Leading With Trust and Transparency
Medidata’s Unified Protection Strategy
Medidata’s Unified Protection Strategy encompasses our secure, stable, and scalable cloud platform, robust data governance processes, and an inspection-ready quality management system – all critical enablers to successful clinical trial execution. Our Information Security, Privacy, and Quality Management teams work in unison to safeguard your data and provide solutions that ensure your regulatory compliance.
The foundational element of the Unified Protection Strategy is transparency in our business processes. From numerous third-party attestations and certifications that assess and validate our systems to comprehensive insights into our software development life cycle, the business transparency that Medidata provides has been earning your trust for more than 20 years.
The Unified Protection Strategy
Safeguarding Your Data
Your data privacy is guaranteed through Medidata’s integrated data governance program designed to ensure oversight and accountability. Medidata aligns with all regulatory data standards and adapts in real-time to ensure your compliance. Our commitment to data privacy shows – Medidata was one of the first life sciences companies to achieve ISO 27018 certification for protecting Personally Identifiable Information (PII) in the cloud.
A Trusted Advisor and Compliance Champion
Medidata’s Quality Management experts are trusted advisors to the life sciences industry. We provide insights into existing and potential regulatory policy, influence regulatory strategy in conjunction with governing bodies, and advocate for our customers. Additionally, we maintain a robust and inspection-ready Quality Management System inclusive of policies and procedures to ensure that our products and services are developed, implemented, and maintained in a manner that exceeds your expectations and assures compliance with regulatory requirements.
Providing a Stable and Secure Platform
With 99.9% uptime, Medidata’s unified platform provides unmatched stability. Scalable to our clients’ needs, Medidata’s Information Security Program uses the principle of “Security by Design.” Security protocols are built in at the design phase and are the foundation of our industry-leading unified platform that supports your end-to-end clinical development. By using the most advanced technologies and techniques, we protect your data against the newest threats in the cyberworld of increasing risk.
Our Accreditations and Certifications
Accreditations & Certifications
The Medidata Clinical Cloud®, Medidata’s unified platform, is built to protect your data’s privacy, security, and quality. These critical elements are built in at the design phase of our technology. This validated core is certified by multiple independent authorities to reinforce this commitment.
Medidata’s robust accreditation and certification portfolio defines our industry’s gold standards around information security, patient data privacy, and quality management.
In addition to our robust GDPR compliance program, Medidata achieved one of the first independent ISO certifications for Privacy and for Service Organization Control 2 (SOC2) over Privacy.
Privacy protection is built into the entire service lifecycle at Medidata. From our GDPR-ready Data Processing Exhibit and integrated Privacy-by-Design to our industry-leading Data Governance program, Medidata is committed to accountability for how we steward your sensitive clinical trial data anywhere on our platform.
The Quality Management team provides you with visibility into our robust governance, risk, and compliance environment. In addition to our various security and privacy-related accreditations and certifications, Medidata publishes a voluntary Service Organization Control report (SOC2+), conducted biannually by PricewaterhouseCoopers. This critical report covers the following areas:
- Medidata’s Quality Management System
- Security (e.g., physical, logical)
- IT Hosting operations (e.g., system monitoring, disaster recovery)
- Software Development Life Cycle
- Data Integrity (e.g., Electronic Record/Electronic Signatures)
Data security at Medidata is the highest priority. We lead the industry in security and compliance using state-of-the-art technology and techniques, coupled with a strategy that supports our scalable, secure and stable environment, Medidata holds over twelve security certifications, six agency certifications, and built on four highly valued frameworks. We continuously improve our security capabilities and educate our workforce with the latest techniques to protect all of your clinical study data.
When it comes to meeting strict industry guidelines,
Medidata has done the work.
Our Regulatory Compliance website contains documented position statements for Medidata customers, outlining how Medidata achieves compliance with key regulations such as ICH E6 (R2), 21 CFR Part 11, EU GMP Annex 11, the Ministry of Health, Labour and Welfare (MHLW) of Japan, and the National Medical Product Administration of China (NMPA).