Sorsix Health UK & Ireland

PINGA Integrated Care Regional Electronic Community health record

Sorsix offers PINGA and maintain it as a modular electronic public health record.

PINGA is a nation-scale integrated EHR and outpatient OS.
Waiting lists over 2 weeks have been abolished in countries operating PINGA.

Customers include public/private systems in Australia, Ireland, New Zealand, USA and Macedonia https://livedashboard.zdravstvo.gov.mk/en and Serbia. https://serbia-rollout.sorsix.com/

Features

  • Realtime Modular National and Small scale EHR for Integrated Healthcare
  • Clinical workflow and management system full stack API
  • ePrescription
  • Enterprise Scheduling, Local and National Waiting list management module
  • Medical Diary and Doctor’s Record, HIS (ward and surgery)
  • Diabetes Module, Maternity Module
  • LIS, RIS & PACS
  • Billing, Real-time Epidemiology & Data Analytics
  • Patient portal web & mobile, Preventative Screening Modules
  • Immunology & Scheduled checkups

Benefits

  • Proven National EHR Platform for Macedonia 2.3 million users
  • Proven National EHR Platform for Serbia 7.2 million users
  • Experienced PM Team running 2 national EHR's & Software Integrating
  • Managed Service Licencing Agreements and turnkey outsourcing
  • Healthcare Data analytics full API SOAP
  • Single Platform EHR or modular install by region/clinic
  • Managed Development Intergration
  • Team of 80 developers with singular HC focus and u
  • Team of 20 PM's, Business consultants & Data Scientists
  • Offices in USA, Australia, NZ, Serbia, Macedonia UK & Ireland

Pricing

£25000 per licence per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

5 2 3 5 9 7 6 5 8 9 6 6 3 0 1

Contact

Sorsix Health UK & Ireland

Marc Butterly

+353878055267

marc.butterly@sorsix.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Configurable as per contracting , full stack of Healthcare Standards
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
Configurable as per contracting
System requirements
  • Configurable as per contracting
  • Browser Functionality
  • API

User support

Email or online ticketing support
Email or online ticketing
Support response times
Configurable as per contracting
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
Configurable as per contracting
Onsite support
Onsite support
Support levels
Configurable as per contracting
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Configurable as per contract
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Configurable as per contract
End-of-contract process
Configurable as per contract

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Configurable as per contract
Service interface
Yes
Description of service interface
Configurable as per contract
Browser & API as standard
Accessibility standards
WCAG 2.1 AAA
Accessibility testing
Configurable as per contract
API
Yes
What users can and can't do using the API
Configurable as per contract
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Configurable as per contract

Scaling

Independence of resources
Configurable as per contract

Analytics

Service usage metrics
Yes
Metrics types
Configurable as per contract
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Configurable as per contract
Open API
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
Configurable as per contract

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Configurable as per contract
Approach to resilience
Configurable as per contract
Outage reporting
Configurable as per contract

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
Configurable as per contract
Access restrictions in management interfaces and support channels
Configurable as per contract
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Global Mark
ISO/IEC 27001 accreditation date
26/06/2018
What the ISO/IEC 27001 doesn’t cover
We are only covered for Quality Management Systems Scheme Certification Standard AS/NZS ISO 9001-2016: Quality management systems - Requirements Scope of Certification IT & business consulting services including high-availability IT solutions, management systems development, business risk management and compliance management Type of Certification Management System
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
We provide 3rd party validation on a per Contract Basis

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Configurable as per contract

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configurable as per contract
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Configurable as per contract
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Configurable as per contract
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Configurable as per contract

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Other
Other public sector networks
Configurable as per contract

Pricing

Price
£25000 per licence per year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑