MediLedger Security & SOC 2 Type 2 Compliance
Devotion to Security
On Chronicled's MediLedger network, we are dedicated to maintaining the highest standards of data security and privacy. Our commitment is demonstrated through our SOC 2 Type 2 compliance, covering key aspects like security, availability, processing integrity, confidentiality, and privacy.
MediLedger is a secure technology network providing transaction services in the pharmaceutical industry:
Automation for sharing company rosters and contracts within the Life Sciences industry.
Enabling trusted and automated settlements for inter-company transactions.
Providing a Network-as-a-Platform with established protocols for sharing various kinds of information and transactions.
Quick Learn? Look Here...
Key Security Measures
Robust IT Infrastructure: Our services are supported by a comprehensive blend of physical and virtual IT resources, including secure data storage, environmental monitoring equipment, and advanced networking capabilities.
Virtual Environment Management: All of Chronicled's systems are hosted on the Google Cloud Services Platform (GCP), with strict access control managed by a team of experts.
Change Management and Monitoring
Change Management Process: We have a formalized change management process, where any proposed changes are reviewed and approved by a dedicated committee. This ensures that all changes, especially those going into production, are thoroughly tested and documented.
Security Monitoring: Our security administration team uses various tools to monitor and identify potential security threats. This includes managing firewall configurations, IDS alerts, and tracking security events.
Data Backup and Access Control
Data Backup: We use specialized software for data backup in the cloud, with access restricted to authorized personnel, ensuring data availability and recovery.
Access Control: Access to our production environment is strictly controlled and granted only upon approval. We have robust procedures for verifying user access during hiring and termination processes.
Risk Control and Information Security Policy
Continuous Risk Assessment: Our DevOps team is committed to regular risk assessments to ensure the security and integrity of our services. Any vulnerabilities found are promptly addressed and managed through our ticketing system.
Information Security Policy: We have an extensive information security policy to ensure our employees are well-informed of their roles and responsibilities. This policy is supported by both formal and informal training programs.
Proactive Vulnerability Tracking: Our DevOps team actively monitors and responds to vulnerability alertsensuring continuous improvement in our security posture.
View Our SOC 2 Report
To download a copy of our SOC 2 Report, click here.