SkinVision empowers individuals to self check their skin for early signs of skin cancer by transforming their smartphone into a medical device.
Our CE certified machine learning algorithm recognizes early signs of melanoma, basal cell carcinoma and squamous cell carcinoma and is supported by a team of medical professionals.
- Individuals can self check skin with smartphone cloud app
- Digital first primary care, fast access to convenient health
- Scientifically proven accurate Machine learning algorithm (95% sensitivity)
- Available on iOS and Android, runs from cloud
- CE certified as a medical device
- Immediate answer whether spot shows early signs of skin cancer
- Real time insight in activity & results data of userbase
- Population health management program with professional program management
- Reduce pressure on health system
- Skin cancer awareness & education
- Drive early detection of skin cancer ( ~150.000 patients annually)
- Free up scarce time of GP and Dermatologist
- Reduce health inequality, accessible to all with a smartphone (>85%)
- Improve performance on cancer targets, including 28 days to diagnosis
- Improve efficiency skin cancer care pathway
£10 to £20 per user per year
Loes van Egmond
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
SkinVision is available for both iOS and Android. The app is functional for most Android devices and iPhone 6 and higher.
We strive to deliver a high quality service for all users. Because mobile devices hardware varies, we are, unfortunately, not able to provide our service on every device. This means that we do not support devices which are unable to meet the requirements needed to provide an accurate risk indication, these are usually old or simple models. A list can be found here:
|Email or online ticketing support||Email or online ticketing|
|Support response times||On weekdays we strive to response within 24 hours|
|User can manage status and priority of support tickets||No|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||Our webchat is available via a pop up on our web page and creates a direct chat conversation with one of our customer support members.|
|Web chat accessibility testing||No dedicated testing is done for assistive technology users.|
SkinVisions program management team will drive the program management, including kick off, IT development (when necessary), operations and awareness campaigns. The team is dedicated to designing and launching successful programs, this support is included in the pricing.
SkinVisions customer care is available on weekdays to support end users with any questions they may have. Customer Care may be reach via email, in app messaging or the chatbox on our website at no extra cost.
|Support available to third parties||Yes|
Onboarding and offboarding
SkinVision's program management team will work together with the client to explain the service and kick off the SkinVision program, where our team will take on the bulk of the work.
For the end user we have media available to understand the service, including:
-youtube video's: https://www.youtube.com/channel/UC0S7A_z4rATdIACdyo1aK0w
- Customer support
- Instructions for use: https://content.skinvision.com/website/en/instructions-for-use.pdf
|End-of-contract data extraction||
As part of GDPR compliancy, the client never has insight in personal and medical data of the end users of SkinVision.
The end users of SkinVision always have access to their SkinVision data within the SkinVision app, even if the subscription ends and can extract the data from there.
SkinVision can set up large scale population management programs where a cohort has unlimited access to our services.
When the contract ends, the client may extend the service and end users can continue to use the service as is. If for whatever reason, the contract is terminated, end users will continue to access their historical data within the SkinVision app but are unable to do new skin checks. These individuals may purchase their own SkinVision products to continue enjoying the services.
SkinVision will provide a final dashboard with data on activity & results to the client and update any communication on SkinVision's media. As the service is used by individuals, no technical disengagement is needed.
There are no extra costs for any of these activities.
Using the service
|Web browser interface||No|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||SkinVision Skin Checks are only available via our app on the smartphone (iOS & Android) as we need the smartphone camera to capture the skin spot.|
|Description of customisation||
SkinVision's experience can be tailored to best meet the partners need, including:
- tailored messaging to activate users
- Dedicated landing web page to explain the service
|Independence of resources||We host our services on AWS cloud. Auto scaling is in place in case of high demand from customers.|
|Service usage metrics||Yes|
SkinVision has real time insight in the activity and results of our programs, including:
- # active users
- # skin checks done
- % of high risk skin checks
- # suspected skin cancers identified through our platform
- £ saved thanks to SkinVision
All this data is aggregated and anonymised.
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Other data at rest protection approach||All data is stored on AWS using AES-256 encryption.|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||End users of our service can always access the results of their skin checks on SkinVision's smartphone application. They can continue to do so even when the contract between the client & SkinVision is terminated.|
|Data export formats||Other|
|Data import formats||Other|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||IPsec or TLS VPN gateway|
Availability and resilience
|Guaranteed availability||We can include a reasonable SLA (e.g. app availability, customer support response) as part of our agreement.|
|Approach to resilience||Important measure to make the system resilientare: making use of AWS infrastructure, making frequent backups and having infrastructure as code.|
|Outage reporting||Internal email alerts are send out in case of anomalies and immediate action is taken.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Protected by strong passwords and 2factor authentication and can only be accessed from within the SkinVision network|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||Management works in accordance with ISO27001, certification follows August 2019|
|Information security policies and processes||Information Security Management System is setup according to ISO 27001|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Change management is handled in the QMS according to 7.1 and 7.3.9 from ISO 13485:2016. System requirements are kept up-to-date and are traceable during the lifetime of the service. Security officer has to sign off all changes to the service.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
Technical risk assessment is done in the form of threat modeling to identify vulnerabilities and other information security risks of the SkinVision infrastructure.
Patches can be deployed within one day when really required.
Appropriate contacts with special interest groups or other specialist security forums and professional associations shall be maintained (e.g. AWS Security Bulletins)
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
Using Amazon GuardDuty to detect threats automatically. User can report incident via email@example.com which is published on the website.
When potential compromise is reported initial triage will be done which includes defining the risk level. In case of risk level major and critical immediate containment is performed by the Incident Response Team. The immediate containment includes ensuring evidence is preserved, containment actions are executed and stakeholder are informed.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
Incidents are handled according to Security Incident Response Procedure. Continuity plan is in place for severe incidents which could threaten the continuity of the organisation. Special procedure exist for reportable incident where relevant National Competent Authority needs to be notified.
Users can report incidents via firstname.lastname@example.org which is published on the SkinVision website.
Incident reports are logged in the internal ticketing system.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£10 to £20 per user per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
We'd like to invite you to experience SkinVision's technology yourself.
Follow the link from your mobile device, which will prompt you to your App store. After downloading our app and creating your account, you are immediately entitled to 30 days of unlimited access.
|Link to free trial||http://bit.ly/SVgcloud|