Sorsix Health UK & Ireland

PINGA Integrated Care Regional Electronic Community health record

Sorsix offers PINGA and maintain it as a modular electronic public health record.

PINGA is a nation-scale integrated EHR and outpatient OS.
Waiting lists over 2 weeks have been abolished in countries operating PINGA.

Customers include public/private systems in Australia, Ireland, New Zealand, USA and Macedonia https://livedashboard.zdravstvo.gov.mk/en and Serbia. https://serbia-rollout.sorsix.com/

Features

  • Realtime Modular National and Small scale EHR for Integrated Healthcare
  • Clinical workflow and management system full stack API
  • ePrescription
  • Enterprise Scheduling, Local and National Waiting list management module
  • Medical Diary and Doctor’s Record, HIS (ward and surgery)
  • Diabetes Module, Maternity Module
  • LIS, RIS & PACS
  • Billing, Real-time Epidemiology & Data Analytics
  • Patient portal web & mobile, Preventative Screening Modules
  • Immunology & Scheduled checkups

Benefits

  • Proven National EHR Platform for Macedonia 2.3 million users
  • Proven National EHR Platform for Serbia 7.2 million users
  • Experienced PM Team running 2 national EHR's & Software Integrating
  • Managed Service Licencing Agreements and turnkey outsourcing
  • Healthcare Data analytics full API SOAP
  • Single Platform EHR or modular install by region/clinic
  • Managed Development Intergration
  • Team of 80 developers with singular HC focus and u
  • Team of 20 PM's, Business consultants & Data Scientists
  • Offices in USA, Australia, NZ, Serbia, Macedonia UK & Ireland

Pricing

£25000 per licence per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

5 2 3 5 9 7 6 5 8 9 6 6 3 0 1

Contact

Sorsix Health UK & Ireland

Marc Butterly

+353878055267

marc.butterly@sorsix.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Configurable as per contracting , full stack of Healthcare Standards
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints Configurable as per contracting
System requirements
  • Configurable as per contracting
  • Browser Functionality
  • API

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Configurable as per contracting
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AAA
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.1 AAA
Web chat accessibility testing Configurable as per contracting
Onsite support Onsite support
Support levels Configurable as per contracting
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Configurable as per contract
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction Configurable as per contract
End-of-contract process Configurable as per contract

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Configurable as per contract
Service interface Yes
Description of service interface Configurable as per contract
Browser & API as standard
Accessibility standards WCAG 2.1 AAA
Accessibility testing Configurable as per contract
API Yes
What users can and can't do using the API Configurable as per contract
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Configurable as per contract

Scaling

Scaling
Independence of resources Configurable as per contract

Analytics

Analytics
Service usage metrics Yes
Metrics types Configurable as per contract
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Configurable as per contract
Open API
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats Configurable as per contract

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Configurable as per contract
Approach to resilience Configurable as per contract
Outage reporting Configurable as per contract

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication Configurable as per contract
Access restrictions in management interfaces and support channels Configurable as per contract
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Global Mark
ISO/IEC 27001 accreditation date 26/06/2018
What the ISO/IEC 27001 doesn’t cover We are only covered for Quality Management Systems Scheme Certification Standard AS/NZS ISO 9001-2016: Quality management systems - Requirements Scope of Certification IT & business consulting services including high-availability IT solutions, management systems development, business risk management and compliance management Type of Certification Management System
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications We provide 3rd party validation on a per Contract Basis

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes Configurable as per contract

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configurable as per contract
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Configurable as per contract
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Configurable as per contract
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Configurable as per contract

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Other
Other public sector networks Configurable as per contract

Pricing

Pricing
Price £25000 per licence per year
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑