RegNexia AI meets the security, compliance, and data governance standards expected by pharmaceutical and biotech organizations operating globally.
SOC 2 Type II
Annual third-party audit
TLS 1.3
Data in transit encryption
AES-256
Data at rest encryption
GDPR
EU data protection compliant
99.9% SLA
Uptime guarantee
MFA
Multi-factor authentication
Controls
RegNexia AI undergoes annual SOC 2 Type II audits conducted by independent third-party auditors. Our controls cover security, availability, and confidentiality — the standards required by pharmaceutical and biotech organizations.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Regulatory content, user data, watchlist configurations, and alert histories are fully encrypted — no exceptions.
Granular permission management ensures team members see only what is relevant to their role. Administrators can configure access by user, team, product, market, or therapeutic area with fine-grained controls.
Every action taken in RegNexia — from accessing a document to modifying an alert setting — is logged in a tamper-proof audit trail. Logs are retained and available for internal compliance reviews and external audits.
RegNexia runs on enterprise cloud infrastructure with 99.9% uptime SLA. Multi-region redundancy, automated failover, and continuous monitoring ensure the platform is available when your team needs it.
Enterprise customers can select their preferred data residency region. We support requirements for data to remain within specific geographic boundaries — including EU, UK, and US regions.
We do not sell, share, or use your regulatory watchlists, alert configurations, or usage data for any third-party purposes. Your intelligence strategy is your own.
Our security team conducts regular penetration testing, vulnerability scanning, and code reviews. Critical vulnerabilities are remediated within 24 hours. A responsible disclosure program is available for security researchers.
FAQ
Where is RegNexia data hosted?
RegNexia runs on enterprise cloud infrastructure. Enterprise customers can choose their data residency region, including options for EU, UK, and US data boundaries.
Can we review your SOC 2 report?
Yes. Our SOC 2 Type II report is available to prospective and current enterprise customers under NDA. Contact our team to request a copy.
Does RegNexia support single sign-on (SSO)?
Yes. RegNexia supports SAML 2.0-based SSO for enterprise customers, allowing integration with your existing identity provider (Okta, Azure AD, Google Workspace, and others).
How are access permissions managed?
Administrators can configure role-based access at the user, team, and workspace level. Permissions can be scoped by regulatory authority, product, market, or therapeutic area.
What happens to our data if we cancel?
Upon contract termination, you can export all your data within 30 days. After that window, data is permanently deleted from our systems. We do not retain customer data beyond this period.