Search Knowledge Base Articles

Hospital Management Software

Crest - Hospital Management Software

Business Requirement Document (BRD)
Version: 1.0.1
Prepared by: SV-Software  / Alab-Tech Development Team
Date: 2025-11-14

1. Document Purpose

This BRD describes the functional and non-functional requirements for the Crest Hospital Management Software (HMS). The system will be built using PHP (Laravel) and MySQL and will cover landing pages, customer web/mobile apps, role-based dashboards (Nurse, Receptionist, Pharmacy, Doctor, Super Admin) and reporting, integrations and operational workflows.

2. Objectives

  • Provide an integrated hospital platform covering appointments, OPD/IPD, pharmacy, pathology, radiology, billing, bed & ambulance management, blood bank, certificates and finance.

  • Improve patient experience via web/mobile self-service for appointments, consultations and report access.

  • Provide staff with role-based dashboards that simplify daily operations and reporting.

  • Ensure secure storage, access control and audit trails for patient data.

3. Scope

In scope:

  • Crest Landing Page and content sections.

  • Customer Web and Mobile App features (appointments, OPD, IPD, pharmacy billing, lab/radiology reports, live consult).

  • Role-based dashboards for Nurse, Receptionist, Pharmacy, Doctor and Super Admin.

  • Billing system (pharmacy, radiology, pathology, OPD/IPD bills), inventory checks, patient records, certificates.

  • Reports: finance, appointments, OPD/IPD, pharmacy, pathology, radiology, blood bank, ambulance, birth/death records, logs.

  • Basic integrations: SMS gateway, Email, Payment Gateway, WhatsApp (optional), Printer support for bills and certificates.

Out of scope (v1.0.1):

  • Full PACS integration for radiology (DICOM viewer) — can be offered as optional module.

  • Advanced AI diagnostics.

  • Telemedicine white-labeling beyond simple live consultations.

4. Stakeholders

  • Crest Management (Sponsor)

  • Hospital Admin / Super Admin

  • Doctors

  • Nurses

  • Receptionists

  • Pharmacy Staff

  • Lab/Pathology Staff

  • Patients (Web & Mobile users)

  • Development & QA Team

  • Third-party service providers (SMS, Payment gateway, Printer vendors)

5. Glossary

  • OPD — Out Patient Department

  • IPD — In Patient Department

  • HMS — Hospital Management Software

  • BRD — Business Requirements Document

6. High-level Architecture

  • Backend: PHP (Laravel 10+ recommended)

  • Database: MySQL 8+

  • Cache / Session: Redis

  • Queue: Laravel Queue (Redis / Beanstalkd)

  • Storage: Local + S3-compatible for backups (optional)

  • Web Server: Nginx / Apache

  • Authentication: Laravel Sanctum / OAuth tokens for APIs

  • Realtime / Live Consult: WebRTC (for video) + signaling via Laravel websockets / Pusher

  • Deployment: Docker containers, CI/CD pipelines (GitHub Actions / GitLab CI)

7. Technology Stack (detailed)

  • Language: PHP 8.1+

  • Framework: Laravel 10+

  • Database: MySQL 8.x

  • Caching / Session: Redis

  • Queues: Laravel Queue with Redis

  • Search (optional): MySQL fulltext or ElasticSearch for advanced search

  • Frontend (Admin dashboards): Vue.js / Inertia or React (team preference) + Tailwind CSS

  • Mobile App: Responsive Web PWA (v1) and optional native apps later (Flutter/React Native)

  • Storage: Local filesystem + S3-compatible for documents and media

  • Real-time: Laravel WebSockets / Pusher

  • Reporting & Exports: CSV / XLSX generation using Laravel-Excel

  • Authentication: Laravel Sanctum for SPA/API tokens

  • Logging & Monitoring: Sentry / ELK / Cloud provider monitoring

  • Backups: mysqldump + scheduled S3 upload

8. Roles & Permissions

Roles:

  • Super Admin

  • Receptionist

  • Doctor

  • Nurse

  • Pharmacy Staff

  • Lab/Pathology Staff

  • Accountant / Finance

  • Guest / Patient

Permissions will be role-based and fine-grained using a RBAC module (Laravel Permissions package). Each dashboard view and API endpoint will verify permission.

9. Functional Requirements

9.1 Crest Landing Page

  • Home Page: Hero, Services, quick links

  • Annual Calendar: Events and hospital holidays

  • Appointment: Public appointment booking form

  • Events: List of upcoming events and event details

  • About Crest: About Us, FAQ, Vision & Mission, Departments, Testimonials, Gallery, Contact Us

9.2 Customer Web / Mobile App

  • User registration / login (mobile number OTP / email & password)

  • Profile management

  • Appointment: New booking, cancel, reschedule, appointment history

  • OPD: View OPD appointment details, prescriptions, bills

  • IPD: Admit/discharge info, bed details, daily notes

  • Pharmacy Bills: View & pay pharmacy bills (online payment via gateway), download invoice

  • Pathology Test Reports: Securely view & download test reports (PDF/image)

  • Radiology Test Reports: View & download radiology reports (PDF/image)

  • Live Consultation: Book and join video consultations, chat before/after

9.3 Nurse Dashboard

  • Dashboard: KPIs (today patients, pending tasks)

  • Patient List

  • OPD (Today, Upcoming, OLD): Filter and manage

  • IPD Patient: Daily nursing notes, vitals, medication administration

  • Employee Management: Basic employee directory & attendance view

  • Bed Setup / Status: View bed occupancy, change bed status

9.4 Receptionist Dashboard

  • Dashboard

  • Appointment management (Today, Upcoming, Old)

  • Patient List & search

  • OPD management (Today, Upcoming, OLD)

  • IPD Patient list

  • Employee Directory

  • Visitor List

  • Blood Bank: Inventory & request management

  • Ambulance: New booking & list

  • Bed Setup / Status

  • Birth Record & Death Record entry & reports

  • Billing: Radiology, Pathology, Pharmacy bills (initiate & view)

  • Medicines Stock Check

9.5 Pharmacy Dashboard

  • Patient List

  • Generate Pharmacy Bills & View Bills

  • Medicines Stock Check & reorder alerts

  • Employee Directory

  • Blood Bank (if applicable)

  • Setup: Charges Details, Charge Category, Charge Type, Tax Category, Unit Type

  • Setup: Printer configuration

  • Setup: Medicine Category, Supplier list, Dosage, Interval, Duration

  • Reports: Pharmacy Bill Report, Cash & Online Pay Report, Expiry Medicine Report

9.6 Doctor Dashboard

  • Dashboard: Appointments summary

  • Patient List

  • Own Appointments (Today, Upcoming & Old)

  • OPD: Record consultation notes, prescriptions, investigations

  • IPD Patient: Round notes, orders

  • Employee Directory

  • Live Consult: Start/join scheduled video consults

  • Live Meeting: Start department meetings

  • Bed Setup / Status

9.7 Super Admin Dashboard

  • Dashboard: aggregated KPIs and quick access

  • Patient List & Profile management

  • Central Billing System (create/view bills across departments)

  • Appointment management (Today, Upcoming & Old)

  • OPD / IPD management

  • Pharmacy Billing (Generate/View)

  • Medicines Stock Check

  • Employee Management

  • Blood Bank management

  • Visitor List

  • Ambulance: New Booking & List

  • Bed Setup / Status

  • Birth & Death Record management

  • Radiology & Pathology Billing

  • Attendance & Employee Duty Roster

  • Annual Calendar management

  • Finance: Income / Expenses, petty cash, daybook

  • Messaging / Live Chat (internal staff and patient messaging)

  • Certificates: Generate Certificate, Patient ID Card & Staff ID Card

  • Live Consult & Live Meeting

  • Reports: Finance, Appointment, OPD, IPD, Pharmacy, Pathology, Radiology, Blood Bank, Ambulance, Birth, Death, Logs, etc.

10. Data & Integration Requirements

  • Patient Master: demographics, contact, ID, insurance details, emergency contact

  • Visit/Encounter: OPD/IPD encounter data, complaints, diagnosis, vitals, notes

  • Billing Ledger: line items, taxes, discounts, payment status

  • Pharmacy Inventory: stock, batch, expiry date, supplier

  • Lab Results: structured test results + PDF upload

  • Radiology Reports: PDF/Image results (link to PACS if available)

Integrations:

  • SMS Gateway (for OTP, appointment reminders)

  • Email (for receipts, reports delivery)

  • Payment Gateway (Razorpay)

  • Printer Integration (ESC/POS / Windows printers for bills)

  • Optional: WhatsApp Business API for notifications

  • Optional: PACS / DICOM server for radiology (future)

11. Non-Functional Requirements

  • Security: SSL/TLS for all traffic, encryption at rest for sensitive fields (PHI), role-based access control, audit logs for critical actions.

  • Performance: Support initial load of up to X concurrent users (specify after scoping). Typical API response < 300ms for standard queries.

  • Scalability: Dockerized deployment, horizontal scaling for stateless services, Redis for sessions & queues.

  • Availability: 99.5% SLA target for core systems (appointment, billing). Nightly backups and point-in-time recovery.

  • Compliance: Follow local regulations for medical data handling. Implement data retention & purge policies.

  • Usability: Clean, role-specific UIs; mobile-first design for patient app.

12. Data Model (High-level Entities)

  • Users (roles, credentials, profile)

  • Patients

  • Appointments

  • Encounters (OPD / IPD)

  • Admissions

  • Beds

  • Departments

  • Doctors

  • Employees

  • Bills & Payments

  • Pharmacy Items, Stock, Suppliers

  • Lab Tests, Test Results

  • Radiology Records

  • Blood Bank Inventory

  • Ambulance Bookings

  • Certificates (Birth / Death / ID cards)

(ER diagram to be prepared in the design phase)

13. API Design (High-level)

  • Auth: /api/auth/login, /api/auth/otp, /api/auth/logout, /api/auth/refresh

  • Patients: /api/patients (CRUD), /api/patients/{id}/visits

  • Appointments: /api/appointments (create, update, cancel, list)

  • Billing: /api/bills, /api/bills/{id}/pay

  • Pharmacy: /api/pharmacy/items, /api/pharmacy/sales

  • Lab: /api/lab/tests, /api/lab/results

  • Radiology: /api/radiology/requests, /api/radiology/reports

  • Reports: /api/reports/{type}

All APIs return JSON, use HTTP status codes; secure using tokens and permission checks.

14. Reporting & Exports

  • Standard reports to be available in dashboard (filterable by date range, department, doctor)

  • Export: CSV/XLSX/PDF for finance & audit needs

  • Scheduled reports via email for finance and admin

15. UI / UX Considerations

  • Role-based dashboards with widgets

  • Mobile optimized patient flows

  • Simple appointment booking flow (select department -> doctor -> slot -> patient details)

  • Clear billing receipts with tax breakdown

16. Security & Privacy

  • HTTPS everywhere

  • Passwords hashed with bcrypt/argon2

  • Encryption of sensitive PHI fields at rest

  • Two-Factor Authentication for Super Admin (optional)

  • Audit logs for create/update/delete actions on patient records and bills

  • Regular backups and secure storage of backups

  • Data retention policy and right to delete (as per local regulations)

17. Testing Strategy

  • Unit tests for services and models (PHPUnit)

  • Integration tests for API endpoints

  • End-to-end tests for critical flows (appointments, billing)

  • Load testing for high traffic endpoints

  • Security testing: OWASP top 10 checks

18. Deployment & DevOps

  • Dockerfile + docker-compose for local dev

  • Staging and Production environments

  • CI/CD pipeline: run tests -> build -> deploy to staging -> manual approval -> deploy to prod

  • Backup schedule: daily DB backups + weekly full backups

  • Monitoring: uptime & performance alerts

19. Maintenance & Support

  • 3 months warranty/support after deployment for bug fixes (extendable)

  • SLA options for incident response (e.g., 24/48-hour fixes)

  • Knowledge transfer and admin training

20. Project Deliverables

  • Functional HMS application (web + PWA)

  • Admin dashboards and role-based modules

  • Mobile-friendly patient portal

  • Documentation: Installation guide, Admin manual, API docs

  • Test cases and test reports

21. Acceptance Criteria

  • All major flows (Appointment, OPD, IPD admission/discharge, Billing, Pharmacy sales, Lab & Radiology report upload and view, Live consult) are implemented and tested.

  • Role-based permissions enforced and audited.

  • Critical reports present and exportable.

  • Basic integrations (SMS, Email, Payment Gateway) configured and demonstrated.

  • Successful user acceptance testing (UAT) sign-off by Crest admin.

22. Assumptions & Constraints

  • Crest will provide content for landing page (text/images) and any logos.

  • Hospital will provide API keys for SMS, Payment gateways and printer details.

  • Radiology PACS / DICOM integration treated as optional and scoped separately.

  • Offline printing and local printer configuration may require on-site support.

23. Risk & Mitigation

  • Risk: Sensitive data exposure. Mitigation: encryption, strict RBAC, audit logs.

  • Risk: Delays in receiving third-party API keys. Mitigation: parallel development of internal flows and mock services.

  • Risk: Scope creep. Mitigation: Freeze features for v1 and manage change requests.

24. Timeline & Milestones (Suggested)

  • Discovery & Detailed Design: 4 weeks

  • Development - Phase 1 (Core): 8 weeks (Landing, Auth, Patients, Appointments, OPD, Billing basic)

  • Development - Phase 2: 4 weeks (IPD, Pharmacy, Lab & Radiology basic, Reports)

  • Integration & Testing: 2 weeks

  • UAT & Bugfix: 1 weeks

  • Deployment & Handover: 1 week

Total estimated duration: ~20 weeks (subject to exact scope and resource allocation). Detailed timeline and resource estimate to be prepared after scoping.

Did you find this article useful?

Related Articles