GDPR is here and Flex Databases got your back!

May 23, 2018

GDPR is here and Flex Databases got your back!

Flex Databases is always ready to support you in any challenging situation. And today, when GDPR came into effect,  we are here to demonstrate that with us you are fully prepared to it in terms of our partnership. Here  are some key  GDPR requirements with explanation on how Flex Databases meet them:

GDPR: Article 28.2 ‘The processor shall not engage another processor without prior specific or general written authorization of the controller. In the case of general written authorisation, the processor shall inform the controller of any intended changes concerning the addition or replacement of other processors, thereby giving the controller the opportunity to object to such changes.

Flex Databases: Only customers are the data controllers who decide which data is collected and how it is processed and stored. Flex  Databases is the data processor and strictly fulfills the agreements with the customers and ensures that data is processed following  the instructions by data controller. If our Clients want to put on paper the rights and obligations in terms of GDPR, we are ready to  sign Data Processing Agreement to capture the roles of data processor and data controller and to formalize the measures taken to  protect the data.

GDPR: Article 17 ‘The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.’

Flex Databases: in terms of clinical trials, there is no obligation to erase the subjects’ data as GDPR says that the right to erasure does not apply in case of scientific research purposes. If you need to delete the personal data of a dismissed employee, just write to our Helpdesk and this will be done.

GDPR: Article 32 ‘The controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: the pseudonymisation and encryption of personal data.’

Flex Databases: All traffic into and out of the Flex Databases Platform is encrypted using TLS/SSL protocol that leverages either SHA-2 or AES algorithms. Access to the user interfaces is encrypted via HTTPS/SSL We provide tools for data pseudonymization and ensure strong control of the system access rights.

GDPR: Transfers to third countries and international organisations may only be carried out in full compliance with this Regulation. A transfer could take place only if, subject to the other provisions of this Regulation, the conditions laid down in the provisions of this Regulation relating to the transfer of personal data to third countries or international organisations are complied with by the controller or processor.’

Flex Databases: our system is provided as ‘Software as a Service’ (SaaS) which is a software distribution model in which we as system supplier host applications and make them available to customers cloud-based over the Internet. Cloud-based means that storage and processing take place on servers hosted by Flex Databases in subcontracted data centers which are evaluated before contracting and reassessed periodically. We store and backup the data of our European clients in the qualified data centers located in the EU.

GDPR: Article 37 ‘The controller and the processor shall designate a data protection officer.’

Flex Databases: We have appointed Data Protection Officer who trains the staff in the GDPR and provides guidance in the related issues. In case of any data privacy concerns please contact: dl_privacy@flexdatabases.com

Blog

December 2, 2024
Flex Databases Achieves ISO 27001 Certification

We’re pleased to announce that Flex Databases’ IT security measures are now formally certified under ISO 27001. This certification, earned after a thorough audit, demonstrates that our systems meet internationally recognized standards for information security. ISO 27001 sets requirements for managing sensitive company and customer data securely. By achieving this milestone, we assure our clients […]

November 28, 2024
The Future of AI in TMF

The Trial Master File (TMF) is the cornerstone of clinical trial documentation, serving as the definitive record of compliance with regulatory standards and ethical guidelines. Yet, the management of TMFs has grown increasingly complex with the rise in document volume, diversity, and stringent compliance requirements. Artificial intelligence (AI) is poised to address these challenges, introducing […]

November 19, 2024
How to Choose Pharmacovigilance (PV) Software for Clinical Trial Management

Pharmacovigilance (PV) is a critical aspect of drug safety, focusing on detecting, assessing, understanding, and preventing adverse drug reactions or other drug-related problems. As global regulatory requirements for drug safety evolve, adopting reliable pharmacovigilance software has become essential for ensuring compliance and improving operational efficiency. Selecting the right PV software can significantly impact your organization’s […]

November 14, 2024
How to Integrate CTMS with EDC

Clinical Trial Management Systems (CTMS) and Electronic Data Capture (EDC) systems are critical to the effective management of clinical trials. By integrating CTMS and EDC, organizations can streamline processes, enhance data quality, and improve overall efficiency. Here are five key tips to ensure a successful CTMS and EDC integration. Effortless Integration of Flex Databases CTMS […]

Contact us

Get in touch to discuss compliance, implementation, demos, pricing

We are here for all of your questions! Tell us more about yourself and we will organize a tailored live demo to show how you can power up your clinical trials processes with Flex Databases.