Infinity Health Ltd


Infinity is used by healthcare professionals to improve clinical safety and efficiency by transforming the way teams communicate, collaborate and manage tasks.
Infinity will release time allowing the clinical team to spend more time caring for the patient.


  • Care coordination & task management
  • Patient lists & caseload management
  • Team awareness & availability
  • Instant messaging
  • Activity logging
  • Notifications, alerts & reminders
  • Electronic medical record interoperability standards (HL7, FHIR, OpenEHR and more)
  • Real-time dashboards
  • Data & reports
  • Security & information governance


  • Reduce errors & improve outcomes
  • Save staff & patient time
  • Track & coordinate staff activity
  • Improve patient flow
  • Modernise processes & workflow
  • Update & share data in realtime
  • Digital transformation
  • Improve information governance
  • Document & archive activity
  • Analyse performance and discover business insight


£0.99 to £150 per licence per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

9 1 0 9 9 2 1 1 1 0 0 7 6 8 8


Infinity Health Ltd

Elliott Engers

+44 20 3637 5057

Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
System requirements
  • IOS 12+
  • Modern web browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 1 business day
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Automated UI testing
Browser accessibility testing
QA testing
Onsite support
Yes, at extra cost
Support levels
End user support - in-app tools and knowledge base
Technical support for enterprise customers

Additional services
Training - £500/day
Technical Account Manager - £750/day
Cloud Support Engineer - £950/day
Support available to third parties

Onboarding and offboarding

Getting started
A support knowledge base is provided for guidance on initial installation and configuration.

Enterprise users may be on-boarded via integration with 3rd-party systems, such as Patient Administration Systems (PAS), Electronic Health Record (EHR) or Single Sign-On (SSO).

Infinity Health can provide on-demand, on-site training to assist with configuration and set-up.
Service documentation
Documentation formats
End-of-contract data extraction
Infinity Health can produce a snapshot of customer data on the day the contract is terminated. This dataset will be delivered in CSV format and will include all records that were formally accessible by the customer.
End-of-contract process
Included in contract price:
CSV record extract (by request)
Teams associated with the customer organisation will be deactivated.
All external data sharing will be deactivated if team administrators are based in the organisation who have selected to end their contract.
Patient data that is only accessed by the exiting organisation will be archived.
Additional cost:
Data export for audit purposes.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Differences between the mobile and desktop service
The service is designed to behave in a similar way on all devices.

The service is optimised to display information appropriately, with respect to the device in use.
Service interface
What users can and can't do using the API
Infinity supports legacy and emerging systems & standards, including, REST, HL7 v2 and FHIR. To facilitate 3rd-party integrations, Infinity provides a range of interfaces, including:

* Encounters API

Allow systems to consume data related to the interaction between a patient and healthcare providers for the purpose of providing healthcare services.

* Tasks API

Describes activities that can be performed and tracks the state of completion of each activity related to an encounter.

Other API resources can be tailored to support a broad range of technical and business requirements.

Infinity is also a member of INTEROPen, an action group to accelerate the development of open standards for interoperability in the health and social care sector.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • HTML
API sandbox or test environment
Customisation available


Independence of resources
Monitor load times and scale resources to maintain system performance.


Service usage metrics
Metrics types
Monitor system performance
Load time
Capacity monitoring
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The Service supports the on-demand export of the current, active patient record list to CSV file.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Infinity Health Limited shall use commercially reasonable efforts to make the services available 24 hours a day, 7 days a week, except for: (a) planned downtime, or (b) any unavailability caused by circumstances beyond Infinity Health's reasonable control, including without limitation, acts of God, acts of government, floods, fires, earthquakes, civil unrest, acts of terror, strikes or other labor problems, Internet service provider failures or delays, or denial of service attacks.
Approach to resilience
Information available on request.
Outage reporting
Third party hosting partner sends alert to Infinity

Broadcast email message to users to check Infinity status page

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Infinity Health use a third party service to manage access to management interfaces and support channels. Access is restricted to a limited number of key authorised staff.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Alcumus ISOQAR
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Not applicable
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
The company maintains a robust Information Security Management System and is ISO 27001 certified. Infinity Health maintains the following policies relating to information security:

Access Control Policy
Clear Desk and Screen Policy
Computer and Internet Use Policy
Cryptography Policy
Data Protection Policy
Information Classification & Control Policy Policy
Information Security Policy
Laptop & Mobile Devices Policy
Media Handling & Disposal Policy
Password Management Policy
Patch Management Policy
Physical Security Policy
Secure Development Policy
Supplier Security Policy

Infinity Health follows the following procedures relating to information security:

Asset Management Procedure
Backup and Restore Procedure
Business Improvement Review Procedure
Corrective Action, Preventive Action, Non-Conformity & Continual Improvement Procedure
Document Control & Record Management Procedure Procedure
Information Security Communication Procedure
Information Security Incident Reporting Procedure
Information Security Risk Assessment & Management Procedure

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The company is ISO 27001 certified. This includes configuration and change management processes to ensure that all components of the service are tracked through their lifetime and that changes are assessed for potential security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The company is ISO 27001 certified. This includes the assessment of potential threats to services and how potential threats are managed.

Infinity Health can require the installation of security patches by disabling the app remotely.

News of potential threats will be distributed by email. Notifications will also be made on the company web site.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Infinity use a third party partner to provide protective monitoring facilities.
The platform is monitored 24×7 by comprehensive automated systems. In the event of any issue affecting the health and operation of the infrastructure, core systems, or tools, the operations team is notified and will respond immediately to diagnose and correct any issues.

Infinity will work with the third party expert to identify potential compromises when our own performance monitoring processes identify potential issues.
Incident management type
Supplier-defined controls
Incident management approach
Infinity Health has an in-house incident management process.
The support knowledge base advises on common events and new information is added when new events occur (if appropriate).

Users report incidents through the software support tools or support page. Incidents will be given an incident number that will be used as an identifier for further communication between the user and support team if appropriate.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£0.99 to £150 per licence per month
Discount for educational organisations
Free trial available
Description of free trial
Free 3 month trial per team.

Service documents

Return to top ↑