Recordsure

Recordsure Document Analytics and AI

Documents analytics. Access digital document types in one viewer, interrogate and analyse information, producing irrefutable audit trails. Fully configurable workflow and integration with Microsoft PowerBI, CaseReviewAI is a complete solution for managing document based case files for any kind of investigation. Integrate with ConversationReviewAI to include audio recordings alongside documents.

Features

• Highly capable configurable workflow engine enabling real-time integration.
• Navigate complex case documentation efficiently and search smarter.
• Sophisticated AI classifies documents and dates within cases.
• Search multiple documents to discover sections linked to configurable topics.
• Creates an authoritative output of review for archival systems.
• Continuous active learning trains and enhances the underpinning AI models.
• Easily configure reports to identify trends in performance and outcomes.
• Trained on government specific language, uses ‘best practice’ data
• Huge variety of files types supported (over 140)
• ISO27001 certified

Benefits

• 97% AI-driven accuracy and output consistency ensure quality outcomes
• Significantly expediting a largely manual process while improving quality
• 100% of files are categorised, searchable, easy to review
• Documents organised in time order and into relevant cases
• Automatically bookmarked sections relevant for review by human reviewers
• Increased operational efficiencies, >50% reduced time per review
• Evidencing quality assurance, processes and outcomes, irrefutable audit trails
• Actionable process feedback, better supervisory oversight, advanced training tools
• Infinitely scalable and readily replicable
• Smart technology red-flags issues for human reviews

£0.10 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@recordsure.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

897572923304574

Contact

Victoria Mansbridge
+442037727230
sales@recordsure.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • There are no dependencies on system infrastructure
  • Google Chrome or Microsoft Edge internet browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support requirements will be defined and confirmed during initial project scoping sessions
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support levels and SLAs will be scoped and confirmed during initial project scoping exercise. Generally support and maintenance are included in our fees.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training can be provided either on-site or online depending on client preference. We also provide user manuals and supporting documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Various options are available depending on client requirements - this will be confirmed during initial scoping exercise.
• End-of-contract process: Data extraction may incur additional cost depending on client requirements.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: All functionality and data accessible via the product user interface is also available via the API, with the following exceptions.; For the Case Review AI product, there are restrictions on using the API for the purposes of document type conversion, document generation or for OCR purposes.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: We provide a dedicated instance.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Client Network Isolation, Security groups, Client Specific Encryption Keys. ISO-27001 controls.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: End-users can export original documentation, if authorised, using the UX.; ; Exports of all marked up documents and data ("Evidence Support Packs") can be exported automatically as part of a workflow process, or in batch form on request (must be contracted).
• Data export formats: Other
• Other data export formats:
  • Original format (Office, Email, Text, PDF, Image, Audio)
  • JSON (for metadata)
• Data import formats: Other
• Other data import formats:
  • Odt, odt, rtf, ods ots, csv, tsv, slk, eml, wav
  • Wma, mp3, mp4, m4a, ogg, oga, opus, aac
  • Pdf, jpg, png, gif, tiff, bmp, svg, txt
  • Odp, otp, htm, mht, zip, gzip, tar

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: All data at rest is encrypted using Microsoft Azure standards (e.g. TDE and service-managed keys for SQL databases, AI Search and Entra Directories and AES-256 for Blob storage).; Data in transit is encrypted using TLS1.2 or higher.

Availability and resilience

• Guaranteed availability: All SLAs will be confirmed during initial project scoping sessions
• Approach to resilience: We use the resilience excellence of Microsoft Azure.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Multi-factor authentication IAM users, groups, and roles for daily account access CloudTrail to monitor all activity
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 06/01/2021
• What the ISO/IEC 27001 doesn’t cover: To confirm, we fully comply with the SOA and have no exceptions. For clarity, the following is covered by our ISO 27001 certification: The Information Security Management System in relation to the design, development and operation of technology and business services for the capture, storage, analysis and retrieval of audio and other media records related to communications in financial services and other sectors.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 13/05/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: The full SAAS is covered
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Information Security Policy Access Control Policy Acceptable Use & Social Media Policy Backup and Recovery Policy Bring Your Own Device Policy Change Control Procedure Continual Improvement Review Procedure Data Protection Statement Network Policy Password Policy Programme Management Policy AWS KMS Encryption Key Management Procedure Software Development Lifecycle (SDLC) Procedure Supplier Management Policy System Decommissioning Policy Risk Assessment Infrastructure Policy Infrastructure Hardening Policy Information Security a Quick Guide Starter, Leaver, Mover Process What To Do In The Event Of A Crisis Guide to legislation relevant to Information Security Policy Data Breach Management Procedure The information Security Policy is owned by the Chief Security Officer (CSO). Policy adherence is managed by the Information Security Team, through training, internal audits and a robust events and Incident risk analysis process.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Approach Standard Changes (very low risk) do not need to be approved by the Change Advisory Board (CAB). Normal change must always go to the CAB for approval. Emergence Changes follow a fast track CAB assessment process. Information Security Requirements must be considered and implemented for each change in software, hardware, configuration or physical security.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Threats are assessed through regular audits, automatic detection tools, and change management security considerations. Threats are regularly assessed and updated. sources include NCSC and NIST. Low severity patches and updates are introduced to the current development cycle for the next release. Medium severity patches and updates are applied as soon as they become available, and have been tested against the current build. Critical security patches are given the highest priority for pre-production testing, and scheduled to be released into production as soon as possible, under an emergency change.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: HAProxy Enterprise WAF & API Gateway, Web Application Firewall Mod Security, Amazon GuardDuty, AWS CloudTrail, AWS Shield. All alerts go to the Security team, where they are rapidly risk triaged, and prioritised for treatment. Where the severity of a reported event or incident is considered to be Major, the situation may need to be escalated to The Crisis Management Team. The CMT once activated will own the crisis until resolution is reached.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have pre-defined processes for common events (all, e.g. Phishing) can be reported to Security via Email, or Realtime messaging channels. Incidents should be reported immediately to security via email, Realtime messaging channels, or by reporting it to any senior member of staff up to and including the CEO. Redacted summaries of recent incidents can be requested, or provided to customers on a scheduled basis. Incidents that seriously impact a customers services will be reported immediately.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We have been assessed by EcoVardis (a highly trust business sustainability ratings firm) and our actions and commitment to the environment earned us a silver medal. In addition, we are a member of the SME Climate Hub, committed to: Halve our greenhouse gas emissions before 2030 Achieve net zero emissions before 2050

  Covid-19 recovery

  We seamlessly move to remote working prior to the first lock-down, without any interruption to our services. We made limited use of the furlough scheme where strictly necessary. Our business is now in a growth phase as we introduce new use cases.

  Tackling economic inequality

  We have been assessed by EcoVardis (a highly trusted business sustainability ratings firm) and our activity and commitment to fair labour practices and wages, as well as human rights and ethics has earned us a silver medal.

  Equal opportunity

  We have been assessed by EcoVardis (a highly trusted business sustainability ratings firm) and our activity and commitment to fair labour practices including equal opportunities and human rights and ethics has earned us a silver medal.

  Wellbeing

  We have been assessed by EcoVardis (a highly trusted business sustainability ratings firm) and our activity and commitment to labour and human rights, ethics has earned us a silver medal. In addition we provide all staff with free access to the well-being app: Headspace.; Also, by providing irrefutable audit trails, our solution removes the stress of investigations.

Pricing

• Price: £0.10 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@recordsure.com. Tell them what format you need. It will help if you say what assistive technology you use.