Focus On Research, Not Legal Issues

Keep your data safe and your research compliant.

Legally-Compliant Research

Identity

Protection

First name, last name and birth date are automatically pseudonymized according to CNIL recommendations.

Electronic signatures

In accordance with FDA 21-CFR Part 11, you can add timestamped electronic signatures to patient records.

Cropping

Tool

Add images easily for any of your patients with our cropping tool. This feature allows you to anonymize uploaded images on the go.

Secured Patient Data

World Class

Hosting

Our application is hosted on
GDPR & Health compliant, ISO 27001 certified hosting (including HDS** certification).

All data is securely transmitted via HTTPS and TLS 1.3.

Granular Access Control

Easily define access and permission levels for all your collaborators. Plus, if one of your collaborators shares your data with someone else, you will be notified right away.

Strong Password Protocols

To ensure the highest levels of protection on your account and data, we maintain a strict password policy

ISO 9001 Certification

ISO 9001 is an international standard that specifies requirements for a quality management system (QMS). Organizations use the standard to demonstrate their ability to consistently provide products and services that meet customer and regulatory requirements.

Quality is paramount at EasyMedStat. Our processes and philosophy reflect this value. This is why our company has received the ISO 9001 certification.

Download Certificate

🇪🇺 GDPR Compliance

We fully comply with European General Data Protection Regulation.

The GDPR is a European Union regulation that establishes a new framework for handling and protecting the personal data of EU-based residents. It came into effect on May 25, 2018. It provides residents of the EU greater control over their personal data and assurances that their information is being securely protected across Europe.

EasyMedStat lets you exercise your rights and also gives you the ability to manage patient requests around personal data.

ISO 14155 compliance

You are a medical device company? Your clinical research should comply with the ISO 14155 standard.

EasyMedStat provides a robust set of features designed specifically to aid your compliance with ISO 14155.

🔐Built with Security in Mind

✔ Health-certified servers with ISO 27001 and HDS compliance

✔ NIST SP800-63B password policy

✔ Access control with user-level granular permissions

✔ Concurrent login prevention and automated idle logout
✔ Secured communication over TLS 1.3 protocol

✔ Database encryption with multiple 32-bit rotating keys

✔ Salt-hashing of identity data with SHA-256 hash function

✔ Automated backup database every 24 hours with 30-day storage
✔ Automated pseudonymization of identifying data

✔ Anonymization tool for images

🔬 Comply with Research Regulations

✔ Audit trail

✔ 21-CFR Part 11 Electronic signatures

✔ Queries

✔ Access control with user-level granular permissions

✔ Case report form freezing

✔ Access logs

✔ Software validation package

Is EasyMedStat GDPR compliant?

Where is my data stored?

I need to sign a DPA with EasyMedStat

Is EasyMedStat health compliant?

EasyMedStat is fully GDPR compliant.

EasyMedStat lets you exercise your rights and also gives you the ability to manage patient requests around personal data.

EasyMedStat is hosted on OVH in France.

All your data and your patient data is hosted in Europe and adheres to strict European privacy laws.

Our DPA (Data Processing Addendum) is part of our service terms.

By accepting our terms, you accept our DPA.

You can review it in our terms here.

EasyMedStat is health compliant

By offering you features such as automatic pseudonymization and automatic birthdate update, we create a health compliant framework that lets you focus only on your research.

Moreover, we comply with French law, one of the most demanding with regards to Health Compliance.

EasyMedStat is hosted on OVH, which has an HDS certification** to ensure the security and the protection of Personal Health Information.

Got Another Question?

Feel Free to Contact Us

Contact

* The CNIL (Commission Nationale de l'Informatique et des Libertés) is an independent French administrative regulatory body whose mission is to ensure that data privacy law is applied to the collection, storage, and use of personal data

** The HDS (Hébergeur de Données de Santé) certification is a French certification that provides a framework to strengthen the security and protection of Personal Health Information. See the full list of HDS certified host here.

ABOUT

Careers

Blog

SOLUTIONS

HELP

Contact

Help Center

Terms of use - Privacy Policy - Cookie Policy - Subscription Terms