A New One-Stop Shop on Boomi Compliance and Security

3 minute read | 13 Jul 2022

By Ron Zollman

Compliance and security are top of mind for organizations in every industry in our age of ever-changing industry standards, regulatory requirements, and cybersecurity risks.

At Boomi, we’re committed to compliance and security for our integration platform as a service (iPaaS) solutions. We’re equally committed to trying to simplify and share key information with our customers and prospects.Our new compliance web page provides you with a comprehensive one-stop shop on the latest available information on Boomi’s certifications, authorizations, best practices, and adherence to industry standards.

The page gives you an overview of Boomi’s multi-pronged approach, including measures to maintain the confidentiality, integrity, and availability of our customers’ information. You can see everything from our annual SOC reports to details on IRAP and FedRAMP – as well as copies of security and data privacy schedules, all in one place. If there is more you ever need, you can ask Boomi.

From the overview, you’re able to drill down for additional information such as:

FedRAMP: The Boomi AtomSphere Platform is authorized under FedRAMP (Federal Risk and Authorization Management Program), a U.S. government program that helps ensure the security of cloud technologies used by federal agencies. This is really a rare and very high distinction in our industry.

StateRAMP: Boomi is pursuing authorization under StateRAMP (with FedRAMP reciprocity), a program modeled after FedRAMP that pertains to state and local governments.

HIPAA/HITECH: Intensive third-party assessments have certified Boomi as compliant with standards to protect the privacy and security of healthcare information per requirements of HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health).

SOC 1 and SOC 2: Annual examinations by third-party auditors attest that Boomi is compliant with SOC (System and Organization) 1 and 2 standards in areas including security, availability, processing integrity, confidentiality, privacy, controls for financial reporting, and cybersecurity.

PCI DSS: Boomi is certified as compliant with PCI DSS (Payment Card Industry Data Security Standard), the global standard designed to secure credit and debit card transactions against data theft and fraud.

More: You’ll also find information and documentation on Boomi’s:

  • Codes of Conduct
  • Service Level Agreement
  • Data Processing Schedule
  • Standard Security Schedule
  • Accessibility/VPAT reports

As the landscape evolves, Boomi aims every day to deliver tested, proven, and best-in-class tools, frameworks, and procedures to protect our customers and their data.

That commitment comes from the highest levels of the company, and is one reason our technology is trusted by more than 20,000 customers worldwide for data and integration management across cloud platforms, software as a service (SaaS) applications, and on-premises systems.


To learn more, visit the compliance web page. If you need further information about product certifications, FedRAMP, or StateRAMP, email tech.compliance@boomi.com; if you have privacy questions or any concerns, you may email privacy@boomi.com; or, if you’re an active client, communicate with your account executive.