The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes.
The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) or by a firm specific Internal Security Assessor (ISA) that creates a Report on Compliance for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. The PCI standards consist of twelve significant requirements including multiple sub-requirements which contain numerous directives against which businesses may measure their own payment card security policies, procedures and guidelines.
EHR 2.0’s certified privacy and security professionals can help your organization comply with the requirement in a most efficient and cost-effective way.
Our deliverables include but not limited to:
included in the description throughout a specified period.
EHR 2.0’s certified privacy and security professionals can help your organization comply with the requirement in a most efficient and cost-effective way.
Our deliverables include but not limited to:
- Control Environment
- Communication and information
- Risk Assessment
- Monitoring Activities
- Logical and Physical Access Controls
- System Operations
- Change Management
- Risk Mitigation
- Availability
- Confidentiality
