Page History: iHealthSpot BillPay (formerly ezNetPay) and PCI-DSS Compliance

Compare Page Revisions



« Older Revision - Back to Page History - Newer Revision »


Page Revision: 2012/07/28 19:39


What is PCI-DSS

The Payment Card Industry (PCI) Data Security Standard (DSS) represents a common set of industry tools and measurements to help ensure the safe handling of sensitive information related to customer credit cards and other private sensitive information relating to customer accounts. The standard provides an actionable framework for developing a robust account data security process - including preventing, detecting and reacting to security incidents. The standard is created and managed by the PCI Security Standards CouncilPCI Security Standards Council.

How does iHealthSpot participate in PCI-DSS

iHealthSpot, Inc. adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. In doing so, we strive to ensure that all customers' payment card data is being kept safe throughout every transaction, and that patients and practices can have confidence that they're protected against the pain and cost of data breaches.

For iHealthSpot, adhering to the PCI DSS is not a single event, but a continuous, ongoing process. First, we continually assess and identify cardholder data, taking an inventory of all our IT assets and business processes for payment card processing, and we analyze them for vulnerabilities that could expose cardholder information. Second, we remediate and fix any possible vulnerabilities and we never store cardholder data after a transaction has been processed. Third, we compile and submit compliance reports to all our clients and the acquiring banks and card brands you do business with.


ScrewTurn Wiki version 2.0.36. Some of the icons created by FamFamFam.