Our Commitment to Security

Last Updated: 2023/09/28

We practice what we preach:

Studypages uses enterprise-grade security and regular audits to ensure you’re always protected. We undergo regular penetration testing and security reviews designed to be HIPAA and SOC 2 compliant.

Application Security

  • Data is encrypted in transit with TLS 1.2. Data is encrypted at rest with AES.
  • Independent third-party penetration, threat, and vulnerability testing.
  • User access controls with single sign on and MFA.

Our policies are based on the following foundational principles

  • Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.
  •  Security controls should be implemented and layered according to the principle of defense-in-depth.
  • Security controls should be applied consistently across all areas of the enterprise.
  • The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.

Continuous Security Commitment

  • Penetration Testing

We perform an independent third-party penetration test at least annually to ensure that the security posture of our services is uncompromised.

  •  Security Awareness Training

Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.

  • Third-Party Audits

Our organization undergoes independent third-party assessments to test our security controls.

  • Roles and Responsibilities

Roles and responsibilities related to our information security program and the protection of our customer’s data are well-defined and documented.

  • Information Security Program

We have an information security program in place that is communicated throughout the organization. Our information security program follows the criteria set forth by SOC 2 and HIPAA.

  • Continuous Monitoring

We continuously monitor our security and compliance status to ensure there are no lapses.

Data privacy

At Studypages, data privacy is a first-class priority—we strive to be trustworthy stewards of all sensitive data.

  • Privacy Shield

Studypages maintains an active Privacy Shield Membership

  •  Regulatory compliance

Studypages evaluates updates to regulatory and emerging frameworks continuously to evolve our program.

Clinical research, finally made easy.

Say goodbye to messy spreadsheets and hello to happier patients.

Schedule a demo
study pages logo
Contact:
 support@studypages.com
StudyPages © 2024 Yuzu Labs PBC
Privacy Policy Terms of use