Sign In
Pharma · GxP · MDR

Validated world.Secure communication.GxP-fit.

SecureMail and SecureFiles for pharma, MedTech and life sciences with GxP, MDR and 21 CFR Part 11 context. Audit trail, retention, EU hosting. As of 2026.

Request a demoSecureMail in detail
At a glanceAs of 2026

Audit trail and retention as defaults.

  • Study files via FTP or USBSecureFiles with audit trail per access
  • Validation burden on mail toolsValidation templates prepared
  • MDR supply chain without a mail layerMailGuard at the supplier inbox
SecureMail for validated correspondence, SecureFiles for study and case bundles. Audit trail with 21 CFR Part 11 characteristics, retention configurable per study, EU hosting on ISO-27001 infrastructure.
Right for you if:Pharma, MedTech, life sciencesGxP environmentMDR supply chain
100 %
EU hosting
Audit trail
per access
GxP
capable
30 min.
Setup per tenant

Compliance anchors

GxP (GMP, GDP, GCP)EU-GMP Annex 11FDA 21 CFR Part 11MDR / IVDR supply chain

Conbool supports GxP and MDR requirements at the mail and data layer. Computer System Validation (CSV) remains the responsibility of the pharma or MedTech company; Conbool ships validation templates and an audit trail.

Four building blocks for life sciences.

SecureMail for validated correspondence, SecureFiles for study bundles, MailGuard against supplier phishing, Disclaimer for required disclosures.

SecureMail

SecureMail

Validated correspondence to authorities, auditors and study partners with S/MIME or web reader.

SecureMail in detail
SecureFiles

SecureFiles

Study, file and audit bundles as a direct line with retention per study.

SecureFiles in detail
MailGuard

MailGuard

BEC, supplier phishing and attachment protection for research and production inboxes.

MailGuard in detail
Disclaimer

Disclaimer

Per-brand and per-site disclosures, server-side.

Disclaimer in detail
Typical workflows

Four scenarios from life sciences.

From the study to the FDA inspector.

1

Send study files to CROs

Study bundles as a direct line via SecureFiles, with audit trail per access and retention per study.

2

Encrypted authority correspondence

Encrypted mail to EMA, BfArM or FDA with audit log and delivery receipts.

3

Protect the MDR supply chain

Forged supplier domains trying to change UDI or PMS data are blocked by MailGuard at the authentication layer.

4

Validation mapping

Validation templates for CSV per GAMP 5 prepared, audit trail auditable.

Architecture

Conbool as a validation-fit layer.

Conbool sits in front of Microsoft 365. Pharma and MedTech specialised systems remain unchanged.

MX switch

Inbound SMTP runs through Conbool, M365 stays the back-end.

CSV layer

Conbool ships validation templates for CSV per GAMP 5.

Audit trail

Audit trail per access with 21 CFR Part 11 characteristics.

SIEM hook

Audit log via standard connector to the pharma SIEM.

Compliance mapping

GxP, MDR and 21 CFR Part 11 in technical terms.

GxP and FDA requirements formulate duties around data integrity and traceability. Conbool covers measures at the mail and data layer.

Data integrity

Audit trail with timestamp and identity per action.

Retention

Retention windows configurable per study or product.

Electronic signatures

Hook for electronic signatures via S/MIME with 21 CFR Part 11 characteristics.

MDR supply chain

MailGuard protects UDI and PMS correspondence from manipulation in the supply chain.

Migration

Pilot in one study, then group rollout.

Pilot in one study or subsidiary, then group rollout via the Microsoft admin centre. CSV alongside.

Pilot

One study or subsidiary starts, the rest stays unchanged.

CSV alongside

Validation templates and IQ/OQ/PQ templates accompany the rollout.

Group rollout

Outlook add-in for all office staff via the admin centre.

Legacy sunset

Existing SEG or filter solution runs in parallel and is replaced step by step.

Frequently asked questions

How does Conbool fit GxP?
Conbool supports GxP requirements at the mail and data layer, in particular around data integrity, audit trail and retention. CSV remains the responsibility of the pharma or MedTech company; Conbool ships validation templates and IQ/OQ/PQ templates.
What about 21 CFR Part 11?
21 CFR Part 11 requires audit trail, electronic signatures and data integrity. Conbool ships an audit trail per access and can support electronic signatures via S/MIME. Final compliance assessment is made by the company with its validation partner.
How does this fit EU-GMP Annex 11?
Annex 11 requires validation of computerised systems. Conbool provides validation templates and an audit trail that can flow into a GAMP-5-aligned CSV.
What about MDR and supply chain?
MDR and IVDR require diligence along the supply chain including post-market surveillance. Conbool MailGuard protects UDI and PMS correspondence at the authentication layer, SecureFiles ships an audit trail per handover.
What does Conbool cost for pharma and MedTech?
Modular per function and per mailbox. Group volume discounts. Concrete pricing on request.
Can we work study-separated?
Yes. Conbool supports multi-tenant setups or one central tenant with separate retention policies per study.
What is the FDA inspector view?
Audit trail with 21 CFR Part 11 characteristics, retention per study and audit log per GDPR Art. 30 are prepared as evidence. Final inspection is carried out by the sponsor.

Verwandte Lösungen

SEPPmail-Alternative

SaaS-SecureMail aus der EU, ohne Appliance-Pflege.

NIS-2 E-Mail-Verschlüsselung

S/MIME, PGP und Domain-Verschlüsselung nach NIS-2 angemessen.

NIS-2 E-Mail-Sicherheit

NIS-2-konforme E-Mail-Sicherheit mit Audit-Trail.

PDF-Verschlüsselung

Sensible PDFs verschlüsselt versenden, ohne Empfänger-Konto.

Secure Message Portal

Empfänger-Web-Reader für Schlüssel-lose Empfänger.

Verwandte Branchen

Conbool ist in benachbarten Branchen mit ähnlichem Compliance-Profil im Einsatz.

Krankenhaus & Klinik

Anwender-Seite: klinische Studien, Investigator-Sites und EU-MDR-Kommunikation.

Arztpraxis & MVZ

Niedergelassener Anwender mit gleichem § 203 StGB-Rahmen und Studien-Anbindung.

Automotive & Zulieferer

Industrie-Compliance-Schwester mit ISO-Audits und VDA-ähnlichen Lieferanten-Prozessen.

A GxP-fit stack for life sciences.

Demo in 30 minutes. Pilot in one study. CSV templates included.

Request a demoSecureMail in detail

Sources and date

Statements about GxP are based on the GMP, GDP and GCP guidelines in their respective version. Statements about EU-GMP Annex 11 are based on the EU Guide to Good Manufacturing Practice. Statements about 21 CFR Part 11 are based on the respective version of the FDA regulation. Statements about MDR are based on Regulation (EU) 2017/745. Statements about GDPR are based on Regulation (EU) 2016/679. As of 2026.

FDA is a designation of the US Food and Drug Administration. EMA and BfArM are designations of the respective authorities. GAMP 5 is a publication of ISPE. Microsoft, Microsoft 365 and Outlook are trademarks of Microsoft Corporation. Conbool is a trademark of Conbool GmbH.