Trust center
You trust us with your information.
We take that seriously.
Your information is not only important to you, it’s important to us.
We recognize the importance of maintaining the confidentiality, integrity, and availability of your information as well as the protection of our own valuable business assets and applications.
We are ISO 27001 and ISO 9001 certified.
Our ISO 9001 and ISO 27001 certifications demonstrate our investment and dedication to exceptional quality management and information security standards, ensuring a secure, high-quality partnership. These certifications mark our continuous journey towards excellence, underpinning our commitment to enhancing client satisfaction and fostering a trusted ecosystem for our study participants, clients and employees.
Our security framework
We use a variety of reliable security technologies as well as a unique combination of trained personnel, mature business processes, and regular third-party audits measured against several international and U.S. standards. Our security framework includes the following 5 categories of controls:
We consider these controls foundational for effective information security and privacy. By understanding the business context, resources that support critical functions and the related information security risks, we focus our efforts and resources to properly secure the network and cloud resources.
Our information security controls focus on implementing the appropriate safeguards to ensure the safe functionality of systems, applications, and services. These activities are performed consistently with our risk strategy and support the ability to limit or contain the impact of a potential information security event.
These controls focus on situational awareness to ensure the timely identification and response to potential information security or privacy incidents. By decreasing response time, we increase our ability to limit or contain incidents with the least amount of negative consequences.
The focus of the Response controls is on the processes used to act when an information security or privacy event is detected. These controls support our team’s ability to contain the impact of a potential incident.
These controls focus on restoring capabilities or services that were impaired during an incident. The Recover controls support our ability to return to “normal” operations as rapidly as possible and with minimal disruption.
Data privacy
Earning client and research participant trust is the foundation of our business. We have a formal Data Privacy Program that is overseen by our Data Protection Officer. Our program complies with all jurisdictions in which we operate.