MediLedger Security & SOC 2 Type 2 Compliance

Devotion to Security

On Chronicled's MediLedger network, we are dedicated to maintaining the highest standards of data security and privacy. Our commitment is demonstrated through our SOC 2 Type 2 compliance, covering key aspects like security, availability, processing integrity, confidentiality, and privacy​​.

About MediLedger

MediLedger is a secure technology network providing transaction services in the pharmaceutical industry:

Automation for sharing company rosters and contracts within the Life Sciences industry.

Enabling trusted and automated settlements for inter-company transactions.

Providing a Network-as-a-Platform with established protocols for sharing various kinds of information and transactions​​.

Key Security Measures

Robust IT Infrastructure: Our services are supported by a comprehensive blend of physical and virtual IT resources, including secure data storage, environmental monitoring equipment, and advanced networking capabilities​​.

Virtual Environment Management: All of Chronicled's systems are hosted on the Google Cloud Services Platform (GCP), with strict access control managed by a team of experts​​.

Change Management and Monitoring

Change Management Process: We have a formalized change management process, where any proposed changes are reviewed and approved by a dedicated committee. This ensures that all changes, especially those going into production, are thoroughly tested and documented​​.

Security Monitoring: Our security administration team uses various tools to monitor and identify potential security threats. This includes managing firewall configurations, IDS alerts, and tracking security events​​.

Data Backup and Access Control

Data Backup: We use specialized software for data backup in the cloud, with access restricted to authorized personnel, ensuring data availability and recovery​​.

Access Control: Access to our production environment is strictly controlled and granted only upon approval. We have robust procedures for verifying user access during hiring and termination processes​​.

Risk Control and Information Security Policy

Continuous Risk Assessment: Our DevOps team is committed to regular risk assessments to ensure the security and integrity of our services. Any vulnerabilities found are promptly addressed and managed through our ticketing system​​.

Information Security Policy: We have an extensive information security policy to ensure our employees are well-informed of their roles and responsibilities. This policy is supported by both formal and informal training programs​​.

Vulnerability Management

Proactive Vulnerability Tracking: Our DevOps team actively monitors and responds to vulnerability alertsensuring continuous improvement in our security posture​​.

View Our SOC 2 Report

To download a copy of our SOC 2 Report, click here.