LHQ Software Limited

LHQ Software

A collaborative solution for a real-time view of every legal matter, budget, chargeable hour, and expense providing visibility and transparency of legal costs and case actions both internally and across panel law firms. Tracking and comparative analysis on panel law firms ensuring informed decisions, quality of service and cost efficiency.


  • Detailed understanding and management of legal spend
  • Panel firm comparisons across fee earner, case type and damages
  • Real time visibility and transparency of case progression
  • Automatic monitoring of Service Legal Agreements
  • Bespoke reporting providing tailored KPIs and exception reporting
  • Data source for future tenders and overall panel management
  • Detailed budget monitoring information by matter and phase
  • Integrateable with all law firm PMS; automatic extraction of data
  • Accessed via a web browser, with no additional software required
  • Updates occur seamlessly with constant adaptations and no versioning requirements


  • Visible information ensures informed business decisions can be made
  • Accurate scorecards – work redirected, and targets created
  • Collaborative working leading to greater trust and alignment of interests
  • Proactive as opposed to reactive decisions
  • Ensures continual compliance with Service Level Agreements
  • Negates the need for costly periodic audits
  • Improvement in tender negotiations and outcomes
  • Upskilling of claims handlers
  • Reduced case life cycles reducing defendant and claimant cost
  • Reduced spend and time taken on the costs budgeting process


£5 to £5000 per unit

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9


LHQ Software Limited

Arabella Bown

0203 637 1950


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Planned maintenance occurs out of UK working hours
System requirements Modern browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Depends on the severity of the problem:

The LHQ system is unavailable to all users. Response within 30 minutes; updates every 2 hours until resolution.

A key business function is severely impacted with no workaround available. Response within 2 business hours; workaround or fix within 4 business hours.


A key business function is impacted causing inconvenience. Response within 8 business hours; workaround or fix within 5 working days.


A client’s business function is not impacted at all but a query or possible product improvement. Response within business 8 hours; response or resolution within 10 working days.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Email, telephone and online support are all provided as part of the service at no extra cost. A technical account manager or cloud support engineer will be available during on-boarding.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We can provide onsite or remote training.
Service documentation No
End-of-contract data extraction We provide data in an industry standard format at the end of a client's contract (if required).
End-of-contract process All client data will be returned to the client in an industry standard format at the end of their contract (if requested).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Site is responsive and adapts to different screen sizes. Functionality remains the same.
Accessibility standards None or don’t know
Description of accessibility Not currently tested against any accessibility standard.
Accessibility testing None
What users can and can't do using the API The API allows clients to read and write matter, hours worked, disbursement and other information to allow connections to third party systems.
API documentation Yes
API documentation formats Open API (also known as Swagger)
API sandbox or test environment Yes
Customisation available Yes
Description of customisation LHQ can be customised to meet client requirements around phasing, activity types, rate cards etc


Independence of resources We use AWS autoscaling to increase resources to meet demand across all clients.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported in CSV, XLS and PDF format from any of the included reports. Data can also be exported through the API for connection to third party systems.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats XLS

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Application Availability

(a) LHQ aims to ensure application System availability for twenty four (24) hours per day seven (7) days per week.

(b) For the purposes of the SLA the application system shall be deemed not to be unavailable if LHQ’s hardware, software, operating system, or network is functioning in such a manner that prevents HTTP or HTTPS access to the system application.

(c) LHQ’s ensures system availability under (a) above, This specifically excludes network and any other issues resulting from failures including in network hardware or other hardware, software or systems which are not owned or managed by LHQ or our hosting partner (AWS).

(d) Measured quarterly on a continuous 24 hour 7 day basis, LHQ guarantees 98% availability of the System software application.
Approach to resilience Available on request.
Outage reporting We use the third party (StatusCake) to alert on outages and provide a third party dashboard.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access to management and support systems is only available to appropriate staff over a secure VPN. Each individual system is locked down so that access is only allowed to staff who need to use the systems. Access is done either with certificates, username/password and/or MFA.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach We are working towards ISO27001 and our approach is aligned with that.
Information security policies and processes Our information security policy, processes and reporting structure align with ISO27001.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We have a change management process as part of ISO27001. Each change is logged and assessed for security and operational impact.
Vulnerability management type Undisclosed
Vulnerability management approach All systems are patched regularly. For Microsoft systems, this includes an automatic update which includes 'patch Tuesday' releases. Linux systems are updated on a weekly basis. Vulnerability information is received from CVE and vendor sites (eg. Microsoft)
Protective monitoring type Undisclosed
Protective monitoring approach We monitor our systems for: (a) unusual login activity through activity logs (b) unusual web server activity through web server logs (c) unusual changes in server activity (eg. increased CPU usage or disk space usage). We respond to potential issues through our Incident Management Process. Response times would vary depending on the type and severity of the incident.
Incident management type Undisclosed
Incident management approach We have an incident management process for dealing with possible or actual incidents. Users can report incidents to the support desk. Where an incident has or may have impacted on a client they will be provided with ongoing updates as the incident is closed out and a full root cause report after the event has been analysed.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5 to £5000 per unit
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Trials work on a case by case basis but usually offer full system access for a limited number of units and typically cover a period of 4 weeks - 6 months.


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑