Quality, Information Security and Gender Equality Policy

Regulatory Pharma Net (RPN) was founded in 1999 with the mission of providing high-quality services to the pharmaceutical and medtech industries. As a trusted partner to many pharmaceutical companies, RPN manages numerous multi-task projects, offering regulatory, strategic, and operational support, assisting in the development, registration, launch, and lifecycle management of medicinal products, medical devices, food supplements, and cosmetics.

RPN is committed to achieving the highest standards of quality in the services provided, promoting gender equality and ensuring data protection and information security. RPN also established a People, Organization and Finance Committee that, among other responsibilities, oversees the implementation of this Policy and ensures compliance with quality, information security and gender equality principles.

RPN has attained the following certifications to reinforce this commitment:

  1. ISO 9001
  2. ISO 27001
  3. PdR 125

ISO 9001 – Quality Management System (QMS) – Initial acquisition date: February 21, 2013

RPN has implemented comprehensive systems and procedures aimed at achieving total customer satisfaction and continuous improvement across all areas of the business. RPN commitment includes:

  • Regular gathering and monitoring of customer feedback
  • A structured customer complaints procedure
  • Evaluation and monitoring of suppliers’ performance based on predefined criteria
  • Ongoing employee training and development
  • Routine internal process audits
  • Establishment of measurable quality objectives aligned with business goals
  • Management reviews of audits, customer feedback, and complaints
  • Continuous monitoring and improvement of processes to enhance efficiency and effectiveness, using key performance indicators
  • Expansion of market share
  • Ensuring services are consistently updated to meet client needs
  • Full compliance with client requirements (expressed, implied, and mandatory)

RPN has a process dedicated to regularly reviewing internal procedures to ensure they remain updated and effective for organizational goals. RPN commitment includes:

  • Providing the necessary resources and tools to ensure compliance with the Policy
  • Operating with a focus on good professional practices to guarantee precise, reliable, and timely service
  • Periodic review of the Policy’s implementation and reassessment for continuous improvement of the Quality Management System
  1. ISO 27001 – Information Security Management System (ISMS) – Initial acquisition date: July 6, 2021

RPN has adopted a robust Information Security Management System (ISMS) aligned with international best practices to safeguard company’s information assets and enhance client trust. The ISMS is monitored, maintained, improved and documented consistently for the purpose of the company objectives. RPN commitment includes:

  • Information security management through risk assessments, applying recognized international standards
  • Identification of personnel responsible for the implementation of compliance controls
  • Clearly defined roles and responsibilities for ISMS surveillance
  • Continuous staff awareness and training on information security
  • Continuous monitoring and assessment of ISMS effectiveness, using key performance indicators
  • Appropriate updates are made to the operating procedures and company information systems in order to comply with current legislation

RPN utilizes secure, high-quality IT systems, and regularly updates both hardware and software to maintain confidentiality and minimize risks. All internal and external communications are protected using encryption methods to ensure data security, confidentiality, integrity and availability. RPN complies with relevant data protection regulations, including Regulation 2016/679 (GDPR), and regularly updates procedures and systems to ensure their compliance.

RPN’s commitment to fostering a information security-conscious culture is reflected in leadership’s dedication to providing the resources necessary to implement an effective and efficient ISMS. The risk management processes ensure continuous monitoring of information security and the mitigation of risks.

  1. PdR 125 – Gender Equality – Initial acquisition date: July 17, 2024

RPN is committed to promoting a workplace that fosters openness, respect, and collaboration, aiming to support employees’ professional growth and inclusivity. The company has appointed a Diversity Manager and set clear objectives to promote gender equality and diversity. RPN commitment includes:

  • Ensuring equity, inclusion, and non-discrimination within the organization
  • Promoting the value of diversity and offering opportunities for professional growth
  • Developing an inclusive culture through training programs that address stereotypes and highlight the value of diversity
  • Enhancing employee well-being through welfare services

In the event of reported policy violations (received via the dedicated email “hr@rpngroup.com” or through an anonymous or non-anonymous form), the Diversity Manager promptly requests a meeting with the People, Organization and Finance Committee to discuss the issues raised and potential corrective actions. Every report received will be analyzed confidentially and without any form of retaliation.

Conclusion

Through the certifications and this Policy, RPN is committed to maintaining the highest quality standards, securing sensitive information, and fostering an inclusive workplace. RPN strives for continuous improvement in every aspect of operations and remains committed to delivering the best possible service to clients while upholding core values. RPN continuously reviews and update this Policy to ensure it reflects the evolving needs of the company and its employees. To achieve the objectives outlined in this Policy, RPN promotes active participation from both external (clients, regulatory bodies, etc.) and internal (company personnel) stakeholders, ensuring diffusion and understanding through specific documentation and/or trainings.