Our technical and organisational cybersecurity measures

SilverCloud® by Amwell® is the world’s leading online mental health platform, enabling providers, health plans, employers and higher education to deliver clinically validated digital health and therapeutic care. We empower users to think and feel better through personalised and interactive programmes matched to meet their unique needs.

To ensure the confidentiality and security of user data, our team of experts has implemented technical, administrative and physical safeguards for ultimate privacy and protection.

Cybersecurity, data protection and privacy

We are committed to improving your mental health and well-being and empowering you to take control of it. And our team of mental health experts commit to protecting the information you share with us and the tools you use to help you live a healthier life.

Information security management standards

The SilverCloud® platform has a documented Information Security Management System (ISMS) covering areas of technical and organisational security and holds ISO 27001:2013 and Cyber Essentials Plus certifications, as well as a HITRUST-aligned SOC 2 Type II assessment. Information security risk management is a core part of the overall ISMS. Risk management includes the maintenance of a risk register and risk treatment plan.

These assessments are conducted by third-party auditors as part of our on-going compliance programme. The SilverCloud® platform has documented information security policies approved by management and has formally assigned and documented roles and responsibilities for information security and data protection.

Controls

Asset management
Human resources
Physical & environmental
Communications & networks
Operations
Access control
System development
Incident management
Business continuity
Audit & compliance