|
|
|
Posts: 2,084
Joined: November 2006
|
|
#27385
01/25/2011 2:13 PM
|
Joined: Sep 2010
Posts: 26
Member
|
OP
Member
Joined: Sep 2010
Posts: 26 |
Does anyone know if AC is compliant with the Payment Card Industry - Data Security Standard?
We are thinking about holding credit card numbers to secure appointments, bill for No Shows, etc. If you store credit card numbers electronically you are subject to rather stringent credit card industry rules. Compliance programs can cost several hundred dollars annually. If AC meets the requirements we might go forward with this.
Jeff W
Behavioral neurologist & attorney
Providence, RI
|
|
|
|
|
Joined: Jun 2009
Posts: 1,811
Member
|
|
Member
Joined: Jun 2009
Posts: 1,811 |
Having worked on PCI-DSS initiatives for implementing enterprise clients, it is both expensive and extensive.
I have never heard it mentioned from AC, so I am going to guess that PCI-DSS was not a requirement set that they have implemented.
We do have a client that has a credit-card machine, merchant account, and uses Quickbooks - Quickbooks contacted them to make a mandatory upgrade that was supposedly to go to a version that was PCI-DSS compliant. You might want to investigate that as a method to comply.
PCI-DSS implementations are considered a combinations of systems and procedures that work together to protect subject data. The greater stress and rigor came about as result of the TJ Maxx debacle - 45 million credit card accounts lifted from a WEP 'protected' wireless network. The bad actors sat in the parking lot and stole data.
|
|
|
|
0 members (),
251
guests, and
27
robots. |
|
Key:
Admin,
Global Mod,
Mod
|
|
|
|
|
|
