|
_ |
A PROTECTED AREA
The first feature of a C.R.N.M.S. like CTDMS is to concentrate all data and software procedures on main centralized servers. This intrinsically allows a greater control on the physical and software data access, as to the data management procedures.
|
| _ |
AN ADVANCED TECHNICAL STRUCTURE
A specialized Data Center is able to grant high standards of security: GM Servizi is a ISO IEC 27001 (ex BS 7799-2) certified company for its Information Security Management System.
Specifically, its structures possess procedures and technologies:
- to control the physical and logical access,
- to protect against intrusions and fires,
- to guarantee continuous power supply,
- to assure performance and Internet connectivity redundancy,
- to provide daily data backup,
- to ensure anti-intrusion and malware protection,
- to guarantee constant monitoring for business continuity...
|
| _ |
ENCRYPTED DATA TRANSMISSION
The Internet communication between different peripheral workstations and the main servers is operated only trough encryption technologies (Secure Server: SSL protocol with double symmetric key) usually employed by banking systems to manage financial transactions.
Under specific Customer’s request, CTDMS offers also the implementation of more complex solutions, like Virtual Private Networks or Personal Certificates for the users or Smart Cards Authentication.
|
| _ |
AUTENTICATION
The system grants access to users exclusively on individual basis. Every user has a unique public name and a reserved password which logs him into the system and offers the possibility of automatically signing specific data changes.
The system controls that the same credentials are not being used at the same moment from different places; the user identity is always displayed on the screen during the working session.
User credentials are transmitted only during the authentication phase, then a sophisticated O.T.P. (One Time Password) mechanism allows the user to employ the system without further necessity of communicating the personal identity.
|
| _ |
PASSWORD POLICY
The system provides and controls a strict password policy to certify the user identity when he connects to the system.
The password has to respect certain parameters (length and composition), cannot be re-employed and must be changed at
given times.
|
| _ |
USER PROFILES
The system owns an effective profiling system which allows to define roles and authorizations for every single user with a great degree of flexibility.
The system administrator may give different roles to the same user, not only in relation to different functionality modules, but also in relation to different project and studies managed by the system.
|
| _ |
DATA VALIDATION
The system provides a strict data input validation system, which allows to automatically prevent common typing errors, particularly when collecting
C.R.F. (Clinical Report Form) data.
|
| _ |
AUDIT TRAIL
The system employs an Audit Trail mechanism for all input operations. This mechanism signs all data-change operations with a TimeStamp and with the User identity, thus always allowing to backup the system to a precise moment of its past history, coming back trough all data modifications.
|
| _ |
SYSTEM LOGGING
Not only does the system provide a common procedure of continuous logging of the interactions between the users and the main servers (Access Log), but it also offers a simple real time system to monitor and visualize all connected users.
|
e-crf
