Will our IRB accept Ripple?
Ripple has been already been approved by multiple institutional Institutional Review Boards (IRBs). IRBs vary in how they interpret the applicable regulations regarding the maintenance and storage of participant personal identifiable information. We encourage you to contact your IRB to discuss your potential use of Ripple. A suggested template for your IRB application can be found here.
Our security features include:
-
2048-bit next generation data encryption during transfer (between your computer and the database server).
-
Full database encryption (i.e., encryption at rest).
-
Logical segmentation of customer data with separate dedicated databases (no access or sharing of data between customers)
-
Separate database and application servers.
-
Automatic user logoff.
-
Custom access permission (keep participant information from lab users who do not need access to participant data).
-
Daily database backup.
-
Dedicated Firewall.
-
Strong password required for all users.
-
Backend 24/7 monitoring of suspicious activities.
-
Access to audit logs and easy view of all data alterations (know who view, added, deleted, or altered your data).
-
Certified database centers (your data is stored in data centers that have been certified as compliant with SSAE16 SOC2 guidelines).
-
Administrative safeguards.
-
Business Associate Agreements for HIPAA-compliant plans.
Please let us know if we can provide you with any additional information that would help in your discussion with the IRB.