Medidata Security and Certifications

Medidata takes the trust placed on us by our customers and their patients as a serious responsiblity, and crucial to our success in the marketplace.  Our controls to protect the confidentiality, integrity and availablity of clincial trial data as well as other sensitive information are "state of the art"; subject to continous review and improvement. 

In order to ensure that our customers have understanding of these controls, Medidata provides a wide range of information regarding its hosted IT environment to customers through a variety of white papers, reports, certifications and third-party attestations. This information assists customers in understanding the controls in place relevant to the Medidata products and services they use and how independent auditors validate those controls. This information also assists customers in their efforts to account for and to validate that controls are operating effectively in their extended IT environment.


Security White Paper

ISO 27001:2013

Security Posture

Medidata Service Organization Control documents are controlled documents and are provided to our customers for the purpose of demonstrating control over our environment.  The organization accessing this document agrees to limit distribution to within the organization, affiliates and audit organizations. One (1) copy of this document may be retained so long as access is restricted.

SOC Reports, Penetration Tests and Vulnerability Scans - Medidata Customers ONLY

For questions related to these documents, please contact Medidata at

Medidata's GDPR Data Processing Exhibit and Standard Contractual Clauses - Medidata Customers ONLY

For questions related to these documents, please contact your Account Manager or Medidata at