LabArchives ELN, Inventory, and Scheduler now have broad approval for use by U.S. federal agencies to manage unclassified data and meet more stringent security and compliance requirements.
LabArchives for Government has officially been designated as a FedRAMP authorized cloud service offering at the Moderate security impact level. Any U.S. federal government agency can now choose LabArchives to handle unclassified data. The journey toward this achievement began in 2019, when LabArchives embarked upon the process of securing FedRAMP authorization. Throughout this time, the LabArchives team has worked closely with government research agencies, like the National Cancer Institute (NCI), as it ensured its security processes, policies, certifications, and coding standards met the stringent requirements needed to attain broad approval for federal government use. LabArchives for Government are the same well-known LabArchives products, but have been customized to meet additional federal requirements.
What is FedRAMP?
In 2011, the U.S. federal government created the Federal Risk and Authorization Management Program, or FedRAMP, in order to establish a standardized process to assess and authorize the use of cloud-based solutions to handle unclassified government information.(1) Prior to this unified approach, each time an agency wanted to use a vendor’s solution, that vendor needed to work with that single agency to ensure adherence to its specific security requirements. This often led to duplicate efforts that were neither consistent nor cost or time efficient. By establishing a common baseline framework, FedRAMP streamlines federal security assessment and authorization. This more transparent and reusable process gets cloud solutions into the hands of government agencies more reliably, benefitting both vendors and agencies alike. Thanks to FedRAMP, once a cloud solution is authorized by one federal agency it is deemed suitable as a vetted option for use at any other federal agency. Cloud service offerings that have achieved a FedRAMP designation can easily be found on the FedRAMP Marketplace, a searchable and sortable database that details a cloud service offering’s approval status and date, which independent third-party assessor performed review, and which federal agency facilitated authorization.
What Does FedRAMP Authorized Mean?
A cloud service offering that has successfully completed FedRAMP approval is considered FedRAMP Authorized.(2) Achieving such authorization depends upon the solution meeting strict standards for data security and governance, development processes, security procedures and policies within their cloud-services technology. In order to secure FedRAMP authorization, solutions must adhere to over 300+ security controls based on National Institute of Standards and Technology (NIST) Special Publication 800-53 requirements. Examples of such measures include enhanced system encryption; comprehensive policy and procedure documentation; advanced vulnerability scanning and penetration testing; and extensive authorized third-party assessment.
LabArchives for Government attained FedRAMP Moderate authorization on April 22, 2025.
LabArchives began its journey toward FedRAMP compliance in 2019, enhancing its security posture through SOC 2 Type II and ISO 27001 certifications. In April 2024, LabArchives was designated as FedRAMP “In Process” while the FedRAMP Program Management Office reviewed its security package and its suitability for widespread federal agency use. With successful completion of that review, LabArchives is now listed on the FedRAMP Marketplace as an authorized solution at the Moderate security impact level.
Which Federal Agencies are Using LabArchives?
As part of the FedRAMP process, a provider seeking approval can partner with a government agency. LabArchives’ government partner on its FedRAMP approval journey was the National Institutes for Health (NIH). The LabArchives team has worked closely with NIH’s NCI and the National Center for Advancing Translational Sciences for several years. During this time, key stakeholders explored how well LabArchives would meet federal security and records-management requirements and assessed how well it could support multidisciplinary research with lab-management solutions that promote research reproducibility, process efficiency, data accessibility, and data integrity. In 2022, LabArchives secured a 1,000-user pilot license with the NCI. Building on this success, the NIH expanded its commitment in 2023 with a 4,000-user license and in 2024 with a 7,000-user license, making LabArchives the first ELN licensed for agency-wide use at the NIH.
NIH’s Enterprise-Wide LabArchives Use
During the collaboration, the NIH evaluated LabArchives’ security and records-management compliance, multi-discipline research support, affordability, usability, and outstanding support model. After vetting a number of options, the agency ultimately chose LabArchives as its one approved, multi-discipline, SaaS ELN. In its documentation on the matter, the NIH explains its rationale behind wanting a consolidated multi-use ELN, saying that a centrally-supported solution can not only improve collaboration, data sharing, and data integrity, but also lower operating costs and ease the burden of meeting compliance demands.(3) The NIH now licenses LabArchives ELN, Inventory, and Scheduler enterprise wide. As such, LabArchives is helping several thousand NIH scientists work more efficiently and collaboratively as they pursue a wide range of work across basic, translational, and clinical research.
Beyond the NIH:
LabArchives for Government on the FedRAMP Marketplace
With LabArchives’ full FedRAMP authorization, its impact is expected to extend beyond the NIH. LabArchives for Government is listed as an authorized solution on the FedRAMP marketplace, a one-stop spot for local, state, and national agencies, as well as any academic or institutional organization conducting research supported by government grants, to seek out security-authorized, cloud-based solutions for use in their work.
The FedRAMP-authorized Lab Archives for Government solution includes:
LabArchives Electronic Laboratory Notebook (ELN) for collaborating and managing data within a digital notebook and workspace
LabArchives Inventory for organizing, tracking, and ordering lab inventory items
LabArchives Scheduler for managing and scheduling lab equipment and resources
All of these applications meet FedRAMP Moderate requirements, which are derived from NIST 800-53 and have been independently assessed to ensure that the data stored within them are handled in a way that maintains confidentiality, integrity, and availability.
Learn More About LabArchives for Government
As a FedRAMP authorized solution with additional SOC 2 Type II and ISO 27001:2022 certifications, LabArchives for Government is an ideal choice for government agencies looking to promote collaborative innovation within the confines of security, budget, and other stringent research requirements. Have a member of our team contact you to discuss how LabArchives can help your institution meet its security requirements without compromising its research goals.
References
Program Basics. FedRAMP web page. https://www.fedramp.gov/program-basics/ (accessed 2024-10-17).
About FedRAMP Marketplace. FedRAMP web page. https://www.fedramp.gov/about-marketplace/ (accessed 2024-10-17).
Intramural Electronic Lab Notebook Policy. NIH web page. https://oir.nih.gov/sourcebook/intramural-program-oversight/electronic-lab-notebooks/intramural-electronic-lab-notebook-policy (accessed 2024-10-17)
Forward-Looking Statements
This article contains forward-looking statements that are intended to outline our general product strategy. It is intended for informational purposes only and speaks only as of the date the statements are first published. It is not a commitment to deliver any functionality and should not be relied upon for making purchase decisions. You should not put any contractual reliance on these statements. The development, release, and timing of any products or capabilities remains at the sole discretion of Dotmatics.
No representation or warranty, express or implied, is provided in relation to the fairness, accuracy, correctness, completeness or reliability of the information, opinions or conclusions expressed herein. Only those representations or warranties that are made in or pursuant to one or more definitive agreements involving the parties will have any legal effect.