What is PCI?
The PCI Data Security Standard is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. The PCI Data Security Standard is comprised of 12 general requirements designed to:
- Build and maintain a secure network;
- Protect cardholder data;
- Ensure the maintenance of vulnerability management programs;
- Implement strong access control measures;
- Regularly monitor and test networks; and
- Ensure the maintenance of information security policies.
Being PCI compliant is a continuous process as the standards of the payment card industry are constantly evolving to ensure the security of cardholder’s data. At Velocitii, we understand the importance and necessity of PCI compliance.
With Level 1 PCI compliance, we are required to adhere to the highest security standards for processing credit card information.
For more information on being PCI compliant and the PCI DSS (Payment Card Industry Data Security Standards), we recommend the PCI Security Standards Council website at: www.pcisecuritystandards.org
What is HIPAA?
HIPAA is the acronym for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996. HIPAA does the following:
- Provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
- Reduces health care fraud and abuse;
- Mandates industry-wide standards for health care information on electronic billing and other processes; and
- Requires the protection and confidential handling of protected health information
The HIPAA Privacy regulations require health care providers and organizations, as well as their business associates, develop and follow procedures that ensure the confidentiality and security of protected health information (PHI) when it is transferred, received, handled, or shared. This applies to all forms of PHI, including paper, oral, and electronic, etc. Furthermore, only the minimum health information necessary to conduct business is to be used or shared.
You can view Velocitii’s full HIPAA compliance statement here.