ADL Smartcare Limited

Self-Management - Expert Knowledge Apps

The Self-Management Expert Knowledge Apps integrate fully with the ADL Platform and the ADL LifeCurve™ to mitigate age-related decline – identifying specific activities/services/products around reactivation exercises, motivation, compensatory approaches (equipment/adaptations), and care options. Built on >6000 years of professionals’ experience, this system minimises risk and avoidable referrals into mainstream services.


  • Dedicated website hosted on ultra-secure infrastructure
  • Guided self-management sufficient to address people's specific needs
  • Simple to use for individuals and families/support network
  • Integrates seamlessly with the ADL LifeCurve™
  • Based professional best practice from hundreds of professionals
  • Over 100,000 assessments completed across the UK
  • Underpinned by a unique dedicated research facility
  • Completely independent of product and service suppliers
  • Identifies public/local and national supply options
  • Integrates readily with e-marketplaces and portals


  • Helps individuals/public service to minimise long-term care costs
  • Helps public service to focus care given
  • Supports a culture of self-management
  • Meaningfully addresses early intervention/prevention for the Care Act 2014
  • Best practice advice provided within locally approved constraints
  • Easy to use tailored self-management using expert knowledge
  • Outcomes are risk-managed based on embedded professional judgement
  • Professional quality advice without service involvement
  • Minimises avoidable referrals
  • Frees up professionals to focus on high value-added work


£10200 to £21420 per unit per year

Service documents

G-Cloud 9


ADL Smartcare Limited

Stephen Miller

0114 2866222

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints You are required to purchase the ADL Platform to access this service.
System requirements Modern browsers such as IE11 or above, Chrome, Opera, Firefox

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times will depend on the urgency of the incident. Response times can be found in our Service Level agreement outlined in our Service Definition.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 A
Web chat accessibility testing The web chat feature is new to the platform and is used to connect with the Buyer and not the general public (at present).
Onsite support Onsite support
Support levels Up to 7 days of onsite support will be provided depending on the package of services purchased. The detail of this is outlined in the Onboarding section of our service definition. Additional onsite support days may be purchased at a day rate and travel and subsistence will be charged.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started After signing up online, or through direct contact with ADL Smartcare, implementation is started with a conference call with the project champion (or project group if that has been defined) to explain the implementation timescales and requirements. On site meetings are booked with the project group to introduce the implementation workbooks, where users can choose content from a predefined range, or add their own local information to further enhance the scope of the service. On site training is delivered towards the end of the onboarding process to those staff interacting with our system administration tools, for monitoring or reporting purposes.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction All data is securely stored according to the data retention policy supplied by the Buyer to comply with regulations under the Freedom of Information Act and Data Protection Act. Service Users can request the data we hold on them as stated in our Privacy Policy.
End-of-contract process At the end of the contract the Buyer will be given 30 days to confirm that they have taken the following steps:
1. Supplied alternative web address for signposting existing users.
2. Notified contact centre staff to no longer signpost to the service.
3. Removed links to the service from any websites operated by the council.
4. Removal of references to ADL Smartcare within corresponding literature.
ADL Smartcare confirms it will:
1. Hold the data in accordance with data retention policy.
2. Lock staff access to relevant services.
3. Signpost users requesting help to the appropriate services.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The services have all of the same features and content, the service uses a mobile responsive design for improved user experience.
Accessibility standards WCAG 2.0 A
Accessibility testing User testing sessions have been conducted with a wide range of groups, including those with sensory disabilities. The platform has been tested using screen readers and has a range of accessibility options to accommodate all users.
Customisation available Yes
Description of customisation The system interface can be customised to include an Buyer's local logo, and local contact details. Buyers can choose from a range of images to customise the homepage. Content such as local services & locally provided equipment can be added to enhance the nationally available knowledge within the tool.


Independence of resources Once a Buyer has signed up for the service, they receive a segregated instance of the platform with their own sub domain for members of the public to access. This segregation and the underlying private cloud operated by ADL Smartcare Limited, with 24/7 monitoring of resources, ensures resilience in the service offering. ADL Smartcare and specifically the Security Board, work with their infrastructure partner to ensure resources are reviewed as and when new Buyers come on board.


Service usage metrics Yes
Metrics types Real time reports are available, including: List of registered service users and contact details; Number of service users registered by month; Assessments started by registered or anonymous users; Proportion of registered users helping themselves or helping someone else; Number of times one or more questions were answered in an assessment; Proportion of assessments where products were matched; Most popular areas of need; Summary of stores orders; Breakdown of assessments by time of day. We also provide benchmarking of performance against other areas (anonymised), and access to Google Analytics insight about website usage.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach Please contact us for a copy of ADL Smartcare's G-Cloud Security Assertions Portfolio of Evidence with further evidence of protection measures taken.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The data export is dependent on the area of the service being accessed by the user. For example, assessments can be downloaded securely and then imported or attached to a care record. The real time information reports can be saved to many formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • DOCx
  • HTML
  • Image
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability In the last 14 years, there have only been three occurrences of downtime outside of the maintenance window of 12am to 6am. The load balanced infrastructure supports the hardware to be serviced whilst continuing to support operations. Therefore, a customer receives a commitment in their contract of 99.89% uptime and can request to view the uptime for their service which is independently monitored by a third party. In addition, the service has clear SLA’s timeframes which can be supplied on request. ADL Smartcare does not provide service credits due to a failure.
Approach to resilience ADL Smartcare has its own dedicated private cloud with multiple redundancy hardware, with webservers, database servers, load balancers etc. Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at
Outage reporting In the event of an outage, we would notify the leads at the customer site with email and phone alerts. We would provide a full breakdown of the issue and the estimated time to resolve it.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at We use 2-factor authentication, Username or password and roles based permissions as well as segregation of services.
Access restrictions in management interfaces and support channels Please request our latest version of our G-Cloud Security Assertions Portfolio of Evidence at It is not possible for a user to the management interface to alter or edit the service e.g. shut down a service or restart. A management user can only view activity in their area e.g. viewing assessments, reports and outcomes.

The management interface has individual named licenses with differing roles based on the Buyer’s specific requirements. The roles have differing access to management interface with differing views to datasets and functionality.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Although ADL Smartcare Limited have been handling data sensitively and securely for 14 years and the company's Infrastructure Provider is ISO27001; the company is working towards external verification of its security governance through ISO27001. In addition, the company's processes adhere to the Cloud Security Principles. Please request a copy of our G-Cloud Security Assertions Portfolio of Evidence and/or Information Security Policy.
Information security policies and processes Please request our Information Security Policy by emailing The key aspects of this policy and all associated policies have been developed in accordance with the British Standard for Information security BS7799 – 3:2006 which is harmonised with ISO/IEC 27001:2005.

This Information Security policy is supported by further policies, standards, guidelines and procedures as listed below:

- Information Classification and Handling Policy
- Physical Security Policy
- Systems Infrastructure Policy
- Access Control Policy
- E-Mail Policy
- Internet Acceptable Use Policy
- Incident Reporting and Management Policy

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Software Configuration Model operated ensures software configuration and change management is managed carefully within the organisation. The model ensures when a new release goes live, it has been tested for compatibility with the production environment and any security impact assessed of any changes. The infrastructure is monitored for unusual activity including hardware faults/unusual spikes. The live production infrastructure is fully managed ensuring any new vulnerabilities are made public to the general community (or before), a member of the support team will evaluate risk, prioritise the testing and then inform the nominated member of the Security Board at ADL Smartcare.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerabilities are sourced from a variety of sources:

- Internal development, software configuration management, secure development practises
- coding review and vulnerability testing of services
- Communications from US-CERT and UK-CERT and links to the security community
- Customers, citizens and third parties who can report a vulnerability through secure online channels.

Once a vulnerability is discovered it is categorised and assessed for severity and then the relevant action taken to remedy the situation. Vulnerabilities are overseen by a member of the Security Board. With 24 hour, on-site technical ITIL 3 compliant service desk with query authentication practices in place.
Protective monitoring type Supplier-defined controls
Protective monitoring approach ADL Smartcare operates a Threat and Vulnerability Management Policy. The production infrastructure and environment is monitored through a group wide reporting tool to pull individual component performance data, high disk usage, CPU, memory, event logs and other technical information into one management tool. This information is then used to actively monitor the environment and potential vulnerabilities
Incident management type Supplier-defined controls
Incident management approach ADL Smartcare Limited operates an incident management policy which can be viewed in the Threat Vulnerability Management Policy. The purpose of the Incident Management policy is to establish controls and processes that will provide ADL Smartcare Limited information system effective monitoring capability and responsiveness against security threats and incidents. Design and implementation of an incident management framework can secure the information system against known vulnerabilities and threats. Incidents can be reported to or by: a) Telephone in b) Online service channel c) Email d) Support ticket through Salesforce e) Employee off premises f) Employee on premises.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £10200 to £21420 per unit per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑