MDRC Achieves FedRAMP Authorization from the Federal Government
In early October, MDRC achieved FedRAMP authorization, at the moderate impact level, for its SPROUT (Social Policy Research Optimization/Utilization Technology) cloud service offering. The U.S. Department of Health and Human Services (HHS) is serving as MDRC’s initial authorizing agency.
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that resides within the General Services Administration (GSA). FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The program’s “do once, use many” approach promotes reuse of security assessments to save federal agencies time and resources.
“MDRC is pleased to have qualified for the rigorous FedRAMP authorization,” said Virginia Knox, President of MDRC. “For more than 45 years, we have taken our obligation to protect the security of the data we access, hold, and analyze very seriously, and FedRAMP authorization is a validation of our continuing commitment.”
FedRAMP authorization allows a federal contractor like MDRC to accept, hold, share, and use data in a secure environment and use the tools that come with the MDRC FedRAMP space. These tools include a configurable management information system for simple or multi-layered data collection and a data science lab with the most-used data science software, like artificial intelligence and machine learning, as well as virtual data rooms.
In addition to using SPROUT for its own projects, MDRC intends to offer its cloud services to researchers that need FedRAMP moderate authorization in their work with HHS. The cloud services will be available to collaborators, including small businesses and nonprofit organizations. Users of the MDRC cloud service will have their own federated and segregated cloud and access to data collection, management information systems, a data science lab, and other facilities.