Data Protection, Security & IP in SciNote ELN
Keep your research data encrypted and backed-up in SciNote and utilize SciNote’s security features to safeguard your work.
You are always using the up-to-date software
SciNote is currently in the US FedRAMP Authorization process as a part of our commitment to customer needs and the trust they place in our product.
Our security standards align with and go beyond the requirements of many security certifications. SciNote is used at the FDA, USDA and other industry organizations.
Here are the approaches we are taking to keep your data protected:
We demoed a variety of different ELN software solutions over a period of around nine months with different teams within research. As well as being ‘easy to use’, we also had requirements such as single sign on, and being compliant with EU law in relation to GDPR etc. SciNote provides a relatively easy to use interface considering the amount of functionality as well as our security requirements.
Nathan AdamsSenior Scientist, NanoTemper (CA, USA)
“We demoed a variety of different ELN software solutions over a period of around nine months with different teams within research. As well as being ‘easy to use’, we also had requirements such as single sign on, and being compliant with EU law in relation to GDPR etc. SciNote provides a relatively easy to use interface considering the amount of functionality as well as our security requirements.” Nathan Adams
Senior Scientist, NanoTemper (CA, USA)
Link to: https://www.scinote.net/testimonials/nanotemper/
Cloud-based software with security benefits
SciNote Electronic Lab Notebook is a cloud-based software, which means the application is available online. Users access SciNote ELN with their username and password, allowing them to manage their research data and collaborate with others in real-time.
Security-wide, this means that:
Infrastructure security
SciNote utilizes the Amazon Web Services (AWS), one of the strongest platform providers available, to host your data.
Your instance is independent
Each SciNote Premium client (industry and academic plans) is hosted in a single-tenant environment and has its own application instance.
You maintain full rights over your data
This is clearly stated in our Terms of Service.
100% data persistence via multi-regional backups
SciNote utilizes data centers in North America, Europe, Asia, and Oceania, with data backed-up in Dublin, Ireland, EU.
Your data is encrypted
Your data is encrypted both when it is in transit between the client (e.g., the browser you use to access SciNote) and the server, and at rest (stored or backed up).
Local installation available
Please contact us for additional information. Infrastructure security for the self-hosted SciNote will remain the responsibility of the customer. For a comparison of data security pros and cons between cloud-based vs on-premise software, visit this page.
With the help of SciNote implementation specialists, we chose which features of the software worked best for us and defined a company-wide method for recording data. SciNote then trained all our staff.
Rita CruzSection Head (Strain Engineering) , Ingenza (UK)
Software development & application security (SDLC)
SciNote takes a compliance-by-design approach in our SDLC where we ensure we’re meeting industry standards and regulatory commitments. In doing so, we also provide features to help meet customers’ global requirements.
Additionally, SciNote has been developed using agile software development practices, which allow us to have frequent software releases.
Agile software development practices also prioritize software quality by design. Testing and debugging are a vital part of every software development cycle; they are incorporated in the process by default.
SciNote data protection and security features
Data protection and security policies
Operational security
A few key practices and processes related to operational security are incorporated into the quality management activities at SciNote, including but not limited to:
- Routine internal auditing
- CAPA (Corrective and Preventive Action) processes
- Ongoing security testing and validation
- A streamlined bug reporting process
Organizational and Corporate security
SciNote’s security policy encompasses standards and protocols for the handling of physical space, data security, data encryption, data transmission, handling of security incidents (security incident response plan), reporting of security incidents, and security education.
Additionally, we implement the following plans and policies:
- Vendor assessment and management plan for when a third-party vendor service is utilized
- Change management policy that establishes a formal framework for managing changes within SciNote, including changes to code and infrastructure, ensuring a controlled and efficient process while upholding key principles and facilitating effective communication.
- Recovery and Business Continuity Planning (coming soon)
GDPR, CCPA, and Users Privacy Policy
SciNote is committed to complying with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) by making personal data protection across our company a priority.
A detailed, simple and transparent description of our handling of Users personal data can be found in our SciNote Users Privacy Policy.
Data security was another motivating factor [to transition to an ELN]. We once had a faulty fire sprinkler go off and damage several notebooks. When this happened, we knew we had to find a better way to protect our data.
Chris LandersSenior Protein Chemist, Athens Research and Technology (GA, USA)
FedRAMP & Security Certifications
We are proud to announce that SciNote is currently in the FedRAMP Authorization process as a part of our commitment to customer needs and the trust they place in our product.
The Federal Risk and Authorization Management Program (FedRAMP®) is a United States federal government-wide compliance program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. It provides a standardized approach to security authorizations for Cloud Service Offerings.
SciNote is used at the FDA, USDA and other industry organizations.
Our security standards align with and go beyond the requirements of many security certifications. Upon request, we will provide supporting documents to demonstrate our information security management system (ISMS), as defined by ISO/IEC 27001, is appropriately managed and maintained. For the up-to-date status of SciNote certifications, including SOC2, ISO/IEC 27001, NIST, and FedRAMP, please contact us directly as these processes are ongoing.
In partnership with bladestack.io
Protection of your Intellectual property (IP)
Here is how SciNote can help you when you prepare to file for a patent.
Keep all your data in one place in a structured way
SciNote allows easy cross-referencing between different data pieces, keeping records of your work (e.g. linking results with protocols and users, who contributed to the electronic record) and offers additional data annotations. Keep all your data organized and protected in SciNote.
Keep all your data in one place in a structured way
SciNote allows easy cross-referencing between different data pieces, keeping records of your work (e.g. linking results with protocols and users, who contributed to the electronic record) and offers additional data annotations. Keep all your data organized and protected in SciNote.
Control all changes in electronic records, sign and witness them
SciNote enables you to execute your formal procedures: entering data, locking access, signing and witnessing electronic records. Everything is timestamped, tracked and logged.
Control all changes in electronic records, sign and witness them
SciNote enables you to execute your formal procedures: entering data, locking access, signing and witnessing electronic records. Everything is timestamped, tracked and logged.
With SciNote you control who owns the content/data
SciNote does not claim any ownership over your research data. In addition, SciNote has several levels of security, and we prioritize keeping your records safe; you have full control over who should have access to your information.
With SciNote you control who owns the content/data
SciNote does not claim any ownership over your research data. In addition, SciNote has several levels of security, and we prioritize keeping your records safe; you have full control over who should have access to your information.
Back up and encrypt your data automatically
Don’t lose your data due to accidents, natural disasters, or staff turnover – everything is backed-up on a separate server at a different physical location. Plus, your data is encrypted both at rest and in transit. This means that only you have access to decrypted information; even if somebody else reads the encrypted data, they will only receive gibberish.
Back up and encrypt your data automatically
Don’t lose your data due to accidents, natural disasters, or staff turnover – everything is backed-up on a separate server at a different physical location. Plus, your data is encrypted both at rest and in transit. This means that only you have access to decrypted information; even if somebody else reads the encrypted data, they will only receive gibberish.
Download Data Protection Whitepaper
Learn how ELNs empower innovation and safeguard intellectual property in our comprehensive free whitepaper.
SciNote Reviews
Connect with us
SciNote Newsletter
Receive SciNote ELN news, webinars and articles.