Security Compliance
Bolger has implemented sophisticated tools to protect sensitive data, especially in the healthcare and financial service industries. Bolger is leading the industry in creating a secure environment and establishing secure practices for managing sensitive customer data. We are one of the few commercial printers across the country to address all three major areas of security compliance: personnel, physical and data. All supported by an annual 3rd party SSAE 18/SOC 2/Type 2 audit.
Personnel Security
All Bolger personnel and temps are required to complete annual Compliance training that includes:
Quality (QMS) ISO 9001:2008 (includes the transition to ISO9001:2015)
- Sustainability (SMS) Environmental, Health and Safety to the SGP Criteria
- Information Security (ISMS) to comply with CMS Chapter 9
- Signing a Code of Compliance document that includes Code of Conduct and Conflict of Interest
In addition to all of the above, Bolger personnel and temps having access to protected health information (PHI), financial and proprietary information and who carry red security badges have been:
- Drug tested
- Criminal background check conducted
- Exclusion checks – OFAC, GSA, OIG, FBI, FDA and MHCP conducted
- Documentation of all training and signed documents located in Qualtrax our document control system
Facility Security
Bolger Direct Facility Security
Locked down facility with alarmed emergency exits
-
- Employee HID swipe badge entry system for red badge employees
- Secure hold area for Visitors and Vendors who are required to sign in and carry a Visitors badge then be escorted
- Surveillance cameras both inside and outside
- Locked cages for required secure work
Como Facility Security
-
- Exterior coded keypad entry system
- IT and server rooms locked down with HID badge swipe system
Data Security Compliance
- Secure SFTP Servers for Data Transfer
- Access to sensitive data permitted by Photo ID / Red Badged Employees
- Access to data center via Photo ID / Red Badged Employees
- Secure SFTP Servers for Data Transfer
- Traceability of data
- Work station security
- Encryption of secure electronic data for transfer
- 10 Year Data Retention
- Multi-Tier Data Retention model
- Secure fire wall