Skip to main content
Skip table of contents

GxP Compliance Policy


At Thru, we are committed to ensuring our Managed File Transfer (MFT) solutions meet the stringent requirements of Good Practice (GxP) regulations, including Good Manufacturing Practice (GMP), Good Clinical Practice (GCP), and Good Laboratory Practice (GLP).

As a trusted partner to regulated industries, we maintain a robust quality management system and implement comprehensive measures to ensure data integrity, system validation, and regulatory compliance throughout our product lifecycle.

Data Integrity and Security

Our MFT solution employs industry-leading security controls, including encryption, access controls, and audit trails, to safeguard the confidentiality, integrity, and availability of GxP data during transfer and storage.

System Validation

We follow a rigorous validation process, including Installation Qualification (IQ), Operational Qualification (OQ), and Performance Qualification (PQ), to ensure our MFT solution operates as intended.

Change Control and Configuration Management

All changes to our MFT solution, including software updates and configuration changes, undergo strict change control processes to ensure traceability, risk assessment, and regulatory compliance.

Supplier and Subcontractor Management

We maintain a comprehensive supplier and subcontractor evaluation and qualification program to ensure the quality and compliance of all products and services integrated into our MFT solution.

Proactive & Continuous Testing

Thru employs frequent penetration tests across environments to validate security posture, audit configurations, and identify risks. Daily automated scans run by internal teams cover external-facing assets to detect network and application changes that expand attack surfaces and vulnerabilities. We complement regular static and dynamic analyses with annual assessments from accredited third-party agencies.

Incident Management and Corrective/Preventive Actions

We maintain robust incident management processes, including root cause analysis and corrective/preventive action plans, to address any deviations, non-conformances, or potential quality issues proactively.


We continuously review and update this policy to ensure ongoing compliance with evolving GxP regulations and industry best practices.

For any GxP compliance-related inquiries or concerns, please contact our Security Operations team at

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.