At Rivia, trust is the foundation of our technical operations.

Certified and Compliant

We are fully ISO certified, holding certifications in ISO 27001:2012 for our Information Security Management System and in ISO 9001:2015 for our Quality Management System.

Ensuring the highest levels of security, data privacy, and compliance is integral to our practices. Rivia complies with industry standards including ICH Good Clinical Practices, the EU GDPR, and the US FDA 21 CFR Part 11.

Security

Rivia has a security-by-design strategy that applies to every aspect of development and maintenance of its platform. Rivia prioritizes data security and compliance with state-of-the-art technology and techniques.

Technology

Rivia embeds security in its software development lifecycle and provides robust admin controls to give customers greater visibility and control over their data. Rivia has developed infrastructure hosted in secure data centers with firewalls, encryption, and threat detection systems, to protect customers data and ensure secure transfer. Rivia's security team persistently introduces new controls and protocols to sustain the highest levels of security.

Processes

Rivia embeds security at every stage of its operations. Stringent access control and authentication protocols prevent unauthorized entry. Data segregation and role-based access ensure that only authorized personnel can access specific data. Continuous security training empowers the workforce to prioritize and maintain a secure environment. Proactive measures for threat detection, disaster recovery, and business continuity planning demonstrate Rivia's active security stance.

Organization

Adherence to rigorous data protection standards and industry certifications including ISO 27001 and ISO 9001 reflects Rivia's commitment to security. Rivia is audited annually by independent third-party experts to evaluate adherence to industry standards.

Trust Center

Rivia's is committed to safeguarding customer data by implementing cutting-edge data storage security measures and privacy protocols. Visit our Trust Center to learn about our security posture and request access to our security documentation.

Quality

Rivia undergoes rigorous evaluations against industry standards, ensuring that its technology, staff and processes consistently meet high-quality compliance requirements.

Privacy

Rivia ensures compliance with applicable Data Protection Laws, including the EU GDPR, by having Data Processing Agreements in place with customers and contractors who process Rivia customers' data. Customer data is always encrypted at rest using the AES 256 encryption algorithm (AES-256) when stored in Rivia’s infrastructure, and in transit using Transport Layer Security (TLS) encryption algorithms.

Regulations

Rivia meets compliance with ISO regulations including ISO 27001:2013 and ISO 9001:2013, as well as industry regulations including compliance with FDA 21 CFR Part 11 and Annex 11, as well as GCP to meet requirements as a data processor. This includes compliance of

Transparency

Rivia operates on a strict “need-to-know” principle and only allows role-based access. Rivia customers maintain complete ownership and control over their data exports, edits, retention, and storage. Rivia maintains transparency with data governance, access to systems are monitored and restricted, and security measures including multi-factor authentication are implemented in order to access any information technology developed or used by Rivia.

Compliance

Compliance involves implementing and following standardized procedures for business processes, system development, implementation, and support; maintaining detailed evidence through records and regular training; ensuring system security and controls in line with ISO 27001; and adhering to US 21 CFR Part 11 for electronic records.