// Trust & Security Report
NVIDIA Corporation
NVIDIA Clara is NVIDIA's healthcare and life sciences AI platform umbrella, spanning open-source SDKs and NIM microservices: BioNeMo (drug discovery / biofoundation models), Nemotron (digital health foundation models and agents), Isaac for Healthcare (hospital robotics and simulation), MONAI (open-source medical imaging framework, PyTorch-based), Holoscan SDK (real-time sensor/edge AI runtime), and Clara Parabricks (genomics acceleration). Most sub-products are self-hosted developer SDKs/frameworks rather than a single hosted SaaS.
Certifications held
7
Maturity
Enterprise
Trains on your data
No
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on nvidia.com“SOC reports and certification are the output of an annual third-party external audit of security controls, following the Statement on Standards for Attestation (SSAE 18) requirements set out by the American Institute of Certified Public Accountants (AICPA).”
Verify on nvidia.com“ISO 27001 is the international standard for information security management systems (ISMS) that provides a framework for organizations to establish, implement, maintain, and continually improve information security controls.”
Verify on nvidia.com“ISO 27017 - international standard for cloud security controls, providing frameworks for cloud-specific security requirements and shared responsibilities.”
Verify on nvidia.com“ISO 27018 - international standard for the protection of personally identifiable information (PII) in public cloud environments.”
Verify on nvidia.com“ISO 27701 - international standard for privacy information management systems (PIMS), enabling organizations to manage PII protection effectively.”
Verify on nvidia.com“Transfer of Personal Data...will be subject to the standard contractual clauses...pursuant to Regulation (EU) 2016/679; references to 'GDPR' in the SCCs will be understood as references to Data Protection Laws of Switzerland.”
Verify on nvidia.com“TISAX - automotive industry-specific standard for assessing and exchanging information security results.”
> Show 5 unconfirmed / not-held certifications
source: nvidia.comNo public evidence of ISO/IEC 42001 (AI Management System) certification found on NVIDIA's AI Trust Center or Security & Compliance pages, and no independent confirmation found via search.
source: nvidia.comNVIDIA lists CAIQ ('measures a cloud provider's compliance with the Cloud Security Alliance's Cloud Controls Matrix') which supports CSA STAR Level 1 self-assessment, but no evidence of a CSA STAR Level 2/3 attestation or certification was found.
source: nvidia.comNo HIPAA certification, BAA offering, or HIPAA-specific language appears on NVIDIA's AI Trust Center, Security & Compliance page, or corporate Privacy Policy. (Third-party/marketing sources describe individual components like Clara Guardian as running on 'HIPAA-compliant' infrastructure, but this could not be confirmed with a direct quote on an NVIDIA-owned page.)
source: nvidia.comNVIDIA AI Enterprise Government Ready software is designed to meet the applicable SDLC controls for FedRAMP High, FISMA High and equivalent sovereign environments. (This describes design/readiness, not an actual FedRAMP authorization or ATO.)
source: nvidia.comNo public evidence of PCI DSS certification found on NVIDIA's AI Trust Center or Security & Compliance page.
// Privacy & AI training
Trains on customer data
No
Data processing agreement
Offered
Data region
NVIDIA's cloud services are primarily US-hosted with data transferred internationally under Standard Contractual Clauses and the EU-U.S./Swiss-U.S./UK Data Privacy Framework; self-hosted Clara SDKs (MONAI, Holoscan) run entirely within the customer's own infrastructure, so data residency is customer-controlled in that deployment mode.
For NVIDIA NIM microservices (used by Clara components such as BioNeMo and Nemotron), NVIDIA states on the product page: 'Ensure your data isn't used for model training' for DGX Cloud-hosted API endpoints, and 'Ensure data never leaves your secure enclave' for self-hosted NIM deployments. Separately, NVIDIA's corporate privacy policy notes AV/AI research data collected from public spaces is 'used exclusively for the purposes of AV and AI projects and is not used or connected to personal data for our other products and services' -- this refers to NVIDIA's own autonomous-vehicle research data, not customer-uploaded Clara data. No explicit Clara-specific training statement was found; grading is based on the NIM microservices product page since most Clara AI products (BioNeMo, Nemotron) are delivered via NIM.
// Security controls
Encryption / Confidential Computing
NVIDIA H100/Hopper-based confidential computing provides a hardware-based trusted execution environment (TEE) to protect code, data, models, and inference prompts during processing.
nvidia.comDeployment model
Self-hosted (customer infrastructure/on-prem) for most Clara SDKs (MONAI, Holoscan SDK, Isaac for Healthcare), or via NVIDIA-hosted NIM microservices / DGX Cloud API endpoints for BioNeMo and Nemotron.
nvidia.comThird-party audit cadence
Annual third-party external SOC 2 audit under SSAE 18/AICPA Trust Services Criteria.
nvidia.comSub-processors
NVIDIA Cloud Services DPA lists sub-processors including AWS, Google Cloud Platform, Microsoft Azure, and Oracle Cloud Infrastructure.
nvidia.com// Products & data scope
data: Runs on customer-provided imaging data, self-hosted; PyTorch-based, no NVIDIA-hosted data collection by default.
Open source (Apache-licensed), 8M+ downloads, 4,000+ projects, no vendor lock-in for data.
data: Models, libraries, datasets and NIM microservices; can be run self-hosted or via NVIDIA-hosted NIM endpoints.
Use cases: biofoundation model building, molecular design, virtual screening, protein structure prediction.
data: Open-weight models for ambient healthcare agents and clinical research agents; deployable self-hosted or via NIM.
Open models with open weights and training data/recipes published.
data: Synthetic data generation and sensor simulation (no real patient data required); customer-controlled deployment on edge robotic systems.
Use cases: hospital automation, teleoperation, autonomous ultrasound, surgical autonomy.
data: Processes high-bandwidth multimodal sensor data at the edge, self-hosted on customer/hospital hardware.
Runtime for physical AI and sensor processing; C++/Python/GXF/TensorRT stack.
// What to watch
- SCOPE AMBIGUITY: All certifications (SOC 2, ISO 27001, ISO 27017/27018/27701, TISAX) are published at the NVIDIA CORPORATE level on the general AI Trust Center; the word 'Clara' does not appear anywhere on the Security & Compliance page. NVIDIA does not publish a Clara-specific compliance scope, so it is not confirmed which certifications cover the specific NIM-hosted Clara services (BioNeMo, Nemotron) versus NVIDIA's broader cloud/enterprise infrastructure. Treat corporate-level certs as directionally reassuring, not a Clara-specific guarantee.
- HIPAA: no vendor-issued HIPAA certification, attestation, or BAA offering was found on any NVIDIA-owned page. Some third-party/marketing summaries describe Clara Guardian as running on 'HIPAA-compliant' infrastructure, but this claim could not be verified with a direct vendor-domain quote -- do not list HIPAA as held without further diligence from NVIDIA sales/legal.
- PRODUCT HETEROGENEITY: Clara is a suite of largely open-source, self-hosted SDKs (MONAI, Holoscan, Isaac for Healthcare) plus two NIM-hosted model families (BioNeMo, Nemotron). Security/compliance posture differs materially by deployment mode (self-hosted = customer's own responsibility; NIM-hosted = NVIDIA's DGX Cloud posture applies). Any AIFOXX listing should make this deployment-mode distinction explicit rather than presenting Clara as a single hosted product.
- FedRAMP: NVIDIA AI Enterprise 'Government Ready Software' is only described as designed to meet FedRAMP High/FISMA High SDLC controls -- this is a readiness claim, not an actual FedRAMP Authorization to Operate (ATO). Do not list as 'FedRAMP authorized.'
// At a glance
Pricing model
Not published on the pages captured; NVIDIA Clara components are largely open source (free) SDKs, with paid tiers via NVIDIA AI Enterprise licensing and NIM-hosted API usage on DGX Cloud.
Self-hostable
Yes
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on NVIDIA Corporation's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-07-08. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
nvidia.com