Ledidi Core
Ledidi Core is an end-to-end SaaS solution that supports research study design, data capture, statistical analysis, graphical presentation in a simple, intuitive user interface, that is secure and made for collaboration.
Features
- Easy-to use, do-it-yourself study design features
- Data capture from surveys, forms, file import and API
- Real-time descriptive and comparative statistical analysis
- Real-time graphical presentation of results
- Optimised for multi-center studies
- Granular privileges and access rights of project collaborators
- Easy-to-use web interface
- Security and privacy by design and default
- Confidental computing for privacy-preserving analysis
- Cloud-based SaaS
Benefits
- Collaborate throughout the entire research project lifecycle
- Real-time collaboration across institutional and national borders
- Get insights from clinical data faster
- Ability to perform analysis without exposing underlying raw data
- Do everything yourself (start a project in hours, not months)
- Work and collaborate on unlimited projects with no additional costs
- Keep data safe and structured
- Compliance with GDPR and other privacy regulation
- Effortlessly manage your collaborators' privileges
- All-in-one solution; no more switching between many softwares
Pricing
£30 to £60 a user a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
3 9 1 5 2 4 4 0 5 6 7 8 0 3 1
Contact
Ledidi AS
Andreas Dierkes Landsverk
Telephone: +4542678809
Email: andreas.landsverk@ledidi.no
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- There are no constraints. Ledidi Core requires only an updated browser and an authenticator app to set up an account.
- System requirements
-
- Any updated browser
- Two-factor authentication app
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Ledidi's target response is within 1 hour between 9-16 CET on business days. Our current average time to first response is about 30 minutes.
- User can manage status and priority of support tickets
- No
- Phone support
- No
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
-
Users can communicate directly with a Support Agent from a web chat that is accessible when users click the "?" icon in the upper-right corner of Ledidi Core.
Ledidi Core leverages Freshchat, which complies with WCAG 2.0 AA. - Web chat accessibility testing
- No specific tests have been performed with assistive technology users in the web chat.
- Onsite support
- Yes, at extra cost
- Support levels
-
Ledidi offers several forms of support to all our customers and users. Our primary support channel is email (support@ledidi.no). Support inquiries are handled through the Helpdesk. Inquiries are assigned to a Support Agent, who is responsible for handling the case throughout the support process. Bugs and incidents will be assigned Ledidi's technical team, and user inquiries will generally be assigned Ledidi's Scientific Support team.
Ledidi provides technical account managers or cloud support engineers for institutional accounts, but not for single user or team accounts.
Advanced scientific support for study design and methodology is available upon request and generally at extra cost. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Ledidi's user-friendly and intuitive interface allows users to use Ledidi Core immediately. Ledidi do, however, have a self-service onboarding program with how-to-guides, videos and webinars that can be accessed free of charge for all users.
Ledidi may also provide on-demand 1:1 sessions with our experts, generally at extra cost. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- There are export options in Ledidi Core that will allow users to export their content in user-friendly formats like CSV and SVG at any time, including when the contract ends.
- End-of-contract process
-
You can terminate the agreement for any reason by providing us notice, by failing to renew your subscription, or by deleting your account.
You can delete your account from your user account settings. Your account is set inaccessible at the time you delete it, but any remaining data that you have not deleted is kept so that it can be restored for 90 days after you deleted your account. This is a security measure in case unintended actions led to the deletion. After 90 days, all data is deleted including backups. Any subscriptions connected to your account will run until the end of term, independently of the deletion.
It is possible to make arrangements for other end-of-contract procedures upon request to Ledidi Support prior to ending the contract.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Ledidi Core is accessed from the browser on any device. Ledidi Core works on mobile devices and tablets, though it is recommended to use Ledidi Core on a desktop or laptop for the best overall user experience.
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- Ledidi Core’s user interface is accessed through any updated browser.
- Accessibility standards
- None or don’t know
- Description of accessibility
- N/A
- Accessibility testing
- N/A
- API
- Yes
- What users can and can't do using the API
-
A customer can get the API through the subscription management page, and Ledidi can either provide a system integration user or federated authentication.
All functionality in the app is supported as APIs. - API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
The customers can easily configure their projects' study designs, invite and manage collaborators, manage user privileges, and more in Ledidi Core.
Ledidi Core has APIs at all levels of the architecture. This allows support for most integration scenarios with e.g. EHRs and other applications.
Ledidi Core cannot be customised at the application level.
Institutional customers can implement single sign-on (SSO).
Scaling
- Independence of resources
-
Ledidi uses projections, volume testing and tracking of actual numbers to monitor scale-up-needs for its applications - across all customers. Ledidi is using a strict template for this and configurable volume test scripts, combined with AWS Cloudwatch.
In the customer-closed-VPC-scenario Ledidi ensures scale-ups using the same framework, and in addition based on agreements with the customer.
Ledidi monitors the performance of its systems using AWS Cloudwatch, and tunes the components using e.g. API throttling, preprovisioned AWS Lambda instances, AWS RDS cluster node configurations and additions, AWS Opensearch cluster node configuration and additions.
Analytics
- Service usage metrics
- Yes
- Metrics types
- The only relevant metric for Ledidi Core is the number of users and subscriptions on a subscription owner's account, as Ledidi Core has a fixed price per user per month.
- Reporting types
-
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Users with user privileges enabled to allow export data on a given project can export data (CSV), statistics (CSV) and figures (SVG) from that project.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- SVG
- CSV
- Data import formats
-
- CSV
- Other
- Other data import formats
- Excel
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Ledidi guarantees 99 percent uptime, and can accept higher SLAs on a case-by-case basis.
- Approach to resilience
- This information is available upon request.
- Outage reporting
- Ledidi's business continuity plan include a communication plan with stakeholders (employees, customers, vendors, media and regulatory agencies) on different media based on the severity of the outages.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
-
All accesses in Ledidi Core are logged.
Only specially trained and appointed back-end developers have access to customer content. Ledidi has processes to ensure that no unauthorized access to customer content is made.
Project owners need to provide written consent for Ledidi's Support Agents to access customer's content. Support Agents only has access to subscription- and account information. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Kiwa AS
- ISO/IEC 27001 accreditation date
- 07.12.2022
- What the ISO/IEC 27001 doesn’t cover
- Ledidi is fully compliant and certified in ISO 27001
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- HIPAA compliance attestation report
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
The Ledidi Quality Assurance and Internal Control System (LICS) covers the Health, Environment and Security aspects of Ledidi AS, its products, employees, customers and suppliers. LICS should secure the company’s compliance to laws and regulations and the quality of the Ledidi services. The policies and processes are ISO27001 certified.
Ledidi's Management Group is responsible for maintaining awareness of and compliance with the policies and procedures of LICS. All employees and sub-contractors have an obligation to keep awareness about and to report incidents and non-conformity to the policies and procedures. All employees and sub-contractors are subject to training in accordance with the in the LICS procedures.
Any new procedure in LICS must be approved by the Management Group in order to secure awareness and ownership. Any changes in distribution of responsibility in a procedure or any substantial change to a procedure should be approved by the Management Group. Less material changes and adjustments may be executed with the Owner of the Procedure and the Compliance Officer in cooperation.
Only the CEO alone or the Management group collectively may approve exceptions or deviations from policies and procedures.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Ledidi has a thorough and security-oriented development process, during which each new version goes through code reviews, vulnerability checks, automated testing, architecture assessments, privacy assessments, risk assessments, impact analysis, integration testing, security testing and system testing. After each deployment, each component is monitored according to architectural and technical quality criteria, e.g. performance, scalability, vulnerability and potential and actual security issues.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Ledidi performs annual security audits and reviews, monthly risk assessments and release risk assessments. For each single change on any component, threats are assessed before development, automatic vulnerability checks are run, third-party libraries are checked and code reviews focus on all security issues. Ledidi also performs external and internal penetration testing. For any security issue found in production, Ledidi deploys a patch the same day as the root cause of the issue is found.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Ledidi has a core backend and infrastructure team that monitors all activity continuously in AWS Cloudwatch, and based on Cloudwatch and AWS Guardduty both known security incidents and all abnormal behaviour trigger alarms to the entire team. Ledidi has a detailed business continuity plan and incident response procedure for each incident, which involves assessment of cause and damage, immediate response and long-term response. The immediate response is the same day as cause is found, and if the security issue is above a certain level of severity, we close all potential access to the system until the root cause is found.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Ledidi has predefined procedures for incidents, and the employee who discovers the incident / issue, registers it as a task in Atlassian Jira, notifies the rest of the team, the team lead and the CDO and registers an incident report.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
Our software for database and analysis is delivered as software as a service on a public cloud infrastructure (AWS). Cloud services are shown to have a radically reduced carbon footprint compared to on-premise infrastructures. AWS data centers are reportedly 5X more energy efficient than the typical European data center. Cloud computing is more energy efficient, creates lower emissions and increases the use of renewable energy, as shown in reports and research from all the big cloud providers. AWS has pledged to net-zero carbon emissions by 2040, and has planned to be powering operations with 100% renewable energy by 2025.
By using Ledidi Core, all data collection and analysis are done within the same software, reducing the need for other software and hardware, as well as constricting the processing needed to analyse data to a minimum. The solution is designed to enable collaboration within the software, reducing the need for other resource-demanding collaboration forms (meetings, emails, sharing of files etc.). Our suggested solution will be dominantly based on digital cooperation, with no use of paper forms. There will not be any need for new devices, as all data collection will be based on forms accessed online - all you need is a browser.
Taken together, this will be a solution with a low carbon footprint, contributing to the NHS's target of being the world’s first net zero national health service.
Pricing
- Price
- £30 to £60 a user a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Get started with Ledidi Free Trial for 30 days and see how Ledidi Core fits your needs. The Free Trial account can have up to ten projects.
- Link to free trial
- https://ledidi.com/pricing/free-trial