Every MSO or vendor that wants to pull data out of CCC ONE eventually lands on the same question: is Secure Share the right pipe? The CCC sales team will tell you yes. The engineer who has to build on top of it will tell you something more nuanced.
This is the guide I wish existed when I built the analytics platform that now runs across 100+ collision shops. No marketing. No "it depends." Specific, current information about what Secure Share gives you, what it doesn't, and what it takes to ship a real integration.
What Secure Share Actually Is
Secure Share is CCC's managed data-sharing service. A subscribing partner (insurer, rental, parts, analytics vendor, or the shop itself) signs up, CCC provisions a subscription, and from then on CCC pushes the agreed data out of the shop's CCC ONE install to the subscriber.
Under the hood, the payload is a CIECA BMS (Business Message Suite) XML document. BMS is an industry-wide collision-data standard — estimates, supplements, labor operations, parts, totals, images, dates, vehicle data — wrapped in a schema that every major collision platform speaks.
So when someone says "pull data via Secure Share," what they actually mean is: receive BMS XML files from CCC, parse them, and load the fields you care about.
What Secure Share Is Good For
- One-way outbound workfile data — new estimates, supplements, and totals as they happen in the shop.
- Near-real-time feeds — CCC pushes on events, not on a schedule you control, but latency is usually minutes, not hours.
- Standardized schema — once you parse BMS, your code works for any CCC shop, any carrier, any state.
- Signed, auditable transport — helpful for carrier DRP compliance and anything that has to survive a PE data room.
What Secure Share Is Bad For (Or Won't Do At All)
- Historical data. Secure Share is a feed. Subscribe today, get data from today forward. If you need 3 years of back-history, you're looking at a separate export, a database backup restore, or a report-scraping exercise. We wrote up that problem separately.
- Two-way operations. You cannot write back to CCC ONE through Secure Share. Notes, status changes, appointment updates — none of that goes outbound through this pipe.
- Non-workfile data. Shop configuration, user accounts, labor rate tables, DRP settings — not in BMS, not in Secure Share.
- Arbitrary custom fields. BMS is a standard. If your shop uses a custom field or comment, it may come through as a generic note, not a structured field you can query on.
- Querying. Secure Share is push-only. You cannot ask "give me all workfiles that closed last month." You get what CCC sends you, when CCC sends it.
What "Getting Started" Actually Looks Like
The honest timeline for a first integration, assuming you are a developer who has never touched BMS before:
- Week 1–3: paperwork. Subscription agreement, data-use terms, BAA if relevant, trading-partner setup on both sides. This is the bottleneck on almost every project. CCC moves at CCC's pace.
- Week 3–4: plumbing. Stand up the receiver (HTTPS endpoint or sFTP drop), exchange certs, validate a test payload. CCC will send sample BMS for schema validation.
- Week 4–6: parsing. Walk the BMS schema. Decide which 40–60 fields you actually need out of the several hundred in the spec. Build your loader.
- Week 6–8: backfill gap. Realize you need history. Plan the separate historical-data exercise.
- Week 8+: production. Monitoring, error handling, MT10720 retries, supplement reconciliation, deduping when the same workfile comes through twice.
If anyone tells you this is a two-week job, they've either never shipped one or they're selling you something.
What It Costs
Three line items:
- CCC subscription fees. These vary by use case and partner tier; current market is typically a per-shop monthly fee, sometimes plus a setup charge.
- Engineering build. A competent engineer familiar with BMS can ship v1 in 6–8 weeks. Without that experience, plan on 3–4 months.
- Ongoing maintenance. Plan ~10% of build cost per year for BMS schema updates, new carrier partners, retries, and certificate rotations.
MSOs with 15+ shops usually find the math favors a purpose-built platform over a ground-up build; single shops and smaller groups often don't need Secure Share at all and can live on exports.
Alternatives Worth Knowing About
- CCC's SOAP API for direct workfile access. More flexible than Secure Share, far less documented, heavier authentication. Useful when you need pull semantics or non-workfile data.
- CSV exports from CCC ONE reports. Fine for one-off analysis, terrible for anything production.
- Direct database access (on-prem / legacy installs). Possible in specific cases, not something CCC encourages, and not a viable long-term plan.
- Third-party pre-built integrations from MSO platforms that already have the Secure Share plumbing solved. Fastest path if you care about the data, not the pipe.
The Honest Recommendation
If you are building a product that needs to read collision workfile data at scale: Secure Share + BMS is the right standard. Budget the paperwork, budget the backfill, and build it once properly.
If you are an MSO that wants dashboards and alerting on your own shop data: you probably don't want to hand-build this. You want a platform that already solved the plumbing and lets you focus on the decisions the data is supposed to drive.
If you are a single shop: don't start here. CSV exports into a warehouse will take you further than you think before Secure Share is worth the paperwork.