A Trusted Partner
At Saama, we are committed to setting and maintaining a high standard of quality, compliance, and security for our vendors, partners, and customers.
Saama is committed to setting and maintaining the highest standards of quality, compliance, and security for our vendors, partners, and customers and invests in modern infrastructure to provide an innovative, scalable, global, predictable, and secure environment. We are committed to ensuring our services are available for operation and use at times set forth in service-level agreements, protected against unauthorized physical and logical access – and 24/7/365 onsite monitoring – and that our system processing is complete, accurate, timely, and authorized.
For Saama’s SaaS platform, we have implemented numerous security controls, including:
- Data at rest encryption: Strong Data Encryption (AES 256) during storage, use of transparent encryption where applicable.
- Data in Transit: Data is secured with SSL / TLS 1.2. Provision to enable custom cipher/encryption key mechanism for client-side encryption.
- Confidentiality: Saama’s platform leverages AWS infrastructure and has the capability to ensure the ongoing confidentiality through system security features such as role-based access for infrastructure components/services, application data store, and application view layer. Role based can be configured based on functional roles, departments, and various other parameters.
- Data Integrity: Robust authentication mechanism, Saama’s platform features to use SAML, OAuth, and LDAP authentication mechanism and provide seamless single sign-on in accordance with corporate security standards of our customers.
- Audit Trail and Logs: Audit trail and usage logs are available to track and analyze access patterns.
Quality Management and Regulatory Compliance
Saama maintains a robust and inspection-ready Quality Management System (QMS) supported by policies and procedures that ensure our software products and services are developed, implemented, and maintained in a manner that meets regulatory compliance and the needs and expectations of our clients. Saama’s QMS is verified through internal audits and compliance assessment reports against ICH E6, 21 CFR Part 11, and relevant state laws, as applicable.
Saama takes stewardship of patient data (and all individuals data) very seriously and is committed to ensuring compliance with applicable data protection laws. This starts with a strong foundation of security to protect the confidentiality and integrity of the data as outlined above under the “Security” Section. For additional information about how the company complies with applicable data protection laws, please visit our Privacy Notice.
Saama supports customers that are subject to the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations as amended by the regulations promulgated pursuant to the Health Information Technology for Economic and Clinical Health Act, Title XIII of the American Recovery and Reinvestment Act of 2009 (collectively, “HIPAA”)where it is applicable to its services. This includes ensuring the confidentiality, integrity and availability of the data as further outlined above under the “Security” Section above.
For any inquiries regarding security, compliance, and/or privacy, please contact [email protected].