If your business calls its customers “patients,” then you are likely well aware of HIPAA-HITECH and all that goes along with it. But what happens if you throw the Payment Card Industry Data Security Standard (PCI DSS) into the mix? A lot of people like … Read more
Qualified Security Assessors like myself are conducting annual PCI assessments year round, so while your assessment may seem like an “it’s that time of the year again” activity, our interaction with your business often involves common themes. For example, we QSAs often hear a lot … Read more
You gather up all the necessary documentation and sit down to complete the SAQ for your business—only to realize that you can’t answer “yes” to all the questions. Somewhere, something down the line occurred which now makes things complicated. When confronted with the reality of … Read more
“A QSA’s Deja Nightmare” A QSA walks into a bar (or gas station chain, or retail organization, etc.) to perform a PCI assessment. The bartender/owner says, “We just have some policies for you! We use <<insert POS company name>> POS, and it is PCI compliant.” … Read more