Run the whole hospital from one system that bends to your protocols
Full hospital administration — patients, doctors, appointments, billing, wards, payroll and analytics — on a platform where every form and field is yours to change.
What changes on day one
- Admit, treat, bill and discharge in one continuous record
- Add a department-specific field without waiting on a release
- Give every unit its own workspace under one account
- See the whole facility in one analytics surface
Everything below is a starting point, not a specification. Every model, field and form on this page is yours to change in Studio — without a developer, a release or a migration.
Inside Hospital ERP
The surfaces this ERP ships with. Read them as a well-informed first draft — the shape is right for most, and where it is wrong for you, you change it rather than file a ticket.
Patient administration
Registration, demographics, visit history and documents in one record that follows the patient across every department.
Doctors & departments
Rosters, specialities, department structure and ward mapping — modelled the way your hospital is actually organised.
Appointments & queue
Slot-based booking with department routing, plus a live queue your front desk can actually work from.
Billing & payments
Itemised billing across consults, labs, pharmacy and procedures, with the line items your finance team defines.
Wards & beds
Bed occupancy, transfers and discharge flow — extended with your own fields as protocols evolve.
Payroll & attendance
Staff attendance and payroll runs that read from the same directory your clinical rosters use.
Analytics
Occupancy, revenue, footfall and department performance, computed over the models you defined.
It arrives with these models. All of them are editable.
Subscribing provisions Hospital ERP and seeds 7 default models against your account. Not one of them is fixed: rename them, add fields, remove fields, or delete the model outright. They exist to save you an afternoon, not to define your organisation.
Patient
ModelDefinition · seeded
Doctor
ModelDefinition · seeded
Appointment
ModelDefinition · seeded
Department
ModelDefinition · seeded
Ward
ModelDefinition · seeded
Bill
ModelDefinition · seeded
Staff
ModelDefinition · seeded
And whatever else your organisation tracks
Records for every one of these live in a generic store, tagged with your tenant. That is why adding a field is instant and why removing one never destroys what was already recorded — the schema is data, and clinical data is soft-deleted by default.
Change any of this yourself
Every field on every hospital form is a record in a ModelDefinition, not a line in a codebase. That is not an implementation detail — it is the reason you can add the field you need on a Tuesday afternoon and have your staff using it before the shift ends.
No release. No migration window. No change request, no six-week quote, no field living in a spreadsheet because the vendor said no. You open Studio, you add it, and the form re-renders for everyone on their next request.
18 field types
Text, number, currency, date, select, relation, file, JSON and more.
Relations, not exports
Link a model to a model and the join is real, not a nightly CSV.
Auto-CRUD REST
Every model you define gets an API with the same envelope and auth.
Instant everywhere
The table, the form and the API all change on save. No deploy.
What Hospital ERP plugs into
This is not a standalone product with an integrations page. The other portals are on the same engine, the same account and the same patient — so “integration” is mostly a word for something that already happened.
All ten sit on one patient, one staff directory and one audit trail.
Connect another and there is nothing to migrate, nothing to sync, and nobody retyping a name from one screen into another.
Your patients arrive already connected
Patient accounts are platform-level — owned by the patient, not by your hospital. That sounds like a constraint until you notice what it buys you: people find you, connect to you, and bring their history with them.
They find you by code
Your account carries a public code. A patient searches it in CareSewa One and requests a connection. You see nothing about them until they do.
They connect and share
Consent is the gate. Once shared, your registration desk sees a real person with a real history instead of a blank form and a memory test.
They book your services
You publish what you offer. Connected patients book it from the app, and the request lands in your queue to confirm, reschedule or complete.
And the part that is genuinely uncomfortable to say out loud
The patient can revoke you. Their account is platform-level and they own it, so the moment they revoke, your view of them is empty — not archived, not pending a support ticket, empty. We think that is the right trade: providers who are chosen get people who arrive with their whole history, instead of a clipboard and a memory test.
How CareSewa One worksPeople get exactly what you grant. Nothing more.
Staff are created once on your account, then granted specific portals and specific create, read, update and delete rights per model. A hospital receptionist and a hospital manager are the same directory entry with different grants — not two systems with two passwords.
Entitlements ride in the JWT and are enforced server-side. A portal you do not hold returns 403 no matter what the browser renders, and a revoked grant stops working on the next request rather than the next login.
- Grants are per portal and per model, not per role-shaped guess
- Create, read, update and delete are separate rights
- Enforced on the server on every request — hiding a menu is not security
- Revocation takes effect immediately, not at the end of a session
Priya Menon
Staff · created once, granted per portal
Portal grants
Hospital ERP
hospital.caresewa.com
Laboratory ERP
lab.caresewa.com
Pharmacy ERP
pharmacy.caresewa.com
These grants are claims in the token and are re-checked server-side on every request. The UI reflects them; it does not enforce them.
The rules are in the engine, not in a policy document
Hospital ERP does not implement its own idea of security. It inherits the platform's — which means these constraints hold on every request, in every portal, without anyone remembering to apply them.
Tenant isolation is structural
Every model definition and every record carries your tenant id, and every query filters by it. There is no code path that reads across tenants without an explicit super-admin assertion.
Every mutation is audit-logged
Who did what, when, and from where — appended on write, readable by your admins, and editable by nobody. Including us.
Clinical records are soft-deleted
Removing a field stops collection and display; it does not destroy what was already recorded. Medical data is not hard-deleted by default, and that default is deliberate.
Consent gates the patient, not a setting
A patient is visible to a provider because they connected and shared. No admin toggle, no bulk import and no support request produces access that the patient did not grant.
What people ask about Hospital ERP
If yours is not here, ask us directly — a real person answers.
Yes. Open Studio, add or reorder fields, and the form and table update immediately for everyone. There is no deploy step, because the field is data — not code.
Connect Hospital ERP on its own, or alongside the other nine
Each portal is entitled and billed separately, so you pay for what you connect and nothing else. CareSewa is priced per market rather than from one figure in one currency.
Nine more, on the same account
Add any of these later without touching what you already run. One login, one patient, one audit trail.
See Hospital ERP shaped around your workflows
Not a generic demo tenant — multi-department hospitals and hospital groups have their own protocols, and the point of this platform is that it takes them.
Multi-country by design · tenant-isolated · every change audit-logged