Data security & regulatory compliance
We ensure that our products, services and client requirements comply with any appropriate national and international statute, law and guidelines. These include Data Protection and Privacy, Good Practices Regulation, Title 21 of the Code of Federal Regulations, and meeting regulatory guidelines on Medical Device Reporting and Medical Device Databases.
The British Standards Institution (BSI) a respected, globally recognised organisation with over 100 years of expertise is our ‘Notified Body’ and provides us with rigorous regulatory and quality management reviews and product certifications.
In the UK, the Medicines and Healthcare products Regulatory Agency (MHRA) is our ‘Regulatory Authority’, responsible by law for safeguarding public health by ensuring that healthcare products and medical equipment meet appropriate standards of safety, quality, performance, effectiveness and are used safely.
Security is a major concern for all studies. As an ISO 27001 certified company, Cambridge Cognition always ensures the highest levels of data security. All CANTAB® study data is synchronised between devices and centralised through secure cloud servers.
ISO 27001 Information security management
Adopting best practices to protect the integrity, confidentiality and availability of data to ensure organisation-wide protection.
Data transmission is secured using financial and healthcare industry standard techniques for encryption. Data is automatically sent with error-detection checks to ensure integrity on arrival. Our software performs further checks to ensure data transmission is complete before the encrypted local copies are deleted.
We keep data secure by:
- Encrypting data at rest
- Using HTTPS encryption for all data transfers
- Only permitting authorised users access to study data
- Secure servers in HIPAA/GDPR compliant private cloud
Cambridge Cognition and our platforms have been audited by the Medicines and Healthcare products Regulatory Agency and British Standards Institute, as well as external audits arranged by our customers.
We are committed to ensuring our products, services and staff meet the requirements of the following international standards:
ISO 9001 – Quality management
The provision of computerised cognitive testing systems and consultancy for academic research, pharmaceutical and healthcare customers, including associated training, technical support and data processing services.
ISO 13485 – Medical devices – Quality management system
Design and development of computerised cognitive testing systems for use in clinical assessment by healthcare professionals.
Our software development is completed in compliance with GAMP 5 guidance and our products are compliant with 21 CFR Part 11 and EU Annex 11. All software updates are reviewed prior to release, with validation documentation ensuring traceability from user story to test case results.
Our recommended hardware systems are tested using robotic tools to ensure that cognitive latency measures are accurately captured, ensuring test-retest reliability for all reaction-time measurements. Every new model we recommend has been rigorously assessed and validated for use.
For more information on our data security, quality management or technical validation processes, please complete the form below to get in touch.