Data Security

Data Protection Measures
Encryption
Access Controls
Authentication
Login Security
Multi-Factor Authentication
Data Storage
Cloud Infrastructure
Data Isolation
PHI Handling
Data Integrity
Incident Response
Your Role in Data Security
Best Practices
Related

Data security encompasses the measures and controls that protect your clinical research data from unauthorized access, modification, or loss.

Data Protection Measures

Encryption

Type	Implementation
In Transit	TLS 1.2+ for all connections
At Rest	AES-256 encryption for stored data
Database	Encrypted database storage
Backups	Encrypted backup storage

Access Controls

Control	Purpose
Authentication	Verify user identity
Authorization	Control resource access
Role-Based Access	Permission by role
Session Management	Secure session handling

Authentication

Feature	Description
Password Requirements	Strong password policies
SSO Support	Google, Microsoft integration
Session Timeout	Automatic logout after inactivity

Multi-Factor Authentication

When available:

Additional verification step
SMS or authenticator app
Reduces unauthorized access risk

Data Storage

Cloud Infrastructure

Carelane uses enterprise cloud services:

Aspect	Implementation
Provider	Enterprise-grade cloud
Regions	Configurable data residency
Redundancy	Multiple availability zones
Backups	Regular automated backups

Data Isolation

Level	Isolation
Organization	Separate data contexts
Study	Study-specific access
PHI	Special handling for sensitive data

PHI Handling

Protected Health Information receives special treatment:

Measure	Purpose
Access Logging	Track all PHI access
Minimization	Collect only needed PHI
Encryption	Additional encryption for PHI
Access Control	Strict role requirements

Only collect PHI that is necessary for your study. Configure PHI settings thoughtfully.

Data Integrity

Measures to ensure data integrity:

Measure	How It Works
Audit Trails	Complete change history
Version Control	Track all modifications
Validation	Prevent invalid data
Checksums	Detect data corruption

Incident Response

If a security incident occurs:

Detect

Automated monitoring detects issues.

Contain

Immediate containment actions.

Assess

Evaluate scope and impact.

Notify

Notify affected parties as required.

Remediate

Fix the underlying issue.

Your Role in Data Security

Action	Importance
Strong Passwords	First line of defense
Don’t Share Credentials	Maintain accountability
Report Concerns	Early detection
Follow Policies	Consistent protection

Best Practices

Secure Your Account

Use strong, unique passwords. Enable MFA if available.

Limit PHI Collection

Only enable PHI fields you actually need.

Secure Exports

Protect exported files appropriately.

Report Issues

Report any security concerns immediately.

Access Control

Managing access permissions.

Audit Trails

Activity logging.

Security & Compliance Access Control

Organization Admin

Security & Compliance

Troubleshooting

Data Protection Measures

Encryption

Access Controls

Authentication

Multi-Factor Authentication

Data Storage

Cloud Infrastructure

Data Isolation

PHI Handling

Data Integrity

Incident Response

Your Role in Data Security

Best Practices

Access Control

Audit Trails

Organization Admin

Security & Compliance

Troubleshooting

​Data Protection Measures

​Encryption

​Access Controls

​Authentication

​Login Security

​Multi-Factor Authentication

​Data Storage

​Cloud Infrastructure

​Data Isolation

​PHI Handling

​Data Integrity

​Incident Response

​Your Role in Data Security

​Best Practices

​Related

Access Control

Audit Trails

Data Protection Measures

Encryption

Access Controls

Authentication

Login Security

Multi-Factor Authentication

Data Storage

Cloud Infrastructure

Data Isolation

PHI Handling

Data Integrity

Incident Response

Your Role in Data Security

Best Practices

Related