Core Feature

Security

Enterprise-grade security designed for healthcare. Protect sensitive patient data with comprehensive access controls, encryption, and audit capabilities that meet the strictest regulatory requirements.

Request Demo Explore Features
Access Management

Role-Based Access Control

Granular access control ensuring users only access the data and functions they need. Flexible role management adapts to your organisation's structure.

  • Granular Permissions - Fine-grained control over access to screens, functions, data, and reports. Build permissions at field level where needed.
  • Role Management - Create roles matching your organisation structure. Combine roles for users with multiple responsibilities.
  • Department Restrictions - Limit access by laboratory department or location. Users see only relevant data for their work area.
  • Temporary Access - Grant time-limited access for locums, trainees, or temporary staff. Automatic expiry prevents access creep.
Access control configuration interface
Identity Management

Authentication & Identity

Robust authentication options supporting single sign-on, multi-factor authentication, and integration with enterprise identity providers.

  • Single Sign-On (SSO) - Integrate with Active Directory, Azure AD, and SAML identity providers. Users authenticate once for all systems.
  • Multi-Factor Authentication - Additional security layer with MFA support. Options include authenticator apps, SMS, and hardware tokens.
  • Password Policies - Configurable password complexity, expiry, and history requirements. Support for enterprise password standards.
  • Session Management - Automatic session timeout and concurrent login control. Forced logout capability for security incidents.
Authentication settings dashboard
Data Security

Data Protection

Comprehensive data protection measures including encryption, secure communications, and privacy controls for GDPR compliance.

  • Encryption at Rest - AES-256 encryption for stored data. Database-level and file-level encryption options.
  • Encryption in Transit - TLS 1.3 for all network communications. Secure connections for browser access and system integrations.
  • Data Masking - Mask sensitive patient identifiers in non-production environments. Support for research and training use cases.
  • GDPR Controls - Consent management, data subject access request handling, and right to erasure support.
Data protection dashboard
Compliance

Security Standards Compliance

CoreLIMS is designed to meet the security requirements of healthcare regulatory standards and industry best practices.

GDPR
🔒

GDPR

Full compliance support for UK and EU data protection requirements including privacy by design.

GLP
🔬

GLP Compliance

Security controls supporting Good Laboratory Practice requirements for preclinical research organisations.

ISO
📋

ISO 27001

Security controls aligned with ISO 27001 information security management standard.

CE+

Cyber Essentials

Technical controls meeting Cyber Essentials and Cyber Essentials Plus certification requirements.

HIPAA
🛡️

HIPAA

Security controls supporting HIPAA compliance for organisations with US operations.

SOC2
📊

SOC 2

Service organisation controls for security, availability, and confidentiality.

Capabilities

Security Capabilities

Comprehensive tools for protecting sensitive laboratory data.

📋

Audit Logging

Tamper-proof audit logs of all security events, access attempts, and data modifications.

🚫

Break-Glass Access

Emergency access procedures with enhanced logging and notification for exceptional situations.

🔐

Electronic Signatures

21 CFR Part 11 compliant electronic signatures with identity verification.

👁️

VIP/Sensitive Records

Additional access controls for high-profile or sensitive patient records with alerting.

🔍

Access Monitoring

Monitor and report on data access patterns. Identify unusual access for investigation.

Time-Based Controls

Restrict access by time of day or working hours. Additional controls for out-of-hours access.

🌐

Network Security

IP-based access restrictions and network segmentation support. WAF and DDoS protection.

💾

Backup & Recovery

Encrypted backups with tested recovery procedures. Point-in-time recovery capability.

🛡️

Vulnerability Management

Regular security assessments and penetration testing. Rapid patch deployment process.

AES-256
Encryption
MFA
Authentication
GDPR
Compliant
24/7
Security Monitoring

Secure Your Laboratory Data

See how CoreLIMS security features can protect your sensitive patient information while enabling efficient laboratory operations.

Request Demo Learn More