Data Safety and Security

Reader and Editor users can be restricted to viewing only the latest Effective version, but several conditions must be met for the visibility rules to function correctly:

1. The room must have the “Show only effective versions to Readers” setting enabled.

   This configuration controls whether non-Admin users can access historical Effective versions.

2. The user must be assigned the appropriate permissions:

   • Set as an Editor

   • Granted Quality Records permissions

   • Granted Restrict Document Creation permission

     The “Restrict Document Creation” permission is specifically required for enforcing version-visibility controls.

3. The document must have gone through at least one controlled workflow.

   Documents that have never completed a controlled document workflow will display all versions to all users until they have been through the workflow at least once.

4. A recent fix related to version visibility control was included in patch TTI-4332.

   If the room is on a version containing this fix and the above configurations are correctly applied, version visibility should behave as intended.

5. When is it a defect?

   If all required settings and permissions are correctly configured, and the document has a completed workflow history, yet Reader/Editor users still see all historical Effective versions, this is considered a defect and should be logged.

6. When is it expected behavior?

   If visibility settings are not enabled, permissions are incomplete, or the document has not been through a workflow, the system will display all Effective versions by design.

7. If the desired behavior is to always limit non-Admin users to only the latest Effective version regardless of workflow history, this would be considered a product improvement (AHA request).

This issue arises because the TI Viewer (ARender) currently does not detect password protection, whereas the TI Editor (OnlyOffice) does prompt for passwords. During upload, password detection is not immediate due to a system performance constraint, resulting in delayed or missing issue flags for such documents.

No, this issue is specific to PDF files. Password protection detection and error flagging do not apply to Word documents, meaning users uploading protected Word files will not see any password-related alerts or issue tracking.

No. Trial Interactive uses Machine Learning to create learning models for metadata mapping of up to 42 essential documents. In addition, Trial Interactive creates a fingerprint of document data to identify similar documents and identical document types. This data is stored uniquely within each customer domain and is not shared between customer domains. Document metadata mappings are stored directly with each TMF or room/repository configuration and may be reused between studies, but only with customer approval at the time of room creation.

TransPerfect is ISO 27001 certified.

We keep multiple backups and can restore content from those backups, whether it is a single file or an entire folder.

We support initial user creation and assignment of the user’s initial role through SAML.

Ransomware is largely executed when an attacker gets executable code to run on a system. We seek to prevent that in several ways:

• At a corporate level, we have an awareness and training program. Because end users are targets, employees and individuals are made aware of the threat of ransomware and how it is delivered.
• We have strong spam filters to prevent phishing emails from reaching end users and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain-based Message Authentication, Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
• We run anti-virus scans on uploaded documents, incoming and outgoing emails, and documents posted to SFTP to detect threats and prevent executable files from reaching end users.
• All firewalls are configured to block access to known malicious IP addresses, and we use IP whitelisting and secure, rotating, password-protected keys for direct network access.
• We consistently patch operating systems, software, and firmware across infrastructure to ensure we are on the latest patches and exploit fixes.
• We manage privileged accounts based on the principle of least privilege and perform white-box penetration testing of our software as part of regular scanning.
• We configure access controls—including file, directory, and network share permissions—with least privilege in mind. If a user only needs read access, they do not have write access to those files, directories, or shares.
• We use a document viewer (TI Viewer) that renders all macros inert in Office files.
• We implement Software Restriction Policies (SRP) or similar controls to prevent programs from executing from common ransomware locations.
• We use application whitelisting, which only allows systems to execute programs permitted by security policy.
• We execute operating system environments or specific programs in a virtualized environment and use jump boxes to prevent direct access to the cloud hosting environment.
• We back up data regularly, verify backup integrity, alert on failures, and test restoration processes.
• We conduct annual white-box and black-box penetration tests and vulnerability assessments.
• We secure and encrypt all backups in a safe recovery location.

An enterprise/dedicated instance is completely separated from every other service except for two shared services: the email service (which routes through a central domain) and the SFTP file share service (which is domain-based). TransPerfect retains the encryption keys for all content and the database. Even in a multi-tenant environment, each customer’s data slice is encrypted and separated from other domains.

Users are identified by email address, with access verified by the customer in this closed system. For multi-tenant customers, passwords must be a minimum of 8 characters and include uppercase, lowercase, numbers, and punctuation. Passwords expire every 60 days by default, and users cannot reuse their last 3 passwords. Users who fail authentication five (5) times for either login or eSignature are locked out and require account reset by their customer. Sessions have an inactivity timeout of 5 minutes. These options may be modified for single-tenant customers.

Trial Interactive uses multiple layers of boundary protection for hosted solutions. While the application layer may be shared, each customer's documents are stored separately and are logically and physically separated from the Trial Interactive database instance. There is logical segmentation between client records, and all data is encrypted at rest and in transit. Trial Interactive undergoes third-party security assessments, including white-box and black-box testing, to validate segmentation and protection from external threats.

Trial Interactive uses encryption at rest and in transit. TLS is used between the client browser, the application, and internal application servers. File content and data volumes are encrypted. Hashing (SHA-512) is used to protect shared secrets in storage. AES-256 is used for encryption at rest, including server-side encryption for the RDBMS. Approved cipher suites are enabled for encryption and authentication, and communications occur over HTTPS using TLS v1.2 with high-security ciphers. This can be independently verified using the SSL Labs test site.

Data may traverse shared infrastructure across the Internet and internal networks; however, Trial Interactive uses identity-based access controls to segregate customer data. Users are authenticated to establish encrypted sessions that maintain integrity and confidentiality, and access is constrained by customer-specific permissions.

Yes. Even when hosted as multi-tenant, Trial Interactive remains a closed system per customer. Customers explicitly invite users to access the system, and all content is stored securely under the customer’s control.

Trial Interactive services run on hardened Linux servers with perimeter firewall protection and a web application firewall with intrusion detection (including AWS GuardDuty) tied to alerting. Access to services is governed by security groups and is enabled only when explicitly permitted. Third-party security testing (white-box/black-box) is performed at least annually, and automated scans are performed monthly. Production access is restricted to trained personnel via a jump box with IP-range limitations and expiring certificate-based keys. Customer data segregation is enforced through multiple checkpoints to prevent cross-domain data bleed.

Modern web service and messaging capabilities support distributed architectures that can leverage cost-effective third-party hosting without compromising quality. Cloud hosting provides horizontal scalability to maintain performance and reliability and to ensure a consistent user experience.

Trial Interactive encrypts data at rest and in transit. TLS is used for encryption in transit. For data at rest, passwords and other secrets are protected using SHA-512 hashing.

Trial Interactive is tested by a third-party security firm using standard black-box attack testing and white-box internal testing. External Denial of Service (DoS) attacks are also mitigated.

Yes. Trial Interactive serves as a Service Provider (SP) for SAML-based authentication requests from an Identity Provider (IdP).

Trial Interactive uses AWS for hosting. The hosting provider operates in a SOC 2–certified data center environment with safeguards at the physical, logical, network, and data access layers aligned to the certification controls.

External access is controlled per access management procedures. Perimeter firewall technology guards against unauthorized access, and device access is controlled via access control lists maintained by designated operations resources. Network communications are restricted to HTTP/HTTPS (ports 80/443); all other ports are denied. Intrusion prevention alerts SaaS operations of unauthorized access attempts. Application tiers are segmented to further restrict access.

Internal access is strictly role-based and requires formal request and approval. The approval process is tracked in the access control system. The cloud services environment is segregated from the corporate network and requires separate credentials. Logs are maintained and reviewed for internal access activity.

Yes. Access to corporate environments requires key card entry issued during onboarding. Access lists are managed by IT and monitored by the leasing company. Perimeter access requires valid key cards, and facilities use reception controls and camera monitoring of common areas.

Yes. Privileges in a multi-user environment are restricted and controlled: privileges are assigned by role, allocated on a need-to-use basis, and granted only after formal authorization per logical access policy. The policy covers both systems with broad access (e.g., email) and systems requiring explicit access.

Yes. Operating system logs include IP addresses and attempted, unsuccessful, and successful logins.

The Information Security Manager (ISM) oversees security across the organization. The cloud services security policy defines requirements for delivering and supporting cloud services. All employees involved in design, delivery, and maintenance of the Trial Interactive cloud services environment must comply with the policy, and the ISM ensures policies are current and applied appropriately.

The key policies and procedures implemented include:

• The Systems Development Lifecycle (SDLC) policy, which defines how cloud services are developed and tested, including vulnerability assessment during testing.
• The access management procedure, which defines controls for cloud security and the request/approval process for internal production access.
• The event management procedure, which defines monitoring and response/escalation procedures for production alerts.
• The disaster recovery procedure, which defines preparation and execution steps in the event of a disaster impacting production.
• The data management procedure, which defines how information is secured and backed up to a secondary cloud services environment.

Antivirus software is installed on servers to detect and isolate/remove viruses. Systems scan for malicious software and infected files on a regular basis. New files are automatically scanned upon save or download, including email attachments. Virus databases are updated automatically and distributed through an automated update process. Customers must also maintain local virus protection to mitigate endpoint risks (e.g., downloaded attachments).

This issue arises because the TI Viewer (ARender) currently does not detect password protection, whereas the TI Editor (OnlyOffice) does prompt for passwords. During upload, password detection is not immediate due to a system performance constraint, resulting in delayed or missing issue flags for such documents.

No, this issue is specific to PDF files. Password protection detection and error flagging do not apply to Word documents, meaning users uploading protected Word files will not see any password-related alerts or issue tracking.

We retain all system data and activity logs for 25 years, unless there is a request for data removal.