Medrio, a leading provider of innovative eClinical technology solutions, is pleased to announce that it has successfully completed the System and Organization Controls (SOC) 2 Type 1 examination.
The examination was conducted by Schellman & Company, LLC with a focus on the security category with a review date of October 31, 2021. Schellman, an independent CPA firm in the information technology and cybersecurity compliance space, conducted an examination of Medrio with a focus on security of information and systems maintained by the company in providing their eClinical solutions.
Fred Martin, Chief Operating Officer at Medrio, stated, “Our customers entrust us with their most sensitive data and we take that responsibility very seriously. To continue delivering the industry-leading hybrid clinical trial technology, we recognize the need to demonstrate our commitment by undergoing the rigors of SOC 2 compliance.”
Medrio’s completion of the SOC 2 Type 1 reinforces their company-wide commitment to the security of their data management technology platform. Lance Ishimoto, Medrio’s Director of IT, commented, “Our dedicated team spent hundreds of collective hours over many months in an effort to ensure completion of this milestone. The significance of securing Medrio’s SOC 2 Type 1 cannot be understated when it comes to protecting the sensitive data that our customers entrust us with.”
SOC 2 is a technical auditing process conducted by independent auditors who examine whether controls are in place to provide reasonable assurance that an organization’s service commitments and system requirements were achieved based on the trust services criteria relevant to security. By engaging an independent CPA to perform the SOC 2 examination, Medrio can ensure an objective evaluation of the effectiveness of their security controls.
“As the clinical trials industry continues to migrate more data online, it’s imperative that our customers feel secure knowing that Medrio is making every effort to not only establish, but maintain, the highest level of security and compliance,” says Martin.
To comply with SOC 2, Medrio demonstrated it had established rigorous policies and procedures in accordance with the American Institute of Certified Public Accountants (AICPA) Trust Services criteria for security. Additionally, the report verifies the existence of internal controls which have been designed and implemented to meet the requirements for the security category. This independent validation of security controls is crucial for organizations operating in highly regulated industries such as eClinical technology solutions.
“Our customers manage incredibly sensitive personal health information that requires careful handling,” says Martin, “The successful completion of the SOC 2 examination gives Medrio a distinct competitive advantage as it allows us to assure our current and prospective customers that we have taken all the necessary steps to keep their sensitive information safe from potential data breaches or compliance issues.
Our goal in providing customers with this peace of mind is to shift their focus from data security concerns to focusing on their most important asset: their clinical trial patients.”