FEDRAMP HIGH CERTIFICATION

The world’s easiest-to-use
XM platform, now ready for
the world’s toughest security requirements

Securing your data with FedRAMP High

FedRAMP, or Federal Risk and Authorization Management Program, is a government-wide initiative to assess, authorize, and monitor cloud software providers and protect the sensitive data housed in federal agencies. Established by the U.S. government, FedRAMP High aligns with 400+ critical security controls; empowering Qualtrics’ federal customers with confidence, compliance, and federal-grade protection.  

Man looking at his phone while walking in front of a government building

In the cloud, nothing matters more than the security of your data. For over a decade, Qualtrics has been the most secure platform for your experience management data. To continue that commitment, Qualtrics has received FedRAMP High authorization, the gold standard for security certifications and one of the most stringent non-military security programs. 

The U.S. Capitol

You can be confident your data is secure. In addition to FedRAMP High, Qualtrics has also achieved ISO 27001 certification and is GDPR compliant. As part of those programs, a Privacy Impact Assessment (PIA) has been performed and evaluated by an independent third-party assessor. In addition, the Qualtrics Data Protection Impact Assessment (DPIA) focuses on how we handle all collected data, including personal data.

People working together

The Qualtrics platform is packed with enterprise security features that make us the trusted platform for over 8,500 brands.


    • Email Security (SMTP Server Setup,

     DKIM)

  • Data encryption in transit

  • SOC 2 data center certification

  • Local and offsite data redundancy

  • 3rd-Party Scans

  • Continuous network monitoring

  • Control password parameters 

    and expirations

    • In-house 24/7 security 

    operations center

    • Active session management
    • Users can opt-out of re-contact

    for a survey

  • Industry-leading security evaluations

    • Role-based authentication
    • U.S., Canada, Asia-Pacific, 

    and EU data centers

    • Cyber Essentials Certified
    • Federal Government data and 

    processing done in GovCloud

    • Data isolation option for unique

     encryption keys

    • EU-US Privacy Shield Certified
    • Swiss-US Privacy Shield Certified
    • HITRUST self assessed
    • HIPAA Self Certified
    • Single Sign On (SSO)
    • SMS distribution capabilities

The FedRAMP cloud security authorization is based on a rigorous process and high standards to effectively manage risk. Modernizing government needs the scalability, agility, and security of cloud technologies, and FedRAMP is designed to accelerate the adoption of secure cloud and software-as-a-service solutions in the federal environment. I’m excited that Qualtrics has earned this FedRAMP authorization at a time when agencies are focusing on improving employee and customer experiences at scale.

NICK SINAI
Former U.S. Deputy CTO

Questions on FedRAMP High?
Contact our Federal team or your customer
success manager to find out more.