GxP Compliance for Life Sciences

Secure File Transfer Compliance with FDA 21 CFR Part 11

Ensure Regulatory Compliance and Maintain Data Privacy Controls

illustration of overview screen of thru file transfer portal

GxP refers to general “good practices” regarding quality guidelines and regulations, with the “x” standing for various fields or industries. Key functionality for creating, storing and managing GxP-regulated files includes

  • End-to-end encryption (E2EE) of data in transfer and at rest.
  • Granular audit trails for data transfer and configuration changes.
  • Strong controls for user and system authentication.
  • Simplified file transfer between external R&D teams.


Users of the system have unique credentials to access data. Administrators may configure Thru access via SSO using a SAML 2.0 identify provider (IdP). Additional layers of access may be added with multi-factor authentication (MFA).

Systems such as SFTP clients authenticate automatically, requiring a unique user authenticating with a password or SSH key.

illustration of person representing identification by has, knows, is

illustration of people, user accounts, roles and permissions for access

Role-Based User Access (RBAC)

Assign role-based access to each data repository or flow that assigns permissions to end-users based on their role within your ecosystem. RBAC provides granular control in simplified method adhering to the principle of least privilege (PoLP)—all of which contribute to a more robust and secure file transfer process.


Ensure files are encrypted in transit and at rest. Add an additional layer of protection by encrypting not only the transport channel and the storage vault but also the actual file itself using PGP encryption.

illustration of portion of Thru portal where encryption key is generated

GxP Audit-Readiness for Each Document

Time-Stamped Audit

Thru records real-time and historical data for all activity associated with a file transfer or a file stored as well as user configuration audit of the system.

illustration of screen of audit information in Thru's automated file transfer service

File Versioning

The timeline for data stored in Thru File Sharing system records who created a version, what time it was made, the size of the file and the file’s owner.

illustration of versioning view of Thru's File Sharing service

Thru GxP Compliance Policy »

World’s Leading Life Sciences Companies Trust Thru

Secure File Transfer Overview

There is more to security than compliance. Learn about other measures Thru takes to ensure security.


Have questions about security and compliance for file transfers?

Get answers, not a sales pitch. Since 2002, we have addressed and solved secure file transfer challenges.


Scroll to Top