted with a Subject Access Request to the Data Protection Officer.
• End-of-contract process: Limbic assists in the safe removal of the service to maintain operational security for the customer. Removing this is free of charge and included in the price of the service. We archive all project information according to our Document Control procedures.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile service is optimised for small screens which means that it covers a larger part of the screen as opposed to the desktop version.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: It's a mobile app AI chatbot that utilises a conversational interface to engage patients whilst on the waitlist or used collaboratively with their clinician when in-treatment.; The clinician has access to a therapist web app which allows them to create homework reminders and create customised strategies for the patient.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have tested the service with visually impaired users as well as users with motor disabilities. We have done user testing with representative samples of our customer's population both independently and in collaboration with NHS talk therapy services.
• API: No
• Customisation available: Yes
• Description of customisation: Clinical reports to inform future treatment decisions; Analytics dashboard for service reporting; Risk stratification ; Create bespoke treatment strategies; Create patient activation goals; ; They can customise this together with the dedicated program delivery expert that will be assigned to the customer at the start of the project.; The senior leadership will be able to provide input and customise with the program delivery expert.

Scaling

• Independence of resources: We have auto-scaling in place with AWS load balancers which is the industry standard on scaling usage with cloud hosted services. With respect to staff, we actively track competency matrixes to assess staff resourcing needs ahead of time.

Analytics

• Service usage metrics: Yes
• Metrics types: Full suite of metrics available ranging from:; Number of active users; Number of risk cases; Homework completion percentage; Patient feedback; Demographic information; Create bespoke metrics
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All data is exported instantly to the respective system or otherwise agreed method of exporting once any information is received via the service.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Secure email
  • PDF download
• Data import formats: Other
• Other data import formats:
  • Patients can upload data using the mobile app
  • Clinicians can upload data using the mobile app
  • Administrators can upload data via the web based dashboard

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.9% uptime and refund the value of any missed referrals in case of any lost uptime.
• Approach to resilience: Our datacenter is hosted and operated by Amazon AWS which is the gold standard in terms of data protection and security with physical and virtual controls in place to minimise the risk of any data leak.
• Outage reporting: In case of any outage, our dedicated customer support team will reach out to the customer contact and inform the customer of said outage with appropriate details and expected time to get back online. We report uptime statistics in monthly reports to customers as well.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: We have access control procedures in place. Access is linked to a team member's email address which is controlled by top level management. We have defined job description writeups which details what systems or software an employee needs access to. Any change outside the scope of this needs to be signed off by top management.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Limited
• ISO/IEC 27001 accreditation date: 16/09/2021
• What the ISO/IEC 27001 doesn’t cover: Anything outside of the design and development of digital psychology tools.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: This Information Security Management System (ISMS) is the means by which Limbic Limited (the ‘Organisation’) satisfies the requirements of BS ISO/IEC 27001:2022 with regard to the Organisation’s overall business risks. It specifies the requirements for the implementation of security controls, customised to the needs of the Organisation or to specific parts thereof.; ; The Organisation has adopted the process approach for developing, implementing and improving the effectiveness of its ISMS.; ; The Organisation, in adopting the process approach, is committed to:; ; - Understanding business information security requirements and the need to establish policy and objectives for information security; - Implementing and operating controls in the context of managing the Organisation’s overall business risk; - Monitoring and reviewing the performance and effectiveness of the ISMS; - Continual improvement based on objective measures; - Communicating throughout the Organisation the importance of meeting all relevant statutory and regulatory requirements specifically related to its business activities; - Ensuring that adequate resources are determined and provided to monitor and maintain the ISMS.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: As part of the change request process a plan needs to be created which includes a risk analysis. This plan is reviewed by multiple team members. Changes to our product/service are tracked and monitored in according to our quality management procedures.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We perform risk assessments on all data asset types at least annually. At least bi-annually we run vulnerability reports through our anti-malware software. Any critical patches are deployed within 14 days which is a mandated policy. We get information on potential threats through our anti-malware software.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Anti malware software reporting is running at all times and sends logs of threats for each and every device within the organisation. A CREST approved third party is actively monitoring risk across our technology stack.; Depending on the severity, we will make an informed decision on how quick to fix or patch the problem.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have clinical and security management procedures. These are audited at least annually. We have a dedicated email channel for incident reporting. For clinical incidents we report in according with DCB0129. We share incident reports with customers.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Limbic Care is an AI care companion that delivers education and activities through generative AI, enabling higher engagement in therapy and better recovery rates. ; ; Limbic Care improves recovery rates, reduces dropout and supports resource constrained services to scale care. In one Talking Therapies study, Limbic Care helped patients reach reliable recovery with 40% less resources.

Pricing

• Price: £16.50 to £20 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at syed@limbic.ai. Tell them what format you need. It will help if you say what assistive technology you use.