PsychologyOnline. PsychologyOnline uses secure instant messaging to provide live, accessible and confidential cognitive behavioural therapy over the internet. . CBT with a live therapist delivered remotely over the internet.
PsychologyOnlineuses secure instant messaging to provide live, accessible and confidential cognitive behavioural therapy over the internet.
Live one-to-one therapy using instant messaging-based text communication
Private, discreet therapy in a secure online meeting room
No travel or room booking – patients/users can attend therapy from convenient location, such as home
Available evenings and weekends at no extra cost
Relative anonymity reduces stigma and promotes disclosure
Talking Therapies Pilot
NHS Surrey Pilot
And AQP status
Patient Trials – Bristol and London
Clinical Validation - Lancet
Clinical Validity and Governance
Summary of PsychologyOnline Clinical Validity data & Governance
297 depressed patients allocated to receive on-line CBT or standard care
At 4 months 38% recovery (BDI<10) in intervention group vs 24% in control group
Effect maintained at eight months – 42% vs 26%
Median of six sessions needed for benefit
Severely depressed benefited most
Many patients found it easier to talk when not face-to-face with a therapist
GP or self referral
Step chosen based on assessment tools and professional opinion
questions + 30 min appt
Step 2: structured programme
- 30 min sessions
- Goal setting
Step 3: semi-structured programme
- Mainly 60 min sessions (some 30 min)
- Goal setting
Step up possible
Same therapist retained
Step 3+: individual-focussed intervention
- 60 min sessions
- Goal setting
hindered by lack of body language or eye contact
Patients who benefit
The User Interface
information customised for each service
IT Architecture, Security and Information Governance
The POL system is structured using a typical n-tier architecture (see diagram), with the following layers:
BACK UP AND SECURITY
The PsychologyOnline managed services is a comprehensive solution that provides a scalable, flexible & secure IT Hosting & Application Managed Service.
Patient Data Protection
All patients’ identifiable information and communications are encrypted using the industry standard AES 256 algorithm. AES has been adopted by the U.S. government and is now used worldwide notably by all major banking groups to protect customer data. This method provides protection even in the event that an attacker gains unauthorised access to the database itself.
The system makes use of the one-way encryption algorithm SHA-256 with the addition of a salt value to mitigate the risks of attacks such as hash and rainbow tables.
For applications processing sensitive information, it is important to ensure that all information is encrypted in transit. The application makes use of the 256-bit SSL encryption mechanism and is configured to ensure that patient data is always encrypted in transit between the user’s browser and the application.
Currently the application does not share Patient data with any other applications.
Registration Security Features
It is important that NHS providers control who access the online therapy system. For this purpose the system has been designed so that NHS users require a two-factor authentication to be able to register for online therapy. NHS patient first need to register with their provider. They are then sent an email with a link to the activation page. Once they click the link patients are sent an activation code to their mobile that they require to activate their account.
General Application Security Features
PsychologyOnline Information Governance and Data Confidentiality Policies
Information Governance Policy
This policy describes PsychologyOnline policy on Confidentiality and Data Protection, and employees’ responsibilities for the safeguarding of confidential information held both manually (non-computer in a structured filing system) and on computers.
This Policy will be communicated to all employees. All users must confirm in writing that they have read and understood these documents. This Policy will be published to employees through the intranet and a hard copy will be available at PsychologyOnline Office.
This policy applies to all directly (and indirectly) employed staff and other persons working for PsychologyOnline.
All staff and contractors have a personal duty of confidence to patients and to PsychologyOnline.
The purposes of the Personal Information Handling Policy are:
To promote the effective, consistent, and legal, processing of data by defining a Data Protection policy
To ensure all employees are aware of their responsibilities in relation to the processing of personal data and to the law surrounding its use
To ensure all employees are aware of the consequences of the misuse or abuse of personal data
To establish and maintain trust and confidence in PsychologyOnline’s ability to process personal data To ensure compliance with legislation, guidance and standards relating to the handling of personal data
Data Confidentiality Policy
This policy sets out the procedures, management accountability, and structures, which have been put in place by PsychologyOnline to align with the Information Governance Agenda and safeguard the movement of personal data within PsychologyOnline information technology infrastructure.
Underpinning Policies and Procedures
The following procedures have been put in place to support the high quality information governance within PsychologyOnline, and the sharing of this information with other organisations:
Staff Duties and Responsibilities
We are an Equal Opportunities Employer
Dr Michael Reilly
Business Development Director
00 44 (0) 7876593434
Cambridge CB24 4QG