“Hello, what is your credit card number?” Have you ever found yourself in a situation where you have been asked for your credit card information over the phone? Have you ever wondered where that person was working?
Whether you are paying a healthcare bill or covering an insurance premium, there are several healthcare transactions that may require consumers to verbally give out their credit card to someone unknown to them over the phone. Credit card data and healthcare data continue
Every month, the Payer Security Focus will break down a different topic in security and compliance with information relevant to payers and actionable steps to help build a more robust security and compliance program at their organizations. This month’s topic is compliance versus security.
What is the Difference Between Compliance and Security?
To understand the importance of compliance and security in healthcare payments, first let’s clarify the difference between the terms compliance and security. Both are important to healthcare payments, but these
Deliver a Seamless and Secure Online Consumer Payment Experience and Reduce PCI Scope Up to 90%
The InstaMed Secure Token enables healthcare organizations to deliver a seamless and secure online consumer payment experience within their existing portals with cardholder data never touching their servers. As a result, consumers can make one-time payments and also have full access to their digital wallet for future or recurring payments while using any device. Likewise, healthcare organizations significantly reduce their PCI compliance efforts and ensure
On January 20, 2017, we will watch as power transitions from one president to the next. The new president will take an oath and speak to the American people for the first time as their elected leader. In his inaugural address, the incoming president usually tries to explain what he intends to accomplish over the next four years. Some, like these duds, overdo it, and belabor unimaginative points of policy and ideologies in a failed attempt to seem presidential. Others
Guest blogger: Tim Winston CISSP, CISA, QSA (P2PE)
Many payment vendors claim to offer P2PE (point-to-point encryption) solutions but are not actually PCI-validated. What does it mean to offer a PCI-Validated P2PE Solution Provider? Tim Winston from Coalfire, a PCI SSC Qualified Security Assessor Company, answers some of the most frequently asked questions about P2PE solutions.
What is a QSA (P2PE)?
A QSA (Qualified Security Assessor) Company is recognized by the PCI Council as a qualified assessor of an organization’s adherence to PCI
It’s already that time of year again. Summer is coming to a close, and kids are getting ready to go back to school. To help everyone transition out of the dog days of summer and into the classroom, many schools offer students and families a “back to school” checklist. The list prescribes the text books and supplies needed for classes, as well as the medical exams students must complete before the school year begins.
I’ve noticed that the retail industry plays
Last month, Valentine’s Day had me reflecting on matters of the heart (even security officers can be sentimental now and then) and I took some time to think about love, relationships and heartbreak. Heartbreak is hard. It can make us feel used and question how we could have let ourselves become vulnerable to such pain. After heartbreak happens, we find ourselves patching up the places where our heart was exposed and revaluating ourselves to figure out how we can prevent
Welcome to the Security Corner
Welcome to the first installation of InstaMed’s Security Corner, a monthly blog feature discussing important topics in compliance and security with me, Noah Dermer. I came to InstaMed in 2015 to join the Security and Compliance team. Previously, I was the Chief Security Officer at Epic Systems, where one of my responsibilities was building security into Epic’s enterprise applications. As Security Officer at InstaMed, my goal is to support our security and compliance mission as well
Tony Hansen is a Payment Card Industry Professional (PCIP) at Providence Health Systems. Providence is the third largest not-for-profit health system in the U.S., operating 34 hospitals in five states. Earlier this year, Tony met with a group of Epic Users about the importance of EMV and how encryption helps reduce PCI scope and protect against the threat of fraud and stolen personal data.
Below are the insights and advice Tony shared regarding some of the most frequently asked questions about