TrialKit Cloud networking and data storage employs 3rd party services provided by Amazon Web Services (AWS) around the globe, for both primary hosting and data backup/recovery.
Location of data hosting location is determined at the time of study licensing and is indicated on the agreement along with any applicable contracts and addendums required by the client or regulatory authorities.
As of August 2020, Crucial Data Solutions (CDS) is contracted with the following AWS facilities:
- EU West - Ireland
- EU West - Paris
- US East - Ohio
- US West - Oregon
Processing, Security and Reliability
AWS is a well known and reliable provider of SOC and HiTrust-certified hosting and networking services. Read more about compliance programs here.
The sub-services configured by CDS within the AWS VPC boundaries are:
- RDS for PostgreSQL databases
- Ec2 virtual servers
- S3 for backups and logs
- SNS for notifications
Data connections and storage are encrypted using the healthcare-industry standard AES 256/TLS 1.2 SSL and 2048-bit RSA public keys. VPN and Firewall ACLs control access at the cloud level. Network vulnerability assessments and penetration testing are performed routinely.
Client data on the TrialKit cloud is stored in isolated schemas within the database. Access to the data within a schema is managed directly by the named client Administrators or other user-defined permissioned role levels. Audit trails display history of user roles and permissions along with last access.
User-based Application level security uses 2-factor authentication and optional Oauth2 single sign-in tools.
Private cloud environments configured and managed by CDS are available.