How Flex Databases Helps You to Be Compliant

compliant with FDA
ISO 9001-2015 label certification new version
banner-gamp
ISO 27001_2022

Clinical Trials Data Security

Flex Databases Security Policy Overview

Flex Databases Platform is designed to help our Clients to work securely with their data and deliver it to users, customers, and partners, and to drive better business outcomes. Flex Databases protects Clients’ data, ensure the following security regulations, and mitigates all potential risk which is essential to building trust and delivering the high level of service. Flex Databases takes a risk-based approach to security, and this page details the measures and technologies implemented to protect our customers.

Our security implementation allows us to adhere to the following standards and best practices, demonstrating our commitment to customers’ security and privacy:

  • 21 CFR Part 11
  • HIPAA
  • GDPR

As a SaaS provider Flex Databases pays great attention to the safety of the data on all levels. We use only the best scenarios and industry practices to keep and protect customers’ data: from physical security at the data centers to full control using audit trail at the data level:

  • Processes (SOPs, IQs, PQs, WPs)
  • Physical
  • Infrastructure
  • Virtual environment
  • Application
  • User
  • Data
We have a strict backup policy:

To maintain a robust disaster recovery strategy, backups are retained at separate Flex Databases data centers at a geographically different location within the same region as the primary data center, with the same level of physical and infrastructure security described above, to maintain a robust disaster recovery strategy. All backups are encrypted-in-transit to the separate data center and are encrypted-at-rest while stored at that location. We are in the total charge for the security of data; that’s why we use the best experience in data storage and backup technology.

  • We use GFS (grandfather-father-son) rotation strategy.
  • We do an incremental backup of all client’s data two times per day, including weekends.
  • We perform FULL back up every day, including weekends.
  • We keep data for the last two weeks, for the previous two weeks, per each month of the year and per each year all the time.

If you have any questions, regarding our security policy or any other questions, send us an e-mail at contact@flexdatabases.com

ISO 27001 this certificationISO-9001_2015Flex Databases ISO_9001 Certificate FDBISO 27001_2022

Validation

Stay Compliant, Stay Confident

In today’s regulatory landscape, software validation is not just an option — it’s a necessity. Validated software is a key requirement, mandated by regulatory bodies like the WHO Expert Committee on Specifications for Pharmaceutical Preparations and the EMA Guideline on computerized systems and electronic data in clinical trials.

At Flex Databases, we understand the importance of compliance and accuracy in clinical trials. Our validation process ensures that all computerized systems used within a clinical trial consistently meet specified requirements, ensuring reliability and intended performance throughout the product’s lifecycle.

Validation as a service

We happily apply our hassle-free, quality-driven validation experience to support our clients. Our expert team follows best practices, aligning with regulatory guidelines. The validation methodology is based on GAMP® 5 guidance. We employ an Agile & SCRUM approach, frequently updating our systems to keep pace with industry trends and regulatory changes.

Validation deliverables

We provide all the necessary documentation to be included in the Client’s validation package:

  • Validation Summary Report for all our validation efforts as system developer
  • User Requirements Specifications
  • OQ Testing Summary Report
  • User Manual
  • Release Notes
  • IQ documentation
  • Maintenance Plan
  • Training Certificates
  • And we do provide the necessary documents ensuring you are aware of and control all the changes implemented into the system after the first release to production.
Your Success Is Our Priority

As your trusted partner, we offer comprehensive services and deliverables for streamlined GxP-regulated system validation.

  • Formalized User Requirements Specification (URS) compliant with 21 CFR Part 11 for e-records and e-signatures
  • Deployment of Client’s private cloud instance with Installation Qualification (IQ) documentation
  • Training in accordance with our Quality Management System, industry standards, and applicable regulations
  • Updated validation documents with every new system version release, adhering to risk-based approaches recommended by industry standards
Global Reach, Top Performance

Our data centers, located worldwide, are handpicked from an approved vendor list. This strategic approach not only ensures regulatory compliance but also guarantees stable performance. For EU-based clients, we offer data centers in Germany and Finland, and US centers for our American clients. All the centers have successfully passed the vendor-assessment audits and comply with personal data protection regulations.

Let’s Accelerate Your Validation Journey

We believe in making the validation process smooth and efficient for our clients. Our team is ready to guide you through the system during your user acceptance testing (UAT), providing the necessary documents to ensure your success.

Your Audit-Ready Partner

Flex Databases’ Quality Management System (QMS) covers all processes, supporting vendor assessment with a comprehensive range of documents, ready for your audit needs. We’ve successfully passed numerous external audits by esteemed international CROs, pharmaceutical companies, and independent auditors.

Reach out to contact@flexdatabases.com to embark on a seamless validation journey with Flex Databases.

Learn more about regulatory recommendations regarding validation with these valuable resources:

Blog

July 3, 2025
Everest CRO Experience with Flex Databases

Dana Leff Niedzielska, MBA, SVP of Global Clinical Operations at Everest Clinical Research, shares her experience using Flex Databases’ CTMS and eTMF. In this interview, Dana highlights how Flex Databases supports Everest CRO’s clinical operations. Learn why Everest chose Flex Databases as their trusted technology partner and why they continue to rely on and trust […]

July 1, 2025
What’s New This June: Smarter Imports, Cleaner Reports, and More Flexible APIs

Pre-Validation for CRA Reports The Monitoring Activity report tab now features a validation preview. Users can check for missing fields and review validation messages before generating the final report – enabling more accurate submissions and reducing the need for rework. Bulk Imports for Milestones and Assumptions You can now bulk import project milestones and assumptions […]

June 24, 2025
ICH GCP E6(R3) is about to go live in the EU

The countdown is on – ICH GCP E6(R3) is about to go live in the EU, and everyone’s getting prepared! As a service provider (you caught that new R3 definition during training, right?), Flex Databases is here to support you through the transition. Let’s highlight a few areas that are especially important for our clients: […]

June 19, 2025
Checklist: Migrating from a Legacy TMF to an eTMF

Many clinical trial teams still rely on a legacy TMF – whether that means physical binders or outdated digital folders lacking structure and traceability. These systems often fall short in today’s increasingly regulated, fast-paced environment, making oversight and compliance more difficult. That’s why more sponsors and CROs are transitioning to a modern eTMF. A modern […]

Contact us

Get in touch to discuss compliance, implementation, demos, pricing

We are here for all of your questions! Tell us more about yourself and we will organize a tailored live demo to show how you can power up your clinical trials processes with Flex Databases.