Security & Compliance

All data collected and sent using the Reportum solution is protected by the highest levels of physical security, software and process security.

Secure hosting

Security is a critical component of the Reportum solution. It is hosted in a GxP compliant hosting centre that complies with ISO27001 regulations and NIST security guidelines.

Secure hosting

The environment includes:

  • Logical and physical access restrictions
  • Secure network topologies
  • Full hourly backups and off-site backup storage
  • Failover to a secondary site to support Disaster Recovery
  • Proactive performance and Security Incident and Event Monitoring (SIEM) using market leading monitoring and security software
  • Dedicated client application and full client data segregation
  • Full data encryption of all data in transit

We also subject our environment to regular independent Load and Security Penetration testing to provide our clients with additional assurance.

A Fully GxP Qualified Environment

The Reportum solution infrastructure is qualified based on GAMP “Good Practice IT Infrastructure and Compliance”. Evidence of this qualification is available for client audit and inspection.

The Reportum application is also tested in line with GAMP good practice, and a full verification report is supplied to clients, summarizing the MyMeds&Me internal testing, testing evidence and our release processes. Provision of this full verification evidence supports and speeds our client's GxP validation activities. On-going compliance is assured via a rigorous change control and release management.

A Fully GxP Qualified Environment

Compliance with Electronic Records Regulations

The Reportum® solution was designed from the ground up to be compliant with relevant international regulatory requirements such as FDA 21CFR Part11 and EMA. (Eudralex vol.4 Annex 11)

The solution ensures the control and integrity of all patient and clinical data by a combination of strict access limitations, data encryption in transit, time stamping, auditing and inbuilt system controls. All of these ensure that data, once captured and submitted, cannot be changed except by the audited creation of a new version. System and administration functions are also monitored and audited. Records are secured in accordance with international data privacy requirements and, subject to client’s requirements, can be maintained indefinitely.

Compliance with Electronic Records Regulations

“Our selection of the Reportum solution reflects our commitment to streamline our call handling processes with state of the art electronic solutions.”

Vice President, Pfizer Inc

Find out how Reportum can help your organisation

Get in touch with one of our experts to learn more or request a demo.

Keep informed

For expert insight and updates from the MyMeds&Me team.

We respect your privacy and we will only use your email address for newsletters and company updates