We go beyond industry standards.

Medidata places privacy, security and regulatory at the center of our data process and ensures the safety of patients and consumer information is safe.

We built our business on safeguarding patient data.


We invest in the most sophisticated and infrastructure that produces a scalable, global and secure environment for customers and patients.


We employ a variety of approaches, including NIST 800 and CobIT™ security models, to secure our client’s systems, which is at the highest level of importance to us.


We create meaningful customer interactions through the application of a risk-based approach to continuously improve the quality within the global regulatory landscape and we have FedRamp Approval To Operate (ATO) with several government agencies.

Medidata Maintains A Comprehensive Set Of Certifications And Attestations To Validate Our #1 Value of Trust



We at Medidata take a stewardship of patient data very seriously. In addition to our robust GDPR compliance program and Privacy Shield certification, we have independent certifications for data security and privacy, including ISO 27001:2013, SOC1, SOC2, and FISMA. We focus on the most stringent standards in the market, not just reaching the minimum requirements by law. Our data security controls routinely pass third-party penetration testing and we are constantly enhancing our platform's security posture to meet evolving threats.
Compliance - Trust.


When it comes to meeting strict industry guidelines, Medidata has done the work. ISO 27001 is a widely-adopted global security standard outlining the requirements for information security management systems and provides a systematic approach to managing company and customer information based on periodic risk assessments. We also verified the effectiveness of our controls by maintaining multiple certifications, including FISMA, SOC-1, SOC-2.


Security at Medidata is the highest priority. We lead the industry in security and compliance; using state of the art technology and techniques, coupled with a strategy that supports our scalable, secure and stable environment. Customers can be confident knowing we hold over 12 security certifications, 6 agency certifications, and built on 4 highly valued frameworks. We are always improving our security capabilities and educating our workforce with the latest techniques focused on protecting customer data.


Medidata is all-inclusive quality management system responsible for policies and procedures, exception management, and compliance oversight. Our Service Organization Control documents are controlled documents and are provided to our customers for the purpose of demonstrating control over our environment. If any organization is interested in accessing this document has agreed to limit distribution to within the organization, affiliates and audit organizations. One (1) copy of this document may be retained so long as access is restricted. Information below is for Medidata Customers Only.