Our technical and organisational cybersecurity measures

Cybersecurity, data protection and privacy
We are committed to improving your mental health and well-being and empowering you to take control of it. And our team of mental health experts commit to protecting the information you share with us and the tools you use to help you live a healthier life.

Information security management standards
The SilverCloud® platform has a documented Information Security Management System (ISMS) covering areas of technical and organisational security and holds ISO 27001:2013 and Cyber Essentials Plus certifications, as well as a HITRUST-aligned SOC 2 Type II assessment. Information security risk management is a core part of the overall ISMS. Risk management includes the maintenance of a risk register and risk treatment plan.
These assessments are conducted by third-party auditors as part of our on-going compliance programme. The SilverCloud® platform has documented information security policies approved by management and has formally assigned and documented roles and responsibilities for information security and data protection.

Controls
- Asset management
- Human resources
- Physical & environmental
- Communications & networks
- Operations
- Access control
- System development
- Incident management
- Business continuity
- Audit & compliance