Trusted by the most highly regulated industries

For almost 30 years, our customers have trusted our ability to handle their data with care and respect. That’s why organizations from the most highly regulated sectors rely on us to protect their most sensitive information wherever work happens. 

Policies and practices

Privacy policy
The Citrix privacy policy applies to the personal information we may obtain through our various online and offline channels, as well as from third-party sources, including business partners, ad networks and vendor properties.

Data processing addendum
The Citrix Data Processing Addendum describes the privacy practices that are applied to the personal information Citrix processes on behalf of our customers when providing Citrix Cloud services, technical support services or consulting services.

GDPR

GDPR FAQ
Solution architectures for the General Data Protection Regulation (GDPR)

Subprocessor list
List of sub-processors authorized to access personal data. 

Schrems II and Citrix Services
How Schrems II impacts the use of Citrix services.

Brexit and Citrix Services
For information about Brexit and Citrix Services, please refer to this document.

Privacy Shield
Citrix has self-certified compliance with the EU-U.S. and Swiss-U.S. Swiss Privacy Shield frameworks. 

Citrix Law Enforcement Requests Report

Customer content and log handling

Common Criteria

Citrix commitment to developing secure software is shown in our progress toward Common Criteria.

FIPS 140-2

View how Citrix complies with the Federal Information Processing Standard.

IRAP

Citrix Workspace, which incorporates the Citrix Virtual Apps and Desktop Service, the Citrix Gateway Service (HDX Proxy), the Citrix Cloud Platform, and the Citrix Identity Service, achieved IRAP Compliance.  

SOC 2

SOC 2 reports show the controls that Citrix has in place as a service provider. 

ISO

Citrix has products certified with internationally-recognized ISO/IEC standards.

HIPAA

Citrix Workspace and Citrix ShareFile for Healthcare safeguard protected health information under HIPAA and HITECH.

Citrix Cloud certifications

Service SOC2 ISO 27001 HIPAA FedRAMP Ready IRAP
Citrix Cloud platform Type 2
Citrix Identity Service Type 2
Workspace Platform Type 2 -
Citrix Virtual Apps and Desktops (Premium) Type 2
Citrix Content Collaboration (ShareFile) Type 2
(+ eSignature)
- -
Citrix Endpoint Management Type 2 - -
Citrix Analytics service Type 2
- -
Citrix Workspace with Intelligence (MicroApps) Type 1 - - - -
Citrix Gateway service
- - -
(HDX only)

The above information is subject to change, without notice, and should not be considered a commitment for Citrix product acquisitions for any forward looking items.

 Planned compliance activities for CY 2021
 

Additional compliance and certification documentation

Section 508 and WCAG 2.0
Accessibility and usability of Citrix products is a high-priority not only within our products but our Cloud and web assets as well.

FSTEK
Information security certification is key for many of our customers, that is evident in our FSTEK certification for the Russian government.

IRAP deployment guide
Deployment instructions for CVAD and Citrix Workspace to maintain IRAP compliance at the Protected Level

DoDIN
Citrix ADC MPX 14000-FIPS 11.1 Platinum Edition has passed both Interoperability and Cybersecurity certifications to remain on the Department of Defense Information Network Approved Products List (DoDIN APL).

Citrix Cloud Government
Citrix Cloud Government built directly on Microsoft Azure Government.

Export
Export guidelines overview for Citrix products.