Nuance Communications Ltd

Dragon Medical One

Dragon® Medical One is a secure, cloud-based speech recognition solution that allows clinicians to document the complete patient story using voice, while enabling healthcare organisations to deploy medical speech recognition across the enterprise easily—all the while saving time for IT staff and boosting productivity and efficiency for clinicians.


  • Installs in minutes on any clinical workstation or laptop
  • Eliminates back end transcription process and costs
  • Zero speech profile training and profiles that continue to improve
  • Enterprise deployments through virtual environments with any clients
  • N3 Connection to the cloud for speech-processing and system management.
  • Speech-related data is communicated over 256-bit encryption for end-to-end security.
  • Access to specialty medical language models, custom vocabularies and templates.


  • Boost clinician productivity and efficiency with workflow optimisations.
  • DM One is designed for speed, accuracy, and flexibility
  • Affordable subscription-based pricing with little up-front capital investment.
  • No complex configurations and automatic updates
  • no usage limits, doctors can stay productive anywhere
  • Analytics - track efficiency and maximise the investment.


£45 per person per month

Service documents

G-Cloud 10


Nuance Communications Ltd

Claire Minett


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Compatible with all leading EHRs, and designed with virtualisation in mind, the Dragon-Medical-One provides secure, accurate, and portable cloud-based clinical speech-recognition across a wide range of devices. Doctors open the app, place the cursor where they want speech-recognised text to appear, and start dictating into any clinical or non-clinical application.
Cloud deployment model Community cloud
Service constraints Nuance do not supply hardware other than dictation peripherals (microphones) Planned Maintenance - Nuance perform software updates within scheduled maintenance windows Emergency Maintenance - Unplanned downtimes minimal to none as system is monitored continuously
System requirements
  • CPU: min. 1.7GHZ, recommended 2.8GHz
  • RAM: min. 512MB, recommended 2GB
  • OS: Windows 7 or newer
  • Microsoft .NET Framework 4.5 (or higher) is required
  • For personalization and help window: Internet-Explorer-11
  • Microphone that can record in 16kHz, 16bit mono supported

User support

User support
Email or online ticketing support Email or online ticketing
Support response times An authorised contact submits an online service request on our Nuance Healthcare Customer Support Platform. On the Nuance Healthcare Customer Support Platform customers have access to knowledge base solutions, plus ability to submit a service request online. The average response time is one (1) hour for web-based Service Requests during normal business hours, 8:00 AM to 5:00 PM GMT, Monday to Friday.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 1: Emergency situation where fault affecting whole operation of system rendering it inoperable
Level 2: Urgent situations where important System features not working correctly
Level 3: Faults in System capability which don't affect delivery and presentation of user data
Level 4: Cosmetic problems which don't affect operation of system, classed as minor defects/ transient faults
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Nuance assist the customer in achieving a smooth rollout of DM One and maximising their ROI in the software by ensuring the product is implemented and project managed in the most efficient way and users are fully equipped and trained to make best use of its tools and features.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction DMO translates voice input into resulting text which is directly transferred into the target host system, such as the customer EPR.
For adaptation purposes User Data is temporarily stored and deleted after adaptation has taken place.
License and usage data is accessible and downloadable through a customer specific portal.
End-of-contract process License and usage data is provided to the customer upon termination of contract and then deleted if no other obligation persists.

Using the service

Using the service
Web browser interface No
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices No
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing NA
Customisation available Yes
Description of customisation - Splash screen customization
- Individual voice commands
- Individual Auto-Texts
- Customizable vocabulary per user/department/organization


Independence of resources Continuous supervision of system capacity and demand-based capacity extension


Service usage metrics Yes
Metrics types - ACR (Accumulated Change Rate)
- Recognized Characters
- Audio Length
- Auto Texts
- Voice Commands
- Adaptation rate
- etc.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Other
Other data at rest protection approach Encryption of VM
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach License and usage data is accessible and downloadable through a customer specific portal.
Data export formats Other
Other data export formats
  • Txt
  • Csv
Data import formats Other
Other data import formats None

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network Other
Other protection within supplier network Internal Firewalls

Availability and resilience

Availability and resilience
Guaranteed availability The services are deployed in an active/stand-by configuration, with the primary data centre taking live traffic, and all relevant data is replicated to the secondary data centre continuously. In the unlikely event of a data centre failure, all traffic will be rerouted to the secondary data centre. The potential for data loss in the event of an outage, Recovery Point Objective (RPO), is 15 minutes or less.
Approach to resilience Within each data center, the system architecture of Nuance cloud services provides the following high-availability features:
– Fully redundant network infrastructure, including load balancers and switches
– Multiple clustered application server
– High-availability network storage with fiber optic connections
– Clustered database server
– Clustered and extensible speech server farm
Outage reporting Nuance Hosted Health Infrastructure Services (HHIS) and its Reliability Center (SRC) personnel provide 24x7 coverage and will immediately communicate any outages to all affected customers.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Role based authentication
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Nuance Communications UK Ltd has attained IGSoC and IG ToolKit assessment and approval.
Attainment of IGSoC
means that Nuance Communication UK Ltd has met all the requirements of Information Governance Management required by IGSoC: Confidentiality and Data Protection Assurance, and Information Security Assurance.
Information security policies and processes Nuance has a comprehensive set of security policies and procedures at the Corporate level and specific policies and procedures for the Healthcare Division. These policies are published on an internal corporate website. The policies have been derived from various Information Security Frameworks including HITRUST.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Nuance Healthcare maintains a change management process which defines standardized methods and procedures for handling of Changes within the production environment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Weekly scans; findings prioritized on risk and planned remediation according to priority
Protective monitoring type Supplier-defined controls
Protective monitoring approach Undisclosed
Incident management type Supplier-defined controls
Incident management approach Nuance has a formal incident response and escalation process in place with Microsoft Azure. Documented policies and procedures specify the actions to be taken in the event that a new threat is detected.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks New NHS Network (N3)


Price £45 per person per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑