HIPAA Compliant (GDPR and 21 CFR Part 11 Compliant)
HIPAA-compliant servers and processes are used. All data gathered by the Mosio platform (PHI or non-PHI) is subject to the same security, privacy, and breach notification measures that apply to our clients who are subject to HIPAA standards and are bound by a client BAA.
Mosio is compliant to FDA 21 CFR PART 11, including supplemental documents:
– Guidance For Industry Part 11, Electronic Records; Electronic Signatures — Scope and Application
– Guidance for Industry Computerized Systems Used in Clinical Investigations.
Mosio complies with client and regulatory requirements in crucial areas such role-based limited access, validation, data protection, data retrievability, audit trials, date/time stamps, and system training documentation. Mosio follows a defined SDLC and Quality Policy. Contact us for documentation or if you have questions about how we’ll ensure privacy and data security.