Certified for quality, safety, security and compliance
At BC Platforms, quality, safety, security and compliance are built into everything we design and deliver. Our certified management systems and continuous audits ensure that our products meet rigorous international standards for safety, reliability and security, supporting our partners across healthcare and life sciences worldwide.ย
Our commitment to quality
We maintain certified management systems that cover every stage of the product lifecycle, from design and development to deployment and support. Through continuous evaluation and collaboration with customers and independent auditors, we adopt emerging standards and ensure that our products and processes remain secure, compliant, and reliable.
ISO 27001
BC Platforms is certified under the ISO/IEC 27001 standard for its Information Security Management System, ensuring comprehensive protection of data across storage, processing, and transmission. The certification demonstrates our commitment to maintaining strong security practices across all areas of our operations, including:
Information security
- Audit logging
- Role-based access controls
- Authentication and authorization
- Data encryption at rest and in motion
Corporate security
- Background checks
- Security training
- Vendor management
- Facilities security
- Business continuity
- Disaster recovery planning
Data protection and privacy
- Data leakage prevention
- Privacy risk management
- Data masking
- Privacy policies
- Compliance management
Application security
- Secure coding practices
- Cloud services security
- Annual OWASP application security verification and comprehensive testing, including penetration testing
ISO 13485
BC Platforms is certified under the ISO 13485:2016 standard for its Quality Management System, which governs all operations in the company. The certification demonstrates our ability to deliver products and services that meet customer and regulatory requirements both in healthcare and research services.
Our Quality Management System further adheres to the ISO 62304 for Product Lifecycle Processes and the ISO 14971 for Risk Management in product development. These standards, together with our AI policy, ensure compliance with the latest regulatory requirements governing the use of AI in product development and the creation of software incorporating AI components.
Compliance with Good Clinical Practice and CFR 21 Part 11
In scientific services and solutions, BC Platforms follows the ICH_GCP(R2) Guideline as applicable. We provide 21 CFR Part 11 validated software systems and we have validated our capability to follow procedures necessary in creation, modification, maintenance, archiving, retrieval and distribution of electronic records or electronic signatures according to 21 CFR Part 11.
OMOP / EHDEN
BC Platforms is certified by the European Health Data and Evidence Network (EHDEN) for our expertise in standardizing health data to the OMOP Common Data Model and implementing the associated technical infrastructure. This certification demonstrates our ability to enable high-quality, interoperable data transformation to support research and evidence generation.
Scope of certification
- OMOP data standardization
- Technical infrastructure deployment
- Interoperability assurance
OWASP Application Security Verification
BC Platforms conducts annual cybersecurity and vulnerability assessments for all of our products, aligned with the OWASP Application Security Verification Standard (ASVS) Level 2 framework. This certification demonstrates our commitment to ensuring that our products meet recognized best practices in software security and risk management.
Scope of certification
- Annual penetration testing
- Secure SDLC
- Vulnerability management across all product lines
Cloud security
We host our offerings on trusted, ISO-certified cloud platforms and apply rigorous internal controls to ensure the confidentiality, integrity, and availability of all customer and partner data. Our cloud architecture and security practices are regularly reviewed to maintain compliance with global standards and evolving customer requirements.