Business Security Consultants

Business Security Consultants, Inc.

Securing the Future of Your Business

Information Systems Security Assessment

Business Continuity Plans

White Papers

Information Systems Security - Terminology

Compliance: PCI & HIPPA

Webinars

Home

Support Compliance: PCI & HIPPA

PCI Compliance

The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.

PCI security standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all organizations that store, process or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions. The Council is responsible for managing the security standards, while compliance with the PCI set of standards is enforced by the founding members of the Council, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.

Merchants not compliant with the PCI Data Security Standard (DSS) are at a greater risk of security breaches from cyber criminals. The PSI DSS outlines best security practices to protect businesses against credit card breaches. All organizations, regardless of size, that accept credit or debit cards as a form of payment in person, by phone, or online, must be PCI compliant by July 2010. Organizations that are not compliant by that date are at a greater risk of security breaches, may incur fines from the card associations, and may lose the ability to process card payments.

Our services will ensure that your Information Systems are well protected and that you are in Compliance with the PCI Standards

HIPPA Compliance

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information.

The Privacy and Security Rules apply only to covered entities. Individuals, organizations, and agencies that meet the definition of a covered entity under HIPAA must comply with the Rules' requirements to protect the privacy and security of health information and must provide individuals with certain rights with respect to their health information. If an entity is not a covered entity, it does not have to comply with the Privacy Rule or the Security Rule. A covered entity is one of the following: A Health Care Provider, A Health Plan and A Health Care Clearing House.

Most businesses collect and store sensitive information about their employees and customers, like Social Security numbers, credit card and account information, and medical and other personal data. Many of them have a legal obligation to protect this information. If it gets into the wrong hands, it could lead to fraud and identity theft. That’s why any company that collects and stores sensitive information must consider the security implications of using Peer-to-Peer (P2P) file sharing software and minimize the risks associated with it.

Our services will ensure that your Information Systems are well protected and that you are in Compliance as it relates to HIPPA.