Security is implemented by multiple interlocking layers.  Access to the system is restricted to authorized clients throw 128-bit SSL encryption, which makes sure that only the intended workstation is able to view the transmitted information.

Every piece of information is tagged with an audit trail, automatically adding a digital signature to every modification in the system (21 CFR 11). You can quickly see who made changes to the system.  In addition, log trails are maintained to provide a detail record of what modifications (and by whom) have been made to any piece of information, at any time.  You can inspect the changes, and revert to a previous version if you wish.

Privilege information such as Protected Health Information (PHI), may be further secured via field level encryption. The system allows for specific data elements to be stored in a form which is only readable by users who submit the encryption key. The system prevents access to the privilege information, allowing only the users with the key to view or modify the information. This is perfect for HIPAA compliance.

Access privileges are organized in a hierarchical structure allowing for broad control with few clicks, while allowing for privilege settings to be applied to individuals allowing for detail control.  You can control who can access each screen and who can add, delete or change any data.

Account management to be integrated with your institutions directory (LDAP).  For locally managed accounts, you can define password strength and password aging policies.