Drata

SafeBaseSTAR L1Verified May 2026
trust.drata.com
Trust Center
www.drata.com
Website

Drata Compliance & Certifications

SOC 2 Type IISOC 3ISO 27001ISO 27017ISO 27018ISO 42001HIPAAFedRAMPGDPRCCPACSA STARNIST

External Registries

CSA STAR RegistryLevel 1
CAIQListed Aug 2021

Frequently Asked Questions

Does Drata have SOC 2 Type II?

Yes. Drata holds SOC 2 Type II, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 42001, HIPAA, FedRAMP, GDPR, CCPA, CSA STAR, NIST certifications. You can view their trust center at trust.drata.com for full security and compliance documentation.

Where can I find Drata's security documentation?

Drata publishes their trust center on SafeBase at trust.drata.com. It includes security policies, compliance certifications (SOC 2 Type II, SOC 3, ISO 27001, ISO 27017, ISO 27018, ISO 42001, HIPAA, FedRAMP, GDPR, CCPA, CSA STAR, NIST), and other documentation.

Does Drata have ISO 27001 certification?

Yes, Drata is ISO 27001 certified. This international standard confirms they have implemented a comprehensive information security management system (ISMS).

Is Drata HIPAA compliant?

Yes, Drata is HIPAA compliant and can support healthcare organizations that handle protected health information (PHI).

More on SafeBase

1043 companies use SafeBase on TrustLists
1PasswordPostmanVercelCheckr15Five23andme4me4wall