• COVID-19
  • Blog
  • Client Login

Compliance: See How Medrio Keeps Your Data Safe

Solution Sheet

With the regulatory landscape constantly shifting, how do you keep up with all the changes? Staying informed of all the changes and adjusting your operations to adhere to them is incredibly time-consuming but that’s where we come in to help.  Our experts stay on top of regulatory guidelines, compliance standards, and system security so you can stay focused on your patients and trials.

At Medrio, we not only understand that the success of your trial is highly dependent on regulatory compliance but we also are committed to easing this burden for your team. One way we do this is by ensuring our systems always comply with regulations in all the various countries and regions in which our clients operate. We continually perform an in-depth analysis of regulations across the globe and work with external auditors so you can be assured our solutions are compliant.

Compliance Standards

  • ICH Good Clinical Practice (GCP)
  • FDA 21 CFR Part 11 Compliance
  • Annex 11
  • General Data Protection Regulation
  • HIPAA & HITECH
  • CDASH & CDISC
  • ISO 9001 Quality System

FDA Guidance

To ensure our customers can conduct their clinical investigations without the worry of issues pertaining to regulatory compliance, we have fully embraced the following FDA Guidance documents:

  • Guidance for Industry, Electronic Source Data in Clinical Investigations
  • Guidance for Industry on Computerized Systems Used in Clinical Investigations
  • ICH Guidance for Industry, E6 Good Clinical Practice

Product and Information Security

Delivering solutions that exceed customer expectations and meet applicable regulations is at the core of what we do everyday. We are committed to providing quality data collection solutions assuring the security and integrity of data maintained in all Medrio systems and across all devices.

An important component of our data security plan is our contract with Google Cloud Platform to house and secure our servers in restricted access locations. Google maintains SOC 1, 2, 3 Reports, ISO 27001, ISO 27017, ISO 27018, Cloud Security Alliance, PCI Compliance, HIPAA, CJIS, EU Model Clauses, and Privacy Shield compliance. Our Medrio team also audits Google periodically as part of a Vendor Assessment program.

Key Features

  • Validated Environment
  • Audit Trail
  • Access Level Restricted by Role
  • Incremental and Daily Full Backups
  • SSL Encryption
  • Login and Activity Log
  • Two-Factor Authentication (2FA)
  • Electronic Signatures
  • Session Time-Out
  • Single Sign-On (SSO)
  • Password Expiration
  • User Lock-Out
  • Operations Monitoring
  • Disaster Recovery
  • Business Continuity Plan
  • Quality Management System / SOPs

We work with external auditors to ensure we’ve followed all of the necessary software and procedural controls. With Medrio you can be confident that your data is secure and your participants’ privacy is protected.

Learn More About How Medrio Keeps Your Data Safe