Data Protection Considerations

Version of 30 April 2018

Flex Databases provides software solutions that support clinical trials conduction at all stages and one of our main priorities is confidentiality and integrity of our customers’ data. Flex Databases is concerned about data protection and privacy issues. Flex Databases protects customers’ data, ensures following the security regulations, and mitigates all potential risks which are essential to building trust and delivering the high-level of service.

Our security implementation allows us to adhere to the following standards and regulations, demonstrating our commitment to customers’ security and privacy: 

  • 21 CFR Part 11
  • HIPAA
  • GDPR

In terms of GDPR Flex Databases is the data processor, and the Company’s customers are the data controllers. Controllers are responsible for determining what data is to be collected and processors are involved in the data processing. Only customers decide which data is collected and how it is processed and stored. Flex Databases strictly fulfills the agreements with the customers and ensures that data is processed following the instructions by data controller.

Flex Databases provides to our customers the tools that allow to meet their data controller responsibilities under the GDPR. The examples of such tools are: 

  • tools for data pseudonymization
  • strong control of the system access rights
  • tool for data download at the sites at the end of the study
  • all traffic into and out of the Flex Databases Platform is encrypted using TLS/SSL protocol that leverages either SHA-2 or AES algorithms
  • all access to the user interfaces is encrypted via HTTPS/SSL

Flex Databases System is a modular-structured platform which is provided for customer use based on contractual obligations as a web-based system which includes the purchased module set that is specific for each customer. Standardly Flex Databases System is provided as ‘Software as a Service’ (SaaS) which is a software distribution model in which System supplier (Flex Databases) hosts applications and makes them available to customers cloud-based over the Internet.

Cloud-based means that storage and processing take place on servers hosted by Flex Databases in subcontracted data centers which are evaluated before contracting in accordance with the SOP-QA-011 ‘Purchasing and Vendor Assessment’.

Management of all personal data is designed in line with the requirements of data protection regulations. We store the data of our European clients in the qualified data centers located in the EU.

The appointed Data Protection Officer trains the staff in the GDPR and provides guidance on the related issues. In case of any data privacy concerns please contact: dl_privacy@flexdatabases.com

Blog

Data integrity assessment according to ALCOA++: Flex Databases eTMF is fully compliant

Data integrity has always been a critical point during the development of eTMF systems. One of the industry’s latest standards is ALCOA++, and our eTMF module is 100% compliant with ALCOA++.

Learn more
eClinical solutions as a major means of inter companies’ communication in Clinical Trials

lex Databases not just offers data flow from different partnering systems into ours, but we also do allow any users you want into Flex systems. 

Learn more
Flex Databases – your new powerful data house

With the launch of Flex EDC, you will be able to cover all the aspects of the clinical trial process and beyond within one platform.

Learn more
QA Director of Flex Databases to speak at Virtual European QA Congress 2022

Our QA Director Anna Petrovskaya will attend Virtual European QA Congress 2022, organised by the RQA, as a speaker. Date: 11.05.2015 Topic: What is the Audit Trail for the Auditor? Time: 14:00 You can find more detail and book your ticket here.

Learn more

Have we picked your interest?

Tell us more about yourself and we will organize a tailored live demo to show how you can power up your clinical trials processes with Flex Databases.