Trust

Privacy and security are foundational

We are committed to building partnerships by providing reliable and secure cloud services.

Data security is critical for the industry Vineti supports. We protect our customer data with best-in-class physical, network, application, and data-level security. Our focus on building rigorous and advanced infrastructure stems from our deep commitment to ensuring reliability, privacy, impenetrability, predictability, and scalability for our valued customer partnerships.

Our customers are the data controllers; Vineti is the data processor. Our customers have full control of their proprietary data entered into the platform.

Vineti uses Amazon Web Services (AWS) as its primary cloud infrastructure provider, enabling all of Vineti’s customers to scale safely.

For additional security, HIPAA protection guarantee, and back-up monitoring, Vineti also maintains an infrastructure layer with Datica.

Vineti regularly performs internal penetration and vulnerability testing, as well as regular tests by an independent third party to ensure that the platform is secure.

Secure Icon.svg

ADDITIONAL SECURITY PRACTICES INCLUDE:

  • Zero Trust network infrastructure
  • AWS security toolkit
  • Intrusion Detection, including behavioral modeling
  • MD5-hashing of e-Signature documents
  • TLS v1.2 support
  • End-to-End Encryption
  • 2FA and VPN
  • Physical Access Controls
  • Per-tenant HW encryption keys
  • Log aggregation and analysis
  • IDS/IPS, WAF, and CMDB
  • Least privilege access controls
  • Automated configuration reconciliation

Operations and Availability Tab Icon.svg

Vineti is run on an ISO 27001 security program. As such, our commitment is to ensure our services are available for operation and use at times set forth in service-level agreements, protected against unauthorized physical and logical access, and that our system processing is complete, accurate, timely, and authorized.

100% of Vineti’s infrastructure is continuously replicated to a second geographic location, ensuring high availability, and rapid disaster recovery.

Integral to Vineti’s mission is an industry-leading compliance program that assumes data protection across all products and services necessary for modern healthcare systems.
 

HIPAA-Compliant.jpg

Patient privacy is of paramount importance to Vineti, especially as a standard-setting cloud provider for our industry. Vineti has in place the physical, network, and process security measures to ensure ongoing HIPAA Compliance.

GAMP5-logo.png

Good Automated Manufacturing Process (GAMP® 5) is a guidance issued by the International Society for Pharmaceutical Engineering (ISPE). That guidance, GAMP® 5: A Risk-Based Approach to Compliant GxP Computerized Systems, provides compliance and validation standards for computerized systems supporting the industry. Vineti adheres to these standards and practices in the specification creation, verification, and testing processes.

GDPR-logo.png

The General Data Protection Regulation (GDPR) is a European Union (E.U.) regulation that took effect May 25, 2018 with the intent to simplify and harmonize data protection laws in E.U. Member States. Vineti has comprehensively evaluated GDPR requirements, is committed to providing privacy and security practices to ensure compliance for all customers operating and/or based in the E.U.

FDA-logo.png EMALogo.png

Vineti enables our customers to meet FDA and EMA compliance of therapeutic delivery of Personalized Therapies. Up-to-date on the quickly evolving guidelines provided globally, Vineti makes each customer’s supply chain operations safer and more reliable. Vineti is the only independent commercial supply chain solution that has been reviewed by the FDA as part of a personalized cell therapy product review and approval. This means our customers can trust that using Vineti will provide more streamlined regulatory review and inspection.