数据共享中安全的考虑

[wanghaisheng]

http://rethinkingclinicaltrials.org/chapters/dissemination/data-share-top/data-sharing-and-embedded-research-introduction/
https://www.nejm.org/doi/full/10.1056/NEJMsa1713258
http://rethinkingclinicaltrials.org/news/podcast-july-17-2018-clinical-trial-participants-views-of-the-risks-and-benefits-of-data-sharing-michelle-mello-jd-phd/

[wanghaisheng]

https://www.innoplexus.com/technology/

We follow highest European Security Standards

Data lake on cloud
Two stage authentication of servers
No remote db access – all ports blocked
Data in db encrypted – decrypted only run-time by applications
Virtual Private Clouds (restricted instances) – no access to peer
Private IPs never disclosed to outside world
Proxy server based db access (even to the applications)
Access in proxy server maintained via public – private key infra

Cyber Security

Real time monitoring with ELK
No personal device policy (all drives closed)
At par with ISO 27001
Continuous monitoring and alerts on every hardware
Regular internal audits

Enterprise Data

Connection to client’s enterprise data store through
IPSec tunnel (secured one to one communication)
Even backup is encrypted
Entire source code maintained on private Git

Compliance

• GDPR ready
  • Pseudonymisation
  • Privacy by design
    GCP
    HIPAA ready