Network Security

Sign on the digital line: Case study

In the strictly monitored biopharma industry, the authenticity of signatures on documents is essential for the smooth operation of clinical trials. With 150,000 registered clinical trials currently just in the United States, according to the U.S. Department of Health & Human Services, that's a lot of documents passing between doctors and medical investigators and the administrative bureaucracy encompassing government health care overseers.

SureClinical is new to market with health science cloud application deployments in 12 global data centers located in the Asia-Pacific region, Europe and North America. It supports multi-site, multi-location customers with its cloud software for the management of global clinical trials. SureClinical has its primary headquarters in Rancho Cordova, Calif., and is opening another office in London to support its European customers.

“Our customers are managing clinical trials in the highly regulated biopharma industry,” says Zack Schmidt, founder, president and CEO of SureClinical. “They are collecting regulatory documents that need signatures.” Due to requirements for digital signing imposed by the U.S. Food and Drug Administration (FDA) and the European Medicine Agency, biopharma companies need a highly secure digital signing infrastructure.

Instead of sending documents out for signing via overnight delivery services, SureClinical customers are electing to complete digital signatures through the use of the company's cloud digital signing services, Schmidt explains. 

SureClinical has its primary headquarters in Rancho Cordova, Calif.The search began for a solution that would enable customers to optimize this task and ensure secure transactions. SureClinical's executive, security and engineering teams worked together on an extensive review of available options, says Schmidt. First his team set up requirements around what was needed. The system had to have FIPS-140 Level 3 high-trust security for storage of credentials. It had to be a hardware security module (HSM). His team also required the ability to support millions of signing transactions a day, so the hardware had to support big amounts of throughput as well as the ability for failover and very high reliability. 

“One of the key things we needed was a mean time between failure on the order of hundreds of thousands of hours,” Schmidt says.

He also needed something in the cloud that could scale with the growth of the organization. As his team added new users, the solution needed to be able to scale gracefully. “Our users needed the ease and convenience to be able to access the solution and start signing securely right out of the box, and to do it from familiar tools, like a mobile phone,” Schmidt says. 

Another thing that was important was support for APIs. The flexibility and support for different kinds of programming languages was critical.

Schmidt's team looked at a number of options but had concerns. USB solutions were unacceptable for doctors. “No one wants a USB device that plugs into his or her laptop for signing,” he says. The team looked at another solution which, Schmidt says, was good but not as reliable as what was needed. Plus, it lacked the capability to scale the way Schmidt and his team required.

Then they discovered the Thales nShield HSM. “The Thales unit was the only unit with the mean time between failure we needed, and support for millions of users and millions of transactions. It superseded everything. We were really happy to find that solution.”

At the heart of any digital signing infrastructure is secure private key storage, Schmidt says. “We use the Thales HSM nShield technology to store signing keys for the identities of individual medical investigators, so the investigators can securely sign clinical trials documents from mobile or web devices.”

The HSM maintains all private keys and identity credentials in secure, tamper-resistant devices that allow Schmidt's team to guarantee both the validity and the security of the investigators and document signatures that are created on their behalf. “That's absolutely paramount to this industry,” he says. 

The other important thing, he points out, is the integrity of the signed document. In other words, proving that a document hasn't been changed since it was signed. The current mode is to use paper. With paper, somebody can forge a signature easily and it would be difficult to detect. “With a high-trust digital signature – like the kinds we use – the user is able to sign digitally, resulting in a document that's highly trusted and has a high level of integrity.”

This is absolutely essential, he maintains, because individuals in clinical trials are actually signing for drug supplies, so it is absolutely essential to know the identity of the doctor who's signing for this information because that doctor might be signing for use of an experimental drug. There's a lot of security that goes on around ensuring the identity of those individuals, Schmidt (left) says. “The industry gold standard is the X.509 certificate,” he says. “U.S. NIST policies mandate that in order to validate the identity of individuals, the certificate needs to be tied to a well-kept secret, otherwise known as a private key.”

Private keys cannot be accessible, otherwise illegitimate users could fake identities, sign fraudulent documents and modify documents already in the system – all without being detected, he says. Devices that protect these keys need to be hardened so that even if somebody were able to get access to the device, there's no way of physically getting hold of the keys inside. “Opting for the highest level of security allows us to play in every single market worldwide and be assured that regulatory bodies will accept the signatures that we're using,” Schmidt says. 

“All systems that use cryptography create the challenge of managing secret keys,” says Richard Moulds (left), vice president of product strategy, Thales e-Security, with U.S. headquarters in Plantation, Fla. “Keys need to be locked down with rigorously enforced access controls and usage policies and yet are in constant use at the center of the business service, signing and exchanging document in the case of SureClinical. As a result, ease of deployment and security can become two opposing forces.”

With the Thales HSM, Schmidt's team is able to provide an identity around a digital signature that is pre-vetted and pre-approved through the use of a PIN code and a cell phone. “We have the strongest level of digital signing,” he says. “In fact, as far as we know, we are the only organization that's been approved for Adobe digital signing from a mobile device and the cloud because of the high trust that we've built into this network.”

That's very significant, he says, because it allows SureClinical to move digital signing to the cloud and mobile devices. “With the Thales HSM, we've been able to establish the highest level of security in the cloud and make it accessible from a mobile phone, including an additionallayer of security provided through SMS.”

Users can get a verification code assigned through their mobile device, so instead of having to carry around a USB device that can be easily lost, investigators now just have to have a mobile phone to access a signing service in the cloud.

The beauty of basing a solution in the cloud is that you can validate identities across your entire installed base automatically, Schmidt says. “Companies are required by law to go through extensive validation of their technology, which can add tens of thousands of dollars additional validation. By using the Thales HSM, we were able to validate this once across a certified cloud by default.”

Schmidt and his team were impressed with the Thales pre-deployment support. “They spent time explaining alternate approaches of configuration and deployment in data centers and different security settings that we could use,” he says. “We were also impressed with their assistance with the initial programming of the unit for the API interfaces we use with Java. The team's pre-sale expertise was top-notch overall.”

When equipment is deployed, it can be an expensive and time-consuming undertaking, he says. “It really helps to have somebody help you set it up, prove it, prototype it and pilot it before you put it in production. That's what Thales did with us, which was really great.” 

And, Schmidt is finding the implementation easy to manage and operate. “We've had no issues at all,” he says. “It's been plug-and-play since that initial configuration and setup.”

The Thales security tool stretches across SureClinical's entire network. “SureClinical is already in the 15 to 20 different countries where people are digitally signing documents, and we can scale out-of-the-box signing to 130 countries overall,” Schmidt says.

Further, SureClinical is expanding its digital signing to include providing trusted identities for health care pros. So, when customers start up a clinical trial, they can tap into its database of providers with a trusted identity through the Thales HSM unit. This is going to help vet doctors and investigators for clinical trials. “Think of it like a highly trusted LinkedIn where the trusted individual has an identity that is held within the Thales unit,” Schmidt says. 

As health care and life science applications shift away from paper and to the cloud, trust is a key element of making it successful. “Thales HSMs provide the trust that empowers our customers and facilitates their move to the cloud,” says Moulds. 


[sidebar]Doctor's orders: Rx for digital signing

Thales supplies a security platform known as a hardware security module (HSM), says Richard Moulds, vice president of product strategy at Thales e-Security. “These devices act as a root of trust for a wide range of applications that employ cryptography to protect documents, sensitive data and business services.”

SureClinical handle thousands of highly sensitive documents that contain medical records and data from pharmaceutical trials and use cryptography to ensure privacy and digital signatures to validate the authenticity of documents, Moulds explains. The Thales nShield HSMs protects the secret keys at the heart of the process and performs the critical signing operations, he says.

SureClinical faced the challenge of building an application infrastructure that was sufficiently scalable and had global reach to provide a reliable alternative to sending physical documents by traditional postal services, Moulds says. “The only way to achieve this was for SureClinical to develop a highly secure cloud-based service. The high performance and tamper-resistant capabilities of the nShield HSM was perfectly suited to SureClinical requirements and enabled it to obtain the federal security certification that is necessary to process pharmaceutical records.” 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.