The TrialKit platform is a product of Crucial Data Solutions, a U.S. corporation. TrialKit is used as a pharmaceutical and device data collection tool around the globe in all phases of research, post-market studies, and registries. In ongoing efforts to protect the integrity of data and maintain robust up-to-date security, Crucial Data Solutions follows several regulatory guidelines and modern scalable cloud environments for its data.
TrialKit Is Subject to the Following Regulatory Guidelines and Standards
US Food and Drug Administration US 21 CFR:
...
Processing, Security, and Reliability
TrialKit Cloud’s networking and data storage employs 3rd party services provided by Amazon Web Services (AWS is a well known and reliable provider of SOC and HiTrust-certified hosting and networking services. Read more about compliance programs here.) around the globe, for both primary hosting and data backup/recovery. AWS is a leader in global industry compliant data storage and security. It is listed and active under the following international and governmental certifications listed below, based on the region of hosting. Crucial Data Solutions will configure hosting in the region under which the data owner requires.
Global
CSA
ISO 9001
ISO 27001
ISO 27017
ISO 27701
ISO 27018
SOC 1
SOC 2
SOC 3
United States
FedRAMP - Government Data Standards
FISMA - Federal Information Security Management
HIPAA - Protected Health Information
HITRUST CSF - Health Information Trust Alliance Common Security Framework
NIST - National Institute of Standards and Technology
CJIS - Criminal Justice Information Services
DOD SRG - Department of Defense Data Processing
FIPS - Government Security Standards
FERPA - Educational Privacy Act
Europe
HDS - Personal Health Data Protection in France
C5 - Operational Security Attestation in Germany
G-Cloud - Government Standards in the UK
CISPE - Coalition of Cloud Infrastructure Services Providers in Europe
As a software company, Crucial Data Solutions maintains rigorous standards in its Quality Management and Security Measures. As part of that, TrialKit Cloud is hosted in AWS where it can inherit the built in security boundaries and controls offered through its AWS provider. CDS is routinely audited by 3rd party clients, including some of the largest organizations in the world.
The sub-services configured by CDS within the AWS VPC boundaries are:
...
Data connections and storage are encrypted using the healthcare industry-industry standard AES 256/TLS 1.2 SSL and 2048-bit RSA public keys. VPN and Firewall ACLs control access at the cloud level. Network vulnerability assessments and penetration testing are performed routinely.
Client data on the TrialKit cloud is stored in isolated schemas within the database. Access to the data within a schema is managed directly by the named client Administrators or other user-defined permission role levels. Audit trails display the history of user roles and permissions along with the last access.
User-based Application-level security uses 2-factor authentication and optional Oauth2 single sign-in on tools.
Private cloud environments configured and managed by CDS are available.
...
| Page Properties | ||
|---|---|---|
| ||
|