Dassault Systemes

Leading With Trust and Transparency

Medidata’s Unified Protection Strategy

Medidata’s Unified Protection Strategy encompasses our secure, stable, and scalable cloud platform, robust data governance processes, and an inspection-ready quality management system – all critical enablers to successful clinical trial execution. Our Information Security, Privacy, and Quality Management teams  work in unison to safeguard your data and provide solutions that ensure your regulatory compliance.

The foundational element of the Unified Protection Strategy is transparency in our business processes. From numerous third-party attestations and certifications that assess and validate our systems to comprehensive insights into our software development life cycle, the business transparency that Medidata provides has been earning your trust for more than 20 years.

The Unified Protection Strategy

Quality Management Privacy Information Security

A Trusted Advisor and Compliance Champion

Medidata’s Quality Management experts are trusted advisors to the life sciences industry. We provide insights into existing and potential regulatory policy, influence regulatory strategy in conjunction with governing bodies, and advocate for our customers. Additionally, we maintain a robust and inspection-ready Quality Management System inclusive of policies and procedures to ensure that our products and services are developed, implemented, and maintained in a manner that exceeds your expectations and assures compliance with regulatory requirements.

Medidata’s Position: Guideline for Computerised Systems and Electronic Data in Clinical Trials

Safeguarding Your Data

Your data privacy is safeguarded through Medidata’s integrated data governance program designed to ensure oversight and accountability. Medidata aligns with all regulatory data standards and adapts in real-time to ensure your compliance. Our commitment to data privacy shows –  Medidata was one of the first life sciences companies to achieve ISO 27018 certification for protecting Personally Identifiable Information (PII) in the cloud.

Providing a Stable and Secure Platform

With 99.9% uptime, Medidata’s unified platform provides unmatched stability. Scalable to our clients’ needs, Medidata’s Information Security Program uses the principle of “Security by Design.” Security protocols are built in at the design phase and are the foundation of our industry-leading unified platform that supports your end-to-end clinical development. By using the most advanced technologies and techniques, we protect your data against the newest threats in the cyberworld of increasing risk.

Our Accreditations and Certifications

Accreditations & Certifications

Accreditations & Certifications

The Medidata Platform, Medidata’s unified platform, is built to protect your data’s privacy, security, and quality. These critical elements are built in at the design phase of our technology. This validated core is certified by multiple independent authorities to reinforce this commitment. 

Medidata’s robust accreditation and certification portfolio defines our industry’s gold standards around information security, patient data privacy, and quality management.

Data Privacy

Data Privacy

In addition to our robust GDPR compliance program, Medidata achieved one of the first independent ISO certifications for Privacy and for Service Organization Control 2 (SOC2) over Privacy. 

Privacy protection is built into the entire service lifecycle at Medidata. From our GDPR-ready Data Processing Exhibit and integrated Privacy-by-Design to our industry-leading Data Governance program, Medidata is committed to accountability for how we steward your sensitive clinical trial data anywhere on our platform.

Data Processing Exhibit
DPE and SCC Information Sheet
SCC Transfer Impact Whitepaper
Subprocessors List
ISO 27018:2019 Statement of Conformity
Quality Management

Quality Management

The Quality Management team provides you with visibility into our robust governance, risk, and compliance environment. In addition to our various security and privacy-related accreditations and certifications, Medidata publishes a voluntary Service Organization Control report (SOC2+), conducted biannually by PricewaterhouseCoopers. This critical report covers the following areas:

  • Medidata’s Quality Management System
  • Security (e.g., physical, logical)
  • IT Hosting operations (e.g., system monitoring, disaster recovery)
  • Software Development Life Cycle
  • Data Integrity (e.g., Electronic Record/Electronic Signatures)
SOC2+
SOC2+ Report Topic Guide
Information Security

Information Security

Data security at Medidata is the highest priority. We lead the industry in security and compliance using state-of-the-art technology and techniques, coupled with a strategy that supports our scalable, secure and stable environment, Medidata holds over twelve security certifications, six agency certifications, and built on four highly valued frameworks. We continuously improve our security capabilities and educate our workforce with the latest techniques to protect all of your clinical study data.

Information Security Whitepaper (EN)
Information Security Whitepaper (JP)
Information Security Program Fact Sheet
ISO 27001:2013 Certificate
ISO 27017:2015 Statement of Conformity
ISO 27018:2019 Statement of Conformity
ISO 27701:2019 Certificate
Penetration Test Results
Vulnerability Scan Summaries
Statement on Security Incidents at Study Sites
Dassault Systémes Responsible Disclosure ProgramUpdated Statement on Ukrainian-Russian Conflict

When it comes to meeting strict industry guidelines,
Medidata has done the work.

Our Regulatory Compliance website contains documented position statements for Medidata customers, outlining how Medidata achieves compliance with key regulations such as ICH E6 (R2), 21 CFR Part 11, EU GMP Annex 11, the Ministry of Health, Labour and Welfare (MHLW) of Japan, and the National Medical Product Administration of China (NMPA).

Login Now
Contact Sales