Security and Compliance

Platform Status

Release Management


The United States Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates the security and privacy of Protected Health Information (ePHI).

Boomi Flow is compliant with the HIPAA security requirements. With HIPAA compliance, customers can securely process and store protected health information (ePHI) on the Boomi Flow Platform after executing a Business Associate Agreement.


The Payment Card Industry (PCI) Security Standards Council offers standards to enhance payment card data security. The PCI Data Security Standard (PCI DSS) provides a framework for developing a robust payment card data security process; including prevention, detection, and appropriate handling of security incidents. Customers can leverage the Boomi Flow Platform’s PCI-DSS compliance to reduce their own PCI compliance complexity after agreeing to the Boomi Flow PCI-DSS terms.

ISO 27001

ISO 27001 is the international standard that describes best practice for an information security management system (ISMS). Accredited certification to ISO 27001 demonstrates that ManyWho is following international information security best practices, this helps to ensure the security of your information assets.

Amazon Web Services (AWS)

Boomi Flow utilizes AWS multi-region infrastructure to elastically scale, provide enterprise-grade high availability and consistently deliver peak performance to every customer, in any country.
Our in-house AWS experts utilize a broad set of AWS technologies to create the perfect platform. By combining our knowledge of running large scale cloud platforms with AWS’s IaaS we are able to offer every customer world class performance, security and cost efficiency.

AWS further enhances and reduces complexity with a compliance offering of 60+ international standards.


The Boomi Flow platform has been implemented using the HITRUST CSF.