ADL Smartcare Limited

ADL Smartcare's Healthy Ageing Digital Service

The cloud software provides you the tools to successfully promote and monitor healthy ageing/life-course in your community, whilst managing demand through prevention. Our healthy ageing virtual assistant, built on >6000 years of combined professional best practise, offers products, services and activities to help mitigate age related decline.


  • Hosted on an ultra-secure, scalable private cloud infrastructure
  • Fully supported online implementation requiring minimal local IT input
  • Identifies public, local and national providers
  • Underpinned by a unique dedicated research facility
  • Guided self-management sufficient to address people's specific needs
  • Simple to use for citizens and families/support network or staff
  • Assessments undertaken by non-professional staff via telephone and/or office-based clinics
  • Enables targeting of budgets and local services based on insight
  • Professional level assessments can be understand by non-professional staff
  • Citizens can map their ageing journey using the LifeCurve™


  • A digital health and care service, enabling scaled support
  • Quick and easy-to-use 24/7 access to self-help for citizens
  • Pre-populated with professional quality advice, minimising service involvement
  • Supports a culture of self-management for independence
  • Provides access to latest research around age-related decline
  • Provides mapping to help triage individuals into relevant services
  • Benchmarks and measures impact of early intervention and prevention
  • Tool that can be used in a multi-agency environment
  • Helps citizens/public service to minimise short and long-term care costs
  • Flexible in order to manage varying levels of demand


£25,500 to £132,450 an instance a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

6 4 7 5 4 9 6 1 2 0 2 4 9 3 0


ADL Smartcare Limited Stephen Miller
Telephone: 0114 2866222

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
You are required to purchase the base package to access any other modules.
System requirements
Modern browsers such as IE11 or above, Chrome, Opera, Firefox

User support

Email or online ticketing support
Email or online ticketing
Support response times
We respond to service requests within 24 hours and usually within the same day.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Onsite support
Support levels
Up to 10 days of online support will be provided depending on the package of modules purchased. The detail of this is outlined in the Onboarding section of our Service Definition document. Additional support days may be purchased at a day rate and travel and subsistence will be charged, if applicable. All support can be carried out remotely.
Support available to third parties

Onboarding and offboarding

Getting started
After signing up online, or through direct contact with ADL Smartcare, implementation is started with a conference call with the project champion (or project group if that has been defined) to explain the implementation timescales and requirements. Online meetings are booked with the project group to introduce the implementation workbooks, where users can choose content from a predefined range, or add their own local information to further enhance the scope of the service. Training is delivered towards the end of the onboarding process to those staff interacting with our system administration tools, for monitoring or reporting purposes.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
All data is securely stored according to the data retention policy supplied by the Buyer to comply with regulations under the Freedom of Information Act and General Data Protection Regulation. Service Users can request the data we hold on them as stated in our Privacy Policy. A user can enact their GDPR rights through the system or by emailing
End-of-contract process
At the end of the contract the Buyer will be given 30 days to confirm that they have taken the following steps: 1. Supplied alternative web address for signposting existing users. 2. Notified contact centre staff to no longer signpost to the service. 3. Removed links to the service from any websites operated by the council. 4. Removal of references to ADL Smartcare within corresponding literature. ADL Smartcare confirms it will: 1. Hold the data in accordance with data retention policy. 2. Lock staff access to relevant services. 3. Signpost users requesting help to the appropriate services.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The services have all of the same features and content, the service uses a mobile responsive design for improved user experience.
Service interface
Customisation available
Description of customisation
The system interface can be customised to include an Buyer's local logo, and local contact details. Buyers can choose from a range of images to customise the homepage. Content such as local services & locally provided equipment can be added to enhance the nationally available knowledge within the tool.


Independence of resources
Once a Buyer has signed up for the service, they receive an instance of the service with their own sub domain for members of the public and/or staff to access. This segregation and the underlying private cloud operated by ADL Smartcare Limited, with 24/7 monitoring of resources, ensures resilience in the service offering. ADL Smartcare and specifically the Security Board, work with their infrastructure partner to ensure resources are reviewed as and when new Buyers come on board.


Service usage metrics
Metrics types
Real time reporting, access to Google Analytics and selected metrics via Google Data Studio. Access to information about website traffic, content accessed, areas of need explored and other user behaviours. Access to an annual insight report with content around the ageing population, benchmarking against other Local Authority areas, and commentary on current usage and future improvements.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Less than once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Please contact us for a copy of ADL Smartcare's G-Cloud Security Assertions Portfolio of Evidence with further evidence of protection measures taken.
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The data export is dependent on the area of the service being accessed by the user. For example, assessments can be downloaded securely and then imported or attached to a care record. The real time information reports can be saved to many formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • DOCx
  • HTML
  • Image
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
A customer receives a commitment in their contract of 99.5% uptime. In addition, the service has clear SLA’s timeframes which can be supplied on request. ADL Smartcare does not provide service credits due to a failure.
Approach to resilience
ADL Smartcare has its own dedicated private cloud with multiple redundancy hardware, with webservers, database servers, load balancers etc. Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at
Outage reporting
In the event of an outage, we would notify the leads at the customer site with email and phone alerts. We would provide a full breakdown of the issue and the estimated time to resolve it.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication
Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at We use 2-factor authentication, Username or password and roles based permissions as well as segregation of services.
Access restrictions in management interfaces and support channels
Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at It is not possible for a user to the management interface to alter or edit the service e.g. shut down a service or restart. A management user can only view activity in their area e.g. viewing assessments, reports and outcomes.

The management interface has individual named licenses with differing roles based on the Buyer’s specific requirements. The roles have differing access to management interface with differing views to datasets and functionality.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Although ADL Smartcare Limited has been handling data sensitively and securely for 17 years and the company's Infrastructure Provider is ISO27001; the company is working towards external verification of its security governance through ISO27001. In addition, the company's processes adhere to the Cloud Security Principles. Please request a copy of our G-Cloud Security Assertions Portfolio of Evidence and/or Information Security Policy.
Information security policies and processes
Please request our Information Security Policy by emailing The key aspects of this policy and all associated policies have been developed in accordance with the British Standard for Information security BS7799 – 3:2006 which is harmonised with ISO/IEC 27001:2005.

This Information Security policy is supported by further policies, standards, guidelines and procedures as listed below:

- Information Classification and Handling Policy
- Physical Security Policy
- Systems Infrastructure Policy
- Access Control Policy
- E-Mail Policy
- Internet Acceptable Use Policy
- Incident Reporting and Management Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The Software Configuration Model operated ensures software configuration and change management is managed carefully within the organisation. The model ensures when a new release goes live, it has been tested for compatibility with the production environment and any security impact assessed of any changes. The infrastructure is monitored for unusual activity including hardware faults/unusual spikes. The live production infrastructure is fully managed ensuring any new vulnerabilities are made public to the general community (or before), a member of the support team will evaluate risk, prioritise the testing and then inform the nominated member of the Security Board at ADL Smartcare.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerabilities are sourced from a variety of sources:

- Internal development, software configuration management, secure development practises
- coding review and vulnerability testing of services
- Communications from US-CERT and UK-CERT and links to the security community
- Customers, citizens and third parties who can report a vulnerability through secure online channels.

Once a vulnerability is discovered it is categorised and assessed for severity and then the relevant action taken to remedy the situation. Vulnerabilities are overseen by a member of the Security Board. With 24 hour, on-site technical ITIL 3 compliant service desk with query authentication practices in place.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
ADL Smartcare operates a Threat and Vulnerability Management Policy. The production infrastructure and environment is monitored through a group wide reporting tool to pull individual component performance data, high disk usage, CPU, memory, event logs and other technical information into one management tool. This information is then used to actively monitor the environment and potential vulnerabilities
Incident management type
Supplier-defined controls
Incident management approach
ADL Smartcare Limited operates an incident management policy which can be viewed in the Threat Vulnerability Management Policy. The purpose of the Incident Management policy is to establish controls and processes that will provide ADL Smartcare Limited information system effective monitoring capability and responsiveness against security threats and incidents. Design and implementation of an incident management framework can secure the information system against known vulnerabilities and threats. Incidents can be reported to or by: a) Telephone in b) Online service channel c) Email d) Support ticket through Salesforce e) Employee off premises f) Employee on premises.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£25,500 to £132,450 an instance a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.