Trust in Third Party Systems

ProofPilot uses several key external tools in a production environment to deliver it’s services to all our customers and participants.

In addition, ProofPilot is designed as a platform. External organizations may create measurement tools or interventions and make them available to ProofPilot customers.

Vetting Process

All relationships with ProofPilot are assessed for consistency with our trust principles as part of our overall review process for any new functionality or investment. 

In most cases, ProofPilot only receives incoming data from external partners; we do not share material externally except for a handful of key third parties. Those third party solutions where we do share/store data created on ProofPilot (like AWS) get an additional and more frequent review.

ProofPilot enables experimentation of new and pilot products. Some of these experiments may include tests of very early pilot level digital health tools. For those relationships that are part of the ProofPilot platform and available as a study task template, ProofPilot may make available external tools where the early state of the product may mean malleable security procedures. These situations will be noted before the customer adds the external modules to their research study protocol.

Customers should make determinations to add these modules to ProofPilot studies at their own risk and with awareness that the study IRB process may deem the risks inappropriate

Ongoing monitoring

Once we’ve selected and integrated a third party tool, we review security procedures and issues at least annually for those tools that only share information with us. For those systems that help us provide customer support researchers, they get a review atlas once a year. For those systems where we share participant data, they get a review with each new study ethics review process (which may happen multiple times a month by various institutional review boards).


ProofPilot ensures that all data and sensitive intellectual property is returned and/or deleted at the end of a vendor relationship