trust center

At Vastian, we are committed to safeguarding your data. Vastian is the only healthcare-focused QMS platform that is SOC 2 Type 2 certified, FedRAMP authorized, and HIPAA compliant. With these third-party distinctions, our clients can rest assured that their data is protected with the highest security controls in the industry.

SOC 2 Type II logo
SOC2 Type II

At Vastian, your data security is our top priority. Our SOC 2 Type 2 (System and Organization Controls 2 Type 2) certification ensures a secure environment by meeting the rigorous AICPA standards for security, availability, and confidentiality. This certification involves comprehensive auditing of our controls, processes, and systems to protect your information. Trust Vastian to safeguard your data with the highest level of protection and show your higher standards.

FedRAMP logo
FedRAMP Authorization

Vastian's MediaLab Federal platform is the only healthcare QMS business with Federal Risk and Authorization Management Program (FedRAMP) certification. This accreditation ensures our systems meet stringent federal security standards for cloud services, involving rigorous assessments of our controls and processes. Trust us and our commitment to the highest standards of protection and compliance.

HIPAA Compliance

At Vastian, we take the protection of your Health Insurance Portability and Accountability Act (HIPAA) information very seriously. We adhere to the strictest standards to ensure your health data is secure and confidential. Our comprehensive security measures and protocols are designed to safeguard your information, demonstrating our unwavering commitment to compliance and data protection. Trust Vastian to keep your health information safe.

Code of Federal Regulations


‍Our goal is to not only keep your data secure but also to provide you with the tools to meet all healthcare compliance requirements. Below are just a few of the requirements that our products can help you achieve:


- ISO: 15189 4.3

Comprehensive requirements for document control.‍

- FDA: 21 CFR Part 11

Electronic records and signatures.

- CAP: GEN.20375

Having a document control system to manage policies, procedures, and forms, including those related to laboratory testing.

- CLIA: 42 CFR 493.1251

Procedure manual.

- CAP: GEN.23584

Interim self-inspection records efforts to correct deficiencies.

- CLIA 42 CFR 493.1773

Condition: inspection requirements applicable to all CLIA-certified and CLIA-exempt labs.

- CLIA: 42 CFR 493.1235

Personnel competency assessment policies.

- CAP: GEN.20208

A process to identify and investigate errors, incidents, and adverse patient events.

- CLIA: 42 CFR 493.1239

Monitor, assess, and correct problems identified.

PCI Compliance logo
PCI

At Vastian, we uphold the highest standards of Payment Card Industry Data Security Standard (PCI DSS) compliance. Our robust security measures protect your payment information through rigorous controls and regular audits. We are dedicated to maintaining a secure environment, ensuring the confidentiality and integrity of your financial data when you make any type of payment with us.

If you are a Vastian client, please login to your account to view related security documents. If you are not a client and interested in learning more, please contact us and an account executive will provide you more with information and documents on our security profile.

More to Discover

Legal Center

Visit our Legal Center for online and downloadable copies of our legal agreements, documents, and policies.

Go to Legal Center
Go to Legal Center
Go to Legal Center

FAQs

Go to the Vastian FAQs to review our responses to frequently asked questions on our company, solutions, and platform.

Go to FAQs
Go to FAQs
Go to FAQs