Information Security

The importance of information security, for electronic and physical data, is paramount to the interests of both Boehm & Associates and our clients. We understand that our clients must have confidence in Boehm & Associates’ ability to protect their members’ protected health information from unauthorized disclosure, modification, and destruction. To this end, Boehm & Associates has obtained HITRUST Common Security Framework (CSF) certification in both our Northern and Southern California offices, which we believe will attest to the security of our current and future clients’ protected health information.

For those who are unfamiliar with the HITRUST CSF, Boehm & Associates recommends reviewing the Introduction to the HITRUST CSF and Comparing the CSF, ISO/IEC 27001 and NIST 800-53. Adherence to these unified standards ensures that Boehm & Associates takes a comprehensive approach to security, from the encryption of its data at rest and in transit to 24/7 system activity monitoring, stringent access control policies, routine vulnerability and patch management, and a full spectrum of additional security practices that support confidentiality, integrity, and availability of information at every level of the organization’s infrastructure.

Our Information Security personnel provide dedicated collaboration with system owners, Information Technology, and Client Services in order to guarantee oversight and consistent compliance. Where data transfer and external system connections are required, we are committed to securing these communication channels and working with its clients to keep risk levels at a minimum.

Boehm & Associates strives to optimize the relationship between business, technology, and security to enable the highest quality of service to our clients. We look forward to cultivating those relationships in light of this certification and exploring new opportunities to ensure that our clients are availing themselves of all that we have to offer.