We work to ensure best-in-class security to protect your data
Breeze through IRBs. Labfront is trusted by hundreds of the world's top researchers to keep their data safe, secure, and compliant.
.png)
Trusted By Researchers from Top Institutions
.webp)
.svg)
Security
With ever increasing cybersecurity risks, our data protection protocols have never been more important.
Reliability
We are built on top of AWS’s secure and reliable infrastructure to ensure the best experience.
Privacy
We're committed to protecting both your privacy and the privacy of your participants.
Compliance
We keep up-to-date on global and regional standards around research data so you don’t have to.
Protect your work
As a digital-first tool to help your research, we recognize the growing importance of data security. That’s why at Labfront, we continually update our systems to ensure the most up-to-date best practices around security.
Infrastructure security
Security needs to built from the ground up. Password hashing, encrypted data storage and transfer, and principles of least privilege access are all standard within Labfront.
Organizational security
The strength of security is only as strong as the weakest link. That’s why we continually implement new security controls and protocols to keep our team up-to-date.
Product security
Labfront is always looking to improve in-product data protection offerings for greater control over your data. Easily enable features like two-factor authentification.
Transparent monitoring
We offer full transparency into system status and performance.
Uptime and availability
Labfront supports a 99% uptime commitment for all customers, and provides transparency into real-time platform status.
Business continuity
Building off AWS’s backup system, Labfront has the recovery procedures in place for restoring data in the event of unavoidable failures.
Protect what matters
We understand we are dealing with sensitive data. Our comprehensive privacy and compliance policy ensures alignment with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) among others.
Privacy controls
Labfront is built with a highly modular least privilege system, meaning you get full control over how you use your data.
Data governance
We follow the best practices regarding data governance to ensure a reliable and safe experience.
Data residency (in progress)
Labfront is currently hosted in the US but will be opening up new EU servers in the future to support our European customers.
Certifications and attestations
Labfront adheres to global privacy laws and security standards ensuring we breeze through IRBs and purchasing committees.
StateRAMP
Cybersecurity framework ensuring US cloud service security and compliance
Frequently asked questions
We're here to help with any questions you have about Labfront's privacy and security policies. Don't hesitate to contact us at support@labfront.com.
.svg)
Yes, we sure do and we've passed all IRBs since we've been active. You can find our supporting documentation for IRB in this article.
We typically save research data for 3 years after study completion, following the write-up of the results. For relevant studies, Labfront will also be compliant with the NIH Data Management and Sharing (DMS) Policy, effective January 25, 2023. We provide the ability to delete all data if requested by the researcher as well.
You may refer to our security and privacy policies which are available below:
To give further confidence to our strict policies, we have successfully supported IRB applications with Labfront as part of the study. In fact, we've passed all IRBs since we've been active . You can find our IRB support documentation here.
Furthermore, Labfront intentionally does not have access to your project’s data or ask participants for their personal information. Instead, we use a unique invite code to connect participants to the platform and your project.
You own your data and we do not access it. Our privacy and security policies are very strict (including not accessing your project data), these standard policies are usually enough to support grant applications, but we can provide additional guidance or information if needed.
Yes, we have completed the HECVAT form that many higher institutions use. You can contact us at support@labfront.com to request the documentation.
We currently only support U.S. data centers and the data is stored in Virginia, America. You can view our privacy and security information here. However, we're currently working with several institutions outside of the U.S., including Canada, Switzerland and Australia.
Since the Labfront service includes a variety of applications (eg. mobile app, web dashboard), we provide an all-encompassing Terms of Service instead of a simple EULA. If your institution asks for a EULA, you can link them directly to Labfront's Terms of Service.