CCube Solutions


The CCube Electronic Document & Records Management (EDRM) Solution is largely intended to replace the high volumes of paper documents that move around a given organisation, enabling current practices with manual filing to be ended. Instead, documents (files) will be stored and retrieved electronically, and can be driven via workflow.


  • Securely manages and delivers electronic records at point of care
  • Highly scalable data architecture – for data volumes and users
  • Supports a wide range of file and content types
  • Fast easy access to electronic records supports role-based access
  • Viewer provides easy, intuitive access to multi-page documents
  • Access directly in ‘native’ mode or integrate with existing systems
  • Fully integrated e-form and workflow
  • Easily accessed via standard web-browsers where and when needed
  • Full audit trail maintained of all access to electronic records
  • Includes facilities for creating new patient information


  • Efficiency savings as electronic records accessed quickly and easily
  • Multiple user access to same records concurrently, regardless of location
  • Greatly reduces staff, storage and transport costs to manage records
  • Records can be shared more easily across and between organisations
  • Service and process re-design enabled as physical records removed
  • Easily deployed across an organisation – minimises implementation costs
  • Intuitive interface minimises training needs
  • Rapid implementation optimises ROI
  • Supports compliance with data management standards such as BIP0008
  • Secure access, greater compliance with Governance and data protection legislation


£251420 per licence per year

  • Education pricing available

Service documents

G-Cloud 10


CCube Solutions

Henry Francis


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Planned maintenance arrangements will be agreed with customers to minimise any impact to their usage of the service.
System requirements
  • Linux 64 bit OS
  • Min 1 GB memory (recommended 8 GB memory)
  • Min 50 GB storage
  • Access to SQL Database

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Typically response times are within 1 hour, during prime shift time. Response times would be different at weekends, depending on the level of service required by the customer, which would be at extra cost.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Screen readers.
Web chat accessibility testing To date we have not done any interface testing with users of assistive technology. However as our solutions are based on open standards we would expect our solutions to be interoperable with assistive technology (AT).
Onsite support Onsite support
Support levels We offer a 24x7x365 days per year Service desk software that enables issues to be logged. This Service desk is monitored out of hours. Support is offered weekdays from 08:30 to 17:30. We manage a central, UK based Help Desk and Call Logging facility which is web based and accessible to customers – each customer has an account setup within this facility for logging calls and for monitoring their progress. The on-line help desk facility is available on a 24/7 basis. Monitoring of calls received takes place during extended normal hours, ie. between 8.30am and 17.30. Call monitoring outside these hours is available on an agreed basis.

We provide direct Technical Support, including:
• call receipt
• call screening
• incident reporting and tracking
• search problem databases and resolve documented problems
• installation assistance
• problem isolation
• problem resolution.
All calls are logged and information on issues and their resolutions held within our on-line call-logging facility which is accessible to customers. This in turn provides a knowledge repository. The service also includes an internal error log facility as well as a full audit trail.

We provide a technical account manager to each customer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite or remote training (Train the Trainer is the favoured approach), video tutorials, webinars, to setup of service. User documentation is provided.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats MS Word
End-of-contract data extraction Via API, database extraction (dump).
End-of-contract process At the end of the contract, assuming that the customer does not wish to renew, the customer extracts their data from the service and we, in agreement with the customer, delete all data records held. This is included in the price of the contract. Any additional requirements that the customer may have, may be subject to an additional fee.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are no differences between mobile and desktop service, other than screen size.
Accessibility standards WCAG 2.0 A
Accessibility testing To date we have not done any interface testing with users of assistive technology. However as our solutions are based on open standards we would expect our solutions to be inter-operable with assistive technology (AT).
What users can and can't do using the API Create, Delete, Modify documents and database items within the service.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Branding of the service for users is also possible. Re branding would normally be carried out by a System Administrator/Super User.


Independence of resources Service automatically scales out to accommodate increased user load and storage.


Service usage metrics Yes
Metrics types Logging of changes made, documents created, modified or deleted, system level audit trail and application level logging.
Reporting types
  • API access
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Via API, database extraction (dump).
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Minimum 99.95% service availability - Unavailability applies to existing VMs that become unresponsive due to a fault recognised at the IaaS layer or below, that is, the fault is within UKCloud-controlled components, such as the physical host availability, storage, power and internal networking such as physical firewalls and routers.
Approach to resilience Multiple secure UK data centres separated by more than 100km and connected by high-bandwidth, low-latency dedicated connectivity.
Outage reporting Proactive monitoring, 24 hour staffed NOC

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Role based security within the service.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Platform optimised for OFFICIAL and OFFICIAL-SENSITIVE data and fully aligned to the National Cyber Security Centre (NCSC) 14 Cloud Security Principles.
Information security policies and processes Platform optimised for OFFICIAL and OFFICIAL-SENSITIVE data and fully aligned to the National Cyber Security Centre (NCSC) 14 Cloud Security Principles.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change management and configuration management is undertaken at 3 levels, first by development team during coding, then by development team and CTO on predeployment server, finally on locally hosted live server. Once passed all stages it is deployed to production installations.
Vulnerability management type Undisclosed
Vulnerability management approach Vulnerabilities are identified and the risks of these vulnerabilities are evaluated. This then leads to correcting the vulnerabilities and removing the risk or formal risk acceptance by the organization. Vulnerability scanning is carried out, consisting of using software to identify vulnerabilities in networks, computer infrastructure or applications.
Protective monitoring type Undisclosed
Protective monitoring approach Protective Monitoring provides visibility and an understanding of who is accessing sensitive data.The Protective Monitoring system is used to ensure that there is a level of operational insight, to ensure that we have an understanding of how the systems are being used or abused by internal or external agents.
Incident management type Supplier-defined controls
Incident management approach Issues/problems are raised via our Service desk facility Zendesk, the call is assigned to 1st line support, who will perform a base level diagnosis of the issue. If they can fix the issue the call will be closed. If not, they will gather as much information and assign the call to second line support, who will then look more deeply into the issue. If the issue is deemed to be with the core code this will be passed onto the Development manager. At every stage the Customer is updated with what is happening to the call.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • New NHS Network (N3)


Price £251420 per licence per year
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑