Living With Ltd

Living With Condition Management Platform

Living With is a digital condition management platform that connects patients and clinicians. The app helps patients track and better self-manage their conditions, connect with their clinicians between appointments, manage their own goals and review condition-related resources. The portal enables clinicians to monitor real-time disease activity.


  • Dedicated invitation only patient app
  • Serving multiple conditions through one app
  • Diary symptom management
  • Flare reporter
  • Patient Reported Outcome Measures
  • Clinically validated patient information
  • Goal setting and tracking
  • Pathway management


  • Securely deliver access to a patient app
  • Capture diagnostic information from the patient app
  • Obtain insights on disease activity to support management
  • Keep accurate records of patient disease over years
  • Send motivational messages to support patients remotely
  • Improve patient support during condition flare up


£1000 per licence per year

  • Free trial available

Service documents

G-Cloud 11


Living With Ltd

David Anahory


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints None
System requirements
  • Web browser with internet access for clinicians
  • Patients must use a smartphone

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are 1 hour within working hours 9am to 5pm Monday to Friday. No support provided at weekends unless a premium support service is purchased.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Support levels are defined by the category of issue assigned to the ticket. A Priority 1 ticket means a total loss of service, these tickets are responded to within an hour and 95% of issues are resolved within 8 working hours. Priority 2 ticket means a partial loss of service, these tickets are responded to within an hour and 95% of issues are resolved within 16 working hours.Priority 3 ticket means a minor issue with the service affecting less than 10% of patients, these tickets are responded to within an hour and 95% of issues are resolved within 32 working hours.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite and remote training is provided as well as training materials such as guides and instructional videos also provided.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Users can request a data extract when the contract ends. Data is retained by Living With for 7 years, in line with requirements for storing patient data.
End-of-contract process At the end of the contract, service is decommissioned and users will no longer have access to their logins or data.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None
Service interface No
Customisation available Yes
Description of customisation Users can add new conditions to the platform or add new features to support the management of new features/exercises/diaries/outcome measures/content.
These bespoke services are negotiated and agreed with the client to ensure scope is delivered to time and budget.


Independence of resources The platform is structured with sufficient redundancy to support all patient needs on an ongoing basis. Users cannot place a higher demand on services than other users.


Service usage metrics Yes
Metrics types Reports are provided showing the number of patients and the level of activity and compliance by patients.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Users can export data into a csv file.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Guaranteed availability of the core service is 99.99% of uptime. Service credits are given if this standard is not met.
Approach to resilience The platform has two independent software stacks built and architected on an N+1 structure.
Outage reporting Via email alerts to users.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Access is restricted to invited users. Invitations expire within 30 days. Background re-authentication every 8 hours.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We comply with the NHS Data Security & Protection toolkit

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configuration is completed at the point of on-boarding. Changes can be made once live subject to a review of the potential impact of service changes to users.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Ongoing vulnerability detection processes will detect any potential threat. Our aim is to deploy any patches within 4-8 working hours.
Protective monitoring type Undisclosed
Protective monitoring approach Potential compromises are uncovered through bi-weekly testing, Any issues highlighted are addressed within 8 working hours for 95% of issues highlighted.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incidents are logged on an ad hoc basis to the service team. Incident reports are formally reviewed monthly with actions taken.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £1000 per licence per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Free time limited trial for 4-6 months. Complete access to the platform , no restrictions or limitations on use during trial period.

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑