LogoLogo
  • Introduction
  • Organizational security
  • Ubidots Architecture
  • Confidentiality
    • Formatting and Data Accumulation
    • Encryption in Transit
    • Encryption at Rest
    • All of Our Hired Personnel Must Sign an NDA
    • We Only Hire Directly
  • Transparency
    • Periodic Checks
    • Status Page
    • Support Channel
    • Open Source
    • Continuous Hacking to our Own Technology
    • Data Leakage Policy
  • Integrity
    • Isolated Websites
    • Code Management
    • Continuous Scanning for Vulnerabilities
  • Resilience
    • Incident Management and Resolution
    • Data Backup
    • Recovery Objective
  • Non-repudiation
    • Extensive Logs
    • Everything as Code
  • Authentication
    • For Clients
    • Internal
  • Privacy
    • Data Management and Retention Policy
  • Compliance
    • FDA 21 CFR Part 11
      • Validation
      • Audit Trails
      • Electronic Signatures
      • System Access Controls
      • Record Retention
      • Record Protection
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Compliance
  2. FDA 21 CFR Part 11

Record Protection

PreviousRecord Retention

Last updated 3 months ago

Was this helpful?

Requirement: "Record protection under FDA 21 CFR Part 11 ensures that electronic records are safeguarded against unauthorized access, tampering, loss, or destruction, maintaining their integrity and reliability".

Ubidots Assessment: Ubidots is committed to protecting records through strong technical and organizational measures, as outlined in our and . Key measures include:

  1. Encryption: All records are encrypted in transit and at rest:

    • Database Encryption: Ubidots databases are fully encrypted using AWS EBS with AES256 encryption. Database backups use AWS Backup with the same AES256 encryption standards. Sensitive client data is further secured using Advanced Encryption Standard (AES) in Galois Counter Mode (GCM) with 256-bit private keys and HMAC with SHA-256 hashes. .

    • In-Transit Encryption: All data in transit uses TLSv1.2 cryptographic protocol, and Ubidots maintains an "A" grade from SSL Labs. Digital certificates are renewed every 30 days to minimize security risks. Additionally, HSTS policies enforce HTTPS connections for all interactions with the Ubidots web app and API. .

  2. Access Control: Access to records is strictly limited to authorized individuals:

    • Direct database access is restricted to only two DevOps engineers and Ubidots’ CTO, all using secure SSH connections. Details can be found .

    • API access requires secure tokens, with token revocation supported to ensure compromised credentials are invalidated. Role-based access control and Two-Factor Authentication (2FA) further restrict access, ensuring that only authorized users can access or modify data. For more information, refer to .

  3. Redundancy and Backup: Ubidots employs AWS Backup with AES256 encryption to ensure that all database backups are secure and recoverable. These backups, along with redundant systems, protect against data loss in case of hardware failures or other incidents. More details are available in the and .

  4. Data Handling and Confidentiality: To prevent any data leakage or security issue:

    • Only authorized personnel can access sensitive systems, and secure access is ensured through strict SSH policies.

    • Industry-standard encryption protocols and secure infrastructure safeguard data confidentiality and integrity.

    • Learn more in our

Privacy Policy
Ubidots Architecture
Learn more
Learn more
here
Authentication for Clients
Ubidots Architecture
backup policy
Data Management and Retention Policy