Skip to Content

DATATRAK Achieves SOC 2 Type II Certification

DATATRAK Achieves SOC 2 Type II Certification SOC-Service Org_B_Marks_2c_Web

  DATATRAK International, Inc., an Electronic Data Capture company implementing an all-in-one clinical enterprise solution software, today announced that they have successfully completed a Service Organization Controls (SOC) 2® Type II Audit examination for their DATATRAK ONE Software as a Service System. DATATRAK retained international CPA and business advisory firm, Skoda Minotti, for its SOC 2® audit work. Skoda Minotti was selected after an intensive search based on their reputation as a leading risk advisory and compliance firm. Ben Osbrach, CISSP, CISA, QSA, CICP, CCSFP partner-in-charge of Skoda Minotti’s risk advisory group says, “We were excited to work with DATATRAK from the very start. They are an intriguing organization delivering high-quality services and their business adds to our growing SOC reporting practice.” SOC 2® engagements are performed in accordance with the American Institute of Certified Public Accountants’ AT 101, Attestation Engagements and based on the trust service principles outlined in the AICPA Guide, Reporting on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality, or Privacy. The SOC 2® Type II report is performed by an independent auditing firm and is intended to provide an understanding of the service organization’s suitability of the design and operating effectiveness of its internal controls. A service organization may select any or all of the trust service principles applicable to their business and DATATRAK chose to report on security, availability, processing integrity and confidentiality. The successful completion of this voluntary engagement illustrates DATATRAK’s ongoing commitment to create and maintain a secure operating environment for their clients’ confidential data. As technology providers restructure and migrate their offerings to the cloud, there is a growing demand for assurance that their data is absolutely secure. DATATRAK was not only the first EDC company established in 1995; they were the first to market with the Cloud Enterprise Platform in 2006. "With over 57,000 enterprise users we must continuously work to safeguard our client's clinical data as we continue to be as transparent as possible about our trust, security, and privacy processes," said Jim Bob Ward, DATATRAK CEO. Skoda Minotti’s testing of DATATRAK ’s controls included an examination of their policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of their business. Upon completion of the audit, DATATRAK received a Service Auditor’s Report with an unqualified opinion demonstrating that their policies, procedures, and infrastructure meet or exceed the stringent SOC 2® criteria for security and confidentiality. “The successful completion of our SOC 2® Type II examination audit provides DATATRAK’s clients with the assurance that the controls and safeguards we employ to protect and secure their data are in line with the rigorous clinical trial industry standards and best practices,” said Amy Boukair, Director, Quality Assurance. “Achieving this certification reinforces our commitment to client confidence and satisfaction with the superior quality of our products and services.” These reports contain proprietary information and are only shared under an NDA (non-disclosure agreement), and are not for public use. About – DATATRAK DATATRAK International is a worldwide technology and services company delivering cloud based eClinical solutions and related services for the clinical trials industry. DATATRAK built its multi-component, SaaS solution on a single, unified platform, designed to accelerate the reporting of clinical research, with greater efficiency compared to other similar technologies. The DATATRAK ONE® software solution, deployed worldwide through an ASP or Enterprise Transfer offering, supports Preclinical and Phase I - Phase IV drug and device studies in multiple languages throughout the world. For more information, please visit About – Skoda Minotti Skoda Minotti is a Certified Public Accounting Firm based in Cleveland, OH offering a variety of tax, finance, and business advisory services in virtually every area of business. The Risk Advisory practice specializes in SOC Reporting, PCI DSS Compliance, HIPAA Compliance and HITRUST validation, FISMA, NIST, and other regulatory information security assessments. Staff in Skoda Minotti’s Risk Advisory hold several industry certifications including Certified Information Systems Auditor (CISSA), Certified Information Systems Security Professional (CISSP), Qualified Security Assessor (QSA), GIAC Penetrations Tester (GPEN), and GIAC Web Application Penetration Tester (GWAPT). For more information about Skoda Minotti’s Risk Advisory Services, please visit