• COVID-19
  • Decentralized Trials
  • Blog
  • Client Login

Compliance: See How Medrio Keeps Your Data Safe

Solution Sheet

The regulatory landscape is constantly shifting. We stay on top of regulatory guidelines, compliance standards, and system security so you can stay focused on your patients and trials.

At Medrio, we strive to ensure that our systems comply with regulations in the various countries and regions in which our clients operate. We continually perform an in-depth analysis of regulations across the globe and work with external auditors so you can be assured our solutions are compliant.

Compliance Standards

  • ICH Good Clinical Practice (GCP)
  • FDA 21 CFR Part 11 Compliance
  • Annex 11
  • General Data Protection Regulation
  • HIPAA & HITECH
  • CDASH & CDISC
  • ISO 9001 Quality System

FDA Guidance

To ensure our customers can conduct their clinical investigations without the worry of issues pertaining to regulatory compliance, we have fully embraced the following FDA Guidance documents:

  • Guidance for Industry, Electronic Source Data in Clinical Investigations
  • Guidance for Industry on Computerized Systems Used in Clinical Investigations
  • ICH Guidance for Industry, E6 Good Clinical Practice

Product and Information Security

Medrio is committed to delivering solutions and software that exceed customer expectations and meet applicable regulations. We are dedicated to providing quality data collection solutions assuring the security and integrity of data maintained in the systems.

Medrio contracts with Google Cloud Platform to house and secure our servers in restricted access locations. Google maintains SOC 1, 2, 3 Reports, ISO 27001, ISO 27017, ISO 27018, Cloud Security Alliance, PCI Compliance, HIPAA, CJIS, EU Model Clauses, and Privacy Shield compliance. Medrio audits Google periodically as part of a Vendor Assessment program.

Key Features

  • Validated Environment
  • Audit Trail
  • Access Level Restricted by Role
  • Incremental and Daily Full Backups
  • SSL Encryption
  • Login and Activity Log
  • Two-Factor Authentication (2FA)
  • Electronic Signatures
  • Session Time-Out
  • Single Sign-On (SSO)
  • Password Expiration
  • User Lock-Out
  • Operations Monitoring
  • Disaster Recovery
  • Business Continuity Plan
  • Quality Management System / SOPs

We work with external auditors to ensure we’ve followed all of the necessary software and procedural controls. With Medrio you can be confident that your data is secure and your participants’ privacy is protected.

Learn More About How Medrio Keeps Your Data Safe