Protection of Confidentiality:
- eClinicalHealth complies with the requirements of the UK data protection act 1998 (as amended from time to time) and the EU data protection directive (95/46 EC).
- eClinicalHealth has procedures and policies in place that are consistent with the Good Clinical Practice (GCP) and Health Insurance Portability and Accountability Act (HIPAA) standards for the protection of any personal data (personally identifiable information) we collect, transmit or store; and an Information Security and Data Privacy Officer to enforce them;
- Clinpal has a built-in data classification and security model that complies with GCP data blinding and confidentiality requirements and prevents users of certain roles from accessing personal data. (Patient’s personal data is not accessible to the Sponsor).
Data Integrity and Security:
Clinpal is a fully validated platform designed from the ground up to meet all the above legislations and regulatory requirements, including FDA’s 21 CFR part 11 requirements for electronic records, electronic signatures and audit trails; all the necessary physical, technical, and administrative security measures are in place to reduce the risks of loss, misuse, unauthorized access, disclosure or alteration. These measures include:
- Secure UK-based data centre;
- Secure access to the web page and user authentication;
- Use of technologies designed to safeguard through encryption both data at rest (data stored in our database) and data in transit;
- Integrated Audit trail.