Skip to main content
GE Digital

Predix Platform Compliance

The GE Digital Predix Platform solution provides capabilities for cybersecurity protection that supports the following certifications, laws and regulations.

Industrial app programmers using Predix Platform by GE Digital

Predix Platform

Industrial app programmer using Predix Platform by GE Digital

The foundation for digital industrial applications

Predix Platform helps you develop, deploy, and operate industrial apps at the edge and in the cloud. Securely connect machines, data, and analytics to improve operational efficiency. Get your free account today.

Industrial app programmers using Predix Platform by GE Digital
IIoT Platform

ISO 27001 Certification

Industrial app programmer using Predix Platform by GE Digital
IIoT Platform

ISO 27017 Certification

Industrial app programmer using Predix Platform by GE Digital
IIoT Platform

ISO 27018 Certification

Industrial app programmer using Predix Platform by GE Digital
IIoT Platform

Quality Management System - ISO 9001:2015

Global

ISO 27001:2013

Engineers using Predix Platform, Paas for the industrial monitoring and event management from GE Digital

ISO 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO 27002 best practice guidance. Our ISO 27001:2013 certification demonstrates our commitment to information security at every level. Compliance with this internationally-recognized standard, validated by an independent third-party audit, confirms that our security management program is comprehensive and follows leading practices.

 

This certification pertains to the GE Digital Predix platform solution, related infrastructure and technology operations.

 

The certifying agency is Schellman and Company.

 

  • To view the standard, click here.
  • To download the Predix ISO 27001 certification, click the link in the tile above above.

 

    ISO 27017:2015

    ISO 27017:2015 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards. GE Digital Predix' attestation to the ISO 27017:2015 guidance not only demonstrates our ongoing commitment to align with globally-recognized best practices, but also verifies that the GE Digital Predix platform solution has a system of highly precise controls in place that are specific to cloud services.

     

    This certification pertains to the GE Digital Predix platform solution, related infrastructure and technology operations.

     

    The certifying agency is Schellman and Company.

     

    • To view the standard, click here.
    • To download the Predix ISO 27017 certification, click the link in the tile above above.

     

      ISO 27018:2014

      ISO 27018:2014 is a code of practice that focuses on protection of personal data in the cloud. It is based on the ISO 27001 and 27002 standards. The alignment demonstrates to customers that the GE Digital Predix platform solution has a system of controls in place that specifically address the privacy protection of its content.

       

      This certification pertains to the GE Digital Predix platform solution, related infrastructure and technology operations.

       

      The certifying agency is Schellman and Company.

       

      • To view the standard, click here
      • To download the Predix ISO 27018 certification, click the link in the tile above.

       

        SOC 2

        GE Digital Predix Service Organization Control (SOC) Reports are independent third-party examination reports that demonstrate how the GE Digital Predix platform solution achieves key compliance controls and objectives.

         

        This certification pertains to the GE Digital Predix platform solution, related infrastructure and technology operations.

         

        • To view the SOC 2 Trust criteria, click here.
        • To view the GE Digital Predix SOC 2 report, contact your Sales Representative.

         

         

          ISO 9001:2008

          GE Digital legacy apps have undergone a systematic, independent examination of our quality system to determine whether the activities and activity outputs comply with ISO 9001:2008 requirements. A certifying agent found our QMS to comply with the requirements of ISO 9001 for the activities described in the scope of registration. This certification only pertains to the Embeded and On-premise software.

           

          The certifying agency is BSI.

           

          • To view the standard, click here.

           

            CSA

            Per the CSA definitions, GE Digital Predix platform solution aligns with the CSA STAR Attestation and Certification via the determinations in our third party audits for SOC and ISO. The CSA STAR Level 2 Certification is based on ISO 27001:2013.

             

            • To view the Matrix, click here.

            United States

            FIPS

            Aviation illustration showing big data capture using GE Digital's industrial apps

            The Federal Information Processing Standard (FIPS) Publication 140-2 is a US government security standard that specifies the security requirements for cryptographic modules protecting sensitive information. To support customers with FIPS 140-2 requirements, GE Digital Predix Virtual Private Cloud VPN endpoints and SSL terminations in Predix Cloud (AWS) operate using FIPS 140-2 validated cryptographic modules.

             

            • To view the standard, click here.

             

              HIPAA and HITECH

              HIPAA

               

              GE Digital Predix platform solution enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) to leverage the secure Predix environment to process, maintain, and store protected health information. HIPAA and HITECH impose requirements related to the use and disclosure of PHI, appropriate safeguards to protect PHI, individual rights, and administrative responsibilities.

               

              • To view the standard, click here.

               

              HITECH

               

              GE Digital Predix platform solution enables covered entities and their business associates subject to the U.S. Health Insurance Portability and Accountability Act (HIPAA) to leverage the secure Predix environment to process, maintain, and store protected health information. HIPAA was expanded by the Health Information Technology for Economic and Clinical Health (HITECH) Act, which is Title XIII of the American Recovery and Reinvestment Act. HIPAA and HITECH establish a set of federal standards intended to protect the security and privacy of PHI. These standards affect the use and disclosure of PHI by covered entities and their business associates. HIPAA and HITECH impose requirements related to the use and disclosure of PHI, appropriate safeguards to protect PHI, individual rights, and administrative responsibilities.

               

              • To view the standard, click here.

               

                EC/ITAR

                As a part of managing a comprehensive EC/ITAR compliance program, US companies are subject to export regulations. Those companies must control unintended exports by restricting access to US persons and restricting the physical location of that data to within the US. The GE Digital Predix platform solution provides customers with the option to store their data in an export controlled cloud environment managed solely by US persons on US soil.​

                 

                • To view the standard, click here.

                 

                  NIST

                  The GE Digital Predix platform solution is a NIST compliant cloud infrastructure that meets the NIST 800-53 Rev. 4 controls.

                   

                  • To view the standard, click here.

                  Europe

                  General Data Protection Regulation (GDPR)

                  Engineer utilizing Predix Platform for cyber security asset safety

                  The GDPR is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU).

                   

                  • To view the standard, click here.

                  Sign up for your free account

                  Connecting edge to cloud, operator to analyst

                  Industrial application developers using Predix Platform from GE Digital

                  Everything You Need to Build IIoT Apps

                  The Predix System™ provides the software architecture and services required to make any machine an intelligent asset - bringing actionable insights to every part of industrial infrastructure and operations.