Data Loss Prevention, Employee Monitoring

How Employee Monitoring Keeps Clinical Trial Data Secure

By Veriato Team

Clinical trials are a crucial step in developing new life sciences products such as drugs and medical devices. All tests – whether with large or small groups of people – require medical and personal information from patients upfront, and then proceed to collect data throughout the process. Ultimately, research companies are responsible for large sets of sensitive data and securing that information should be a top priority.

Why does clinical trial data need to be protected?

To begin with, there are legal requirements for medical data security. All clinical trials require medical histories and personal information from everyone in the study. To protect participants from medical fraud, clinical trial groups are legally obligated to secure this sensitive information. HIPAA and the FDA’s Code of Federal Regulations, as well as other regulations require the protection of sensitive medical records. Your group can be fined for violating these rules.

From a PR perspective, strong data protection policies can protect your reputation. Potential participants are more likely to take part in a study if your organization is respected and shows a commitment to privacy. Additionally, it is in your business’s best interest to secure clinical trial data to protect your competitive advantage. If a competitor obtains your data, they may be able to use it to put a new drug or medical device on the market first, with less research cost on their end.

Risks to clinical trial data

Personal medical histories are highly sought after by hackers looking to turn a profit; medical data is considered to be ten times more valuable than credit card information. With personal medical information, criminals can forge IDs and documents, illegally acquire drugs, and collect on fraudulent insurance claims.

Many clinical trial organizations rely on 3rd party services to provide materials, financial support, or data analytics. By increasing the number of people who can access clinical trial data, the insider threat risk goes up. The majority of data breaches are actually caused by insiders – either with malicious intent or by mistake. By widening the umbrella of possible insider threats through the involvement of 3rd party services, the need for data security multiplies.

Malicious insiders look for ways to use company data for personal gain or to harm the organization. They may attempt to steal clinical trial records and sell them to a competitor or take it with them for future career advancement. They may also attempt to use the data to embarrass the company in some way. Accidental information security breaches can happen by employees opening an email with malware or not correctly following security protocol (such as leaving an Electronic Healthcare Record open on a monitor).

Clinical trial data security tools

The Society for Clinical Data Management has published a popular whitepaper Good Clinical Data Management Practices that your organization should review and discuss ways to implement. In addition, you should be in compliance with all data security laws and regulations.

To further secure clinical trial data, consider deploying employee monitoring software. With this tool, you can track user activity to make sure only approved employees are accessing sensitive information, and that their behavior is normal for the task. For example, employee monitoring software can detect actions such as downloading data sets and storing them on an external drive, which could signal theft. With so much on the line – fines, reputation, sales, participant safety – and so many insider threats, employee monitoring software is an effective and efficient way to make sure your data is being handled appropriately and securely.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Work From Home, Quiet Quitting, and How Insider Risk Has Changed

Work From Home, Quiet Quitting, and How Insider Risk Has Changed

March 2023 marks approximately three years since the world shut down at the beginning of the Covid-19 pandemic. Since then, organizations have seen their workforce change considerably. What was originally a short term plan to work from home has become ingrained in our...

Focusing On Productivity Helps Reduce Insider Risk

Focusing On Productivity Helps Reduce Insider Risk

Many companies are concerned by the uptick in insider risk that’s come with the work-from-home boom. By one estimate,  58% of office workers work from home at least one day a week. This trend creates blind spots for companies. Managers see their employees less often,...

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz, CEO of Veriato, gave an interview to ISMG at this year's RSA Conference in San Francisco. In it, Elizabeth covers the challenges of maintaining data security in the remote or hybrid workforce environment and the rising cost of data breaches. She also...