An Imaging Company for Ophthalmic Clinical Trials
innovation variation2.jpg

Quality Assurance

Quality Assurance

EyeKor is an industry leader in understanding regulatory requirements for ophthalmic imaging studies. EyeKor has successfully managed the reads of clinical trial data for FDA-approved ophthalmic drugs and medical devices.

Quality Policy

EyeKor, Inc. strives to provide safe, reliable, efficient, high quality data analysis and management for clinical trials through software and technology innovations to the medical device, ophthalmic diagnostics, and therapeutics industries. We are committed to consistently meeting all applicable regulatory requirements as a software (medical device) company, by maintaining and improving an effective and efficient quality management system and associated quality objectives.

EXCELSIOR™ is 510(k) cleared medical device

EXCELSIOR™ is the only cloud-based software platform cleared with FDA as a Class II medical device (K#130453), with specific indication for managing ophthalmic clinical trial data. Consequently, EyeKor is organized as a medical device manufacturer, following cGMP.

21 CFR Part 11 Electronic Records; Electronic Signatures

EyeKor’s flagship software, EXCELSIOR™, is a fully integrated platform that meets all regulatory requirements for 21 Part 11 Electronic Records. There is a full audit trail that is provided in a human readable format to track each action taken in the data management process, including user access, upload of images, review of images in the quality control step, and each grading step. EXCELSIOR™ users are required to sign off on each step in the workflow for a two-point authentication per the regulatory requirements defined in 21 CFR Part 11. To read more about the controls in place within EXCELSIOR™ to meet 21 CFR Part 11 requirements, see our white paper.

Regulatory Compliance

EyeKor meets the required regulatory requirements of a medical device company. In addition, the Quality Management System is structured to support ongoing clinical and preclinical study activities, including electronic records, internal audits, vendor and contractor assessments and qualifications, archival of data, validation of computerized systems, software development life cycle procedures, and business continuity and disaster recovery. To ensure ongoing regulatory compliance, EyeKor supports a full suite of Standard Operating Procedures, Standard Evaluation Procedures and Policies.

Quality Management System

EyeKor’s Quality Management System (QMS) has been designed to provide the structure and controls required for EXCELSIOR™ as a medical device, and to support the clinical and preclinical study execution and ensure that our processes meet industry standards.  Our QMS includes technical and procedural controls that reflect 21 CFR Part 820 Quality System Regulation, ICH E6 (R2) and GxP industry standards.

Quality Control

Our streamlined quality control process integrates critical data management and statistical analysis components throughout the trial.  We deliver complete transparency by giving sponsors the ability to confirm that all data has been properly handled before final assessment, helping protect against multiple re-reads that will negatively impact FDA approval. We ensure that results can be effectively used for regulatory submission and provide extensive digital audit trails every step of the way. 

Imaging Charter Development

Prepared by your trial's project manager, lead medical advisors and independent reading centers, imaging charters are documented to cover requirements for image submissions, anonymizing data (as required), quality assessments, independent review, and response criteria to support the imaging protocol.

Internal and Sponsor Audits

We regularly perform internal audits to ensure study data quality and compliance to EyeKor's Quality Systems requirements and industry regulations. In addition, EyeKor team routinely host sponsor audit activities, and support inspections conducted by regulatory agencies. Our Quality Assurance and Regulatory Affairs (QA/RA) team works with you to ensure success in meeting a regulatory requests and/or on-site inspection requirements, including participating in any sponsor-run mock inspections.  

Consulting Services

We work closely with sponsors to determine the most effective way to meet agency requirements with services that encompass all regulatory aspects of trial design, execution, and compliance. EyeKor can provide in-depth imaging experience when participating in special protocol assessment (SPA) meetings with the FDA.


The General Data Protection Regulation (GDPR) is the biggest change in data protection laws for 20 years. Effective May 25th, 2018, it intends to give European citizens back control over their personal data. Its impact won’t just be felt in Europe though, as this regulation affects any organization worldwide that collects data on EU citizens.

The GDPR not only applies to organizations located within the EU but it will also apply to organizations located outside of the EU if they offer services to, or monitor the behavior of, EU data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

The GDPR imposes rules on companies, government agencies, non-profits, and other organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents. The GDPR applies no matter where you are located.

EyeKor has taken the appropriate steps to become a GDPR compliant organization. The use of EXCELSIOR™ ensures that the data hosting and analysis at a reading center remains GDPR compliant. This means that EyeKor verifies that the EXCELSIOR™ platform and EyeKor internal framework ensures EU individual rights. Additionally, EyeKor has the organizational measures in place to maintain GDPR compliant.


Individual Consent and Rights

  • Stricter conditions for consent

  • Right to rectification

  • Right to erasure, right to be forgotten

  • Right to data portability

  • Right to object and automated individual decision making

Organizational Measures

  • Data Protection Impact Assessment (DPIA)

  • Inventory of all personal data

  • Data protection by design and default

  • Framework for GDPR Compliance

Privacy Shield

EyeKor complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. EyeKor has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov/

If you would like to view a PDF copy of our policy, you can download it here.