Every month, the Payer Security Focus will break down a different topic in security and compliance with information relevant to payers and actionable steps to help build a more robust security and compliance program at their organizations. This month’s topic is PCI DSS.
What is PCI?
PCI DSS stands for Payment Card Industry Data Security Standards and applies to all entities involved in payment card processing, including merchants, processors, financial institutions and service providers. It also applies to all other entities that
With Jeff Lin, Senior Vice President of Product Management; Chris Seib, CTO; Mark Krapels, COO; and Noah Dermer, Security Officer
Security is always top of mind at InstaMed. Since day one, we’ve been committed to delivering the most secure and compliant healthcare payments experience in the industry, and we continue to uphold our reputation as healthcare’s most trusted payments network.
As head of the product team, I work closely with our security team as we develop new products and enhancements for InstaMed
Guest blogger: Tim Winston CISSP, CISA, QSA (P2PE)
Many payment vendors claim to offer P2PE (point-to-point encryption) solutions but are not actually PCI-validated. What does it mean to offer a PCI-Validated P2PE Solution Provider? Tim Winston from Coalfire, a PCI SSC Qualified Security Assessor Company, answers some of the most frequently asked questions about P2PE solutions.
What is a QSA (P2PE)?
A QSA (Qualified Security Assessor) Company is recognized by the PCI Council as a qualified assessor of an organization’s adherence to PCI
Last week, the InstaMed team hopped a plane to Madison, WI to host a group of Epic users at Rare Steakhouse on the Monday evening of Epic UGM. We were very happy to have the opportunity to talk with our customers and colleagues about the latest trends and hot topics in healthcare payments. With plenty of food and drink fueling the conversation throughout the night, we learned a lot about our guests’ doubts, concerns and demands regarding payment security in
In a previous blog post, we talked about the infamous Heartbleed Bug and the damage it inflicted. In April 2015, as a result of Heartbleed and other discovered vulnerabilities, the Payment Card Industry Security Standards Council (PCI SSC) removed SSL and early versions of TLS as an example of strong cryptography from the PCI Data Security Standard (DSS) version 3.1.
Since first announcing a migration timeline for organizations to transition from SSL and earlier versions of TLS, PCI has extended the
Last month, Valentine’s Day had me reflecting on matters of the heart (even security officers can be sentimental now and then) and I took some time to think about love, relationships and heartbreak. Heartbreak is hard. It can make us feel used and question how we could have let ourselves become vulnerable to such pain. After heartbreak happens, we find ourselves patching up the places where our heart was exposed and revaluating ourselves to figure out how we can prevent
Welcome to the Security Corner
Welcome to the first installation of InstaMed’s Security Corner, a monthly blog feature discussing important topics in compliance and security with me, Noah Dermer. I came to InstaMed in 2015 to join the Security and Compliance team. Previously, I was the Chief Security Officer at Epic Systems, where one of my responsibilities was building security into Epic’s enterprise applications. As Security Officer at InstaMed, my goal is to support our security and compliance mission as well
Tony Hansen is a Payment Card Industry Professional (PCIP) at Providence Health Systems. Providence is the third largest not-for-profit health system in the U.S., operating 34 hospitals in five states. Earlier this year, Tony met with a group of Epic Users about the importance of EMV and how encryption helps reduce PCI scope and protect against the threat of fraud and stolen personal data.
Below are the insights and advice Tony shared regarding some of the most frequently asked questions about
Guest Blogger: Jeff Lin, Senior Vice President of Product Management, InstaMed
The Washington Post has deemed 2015 “the year of the healthcare hack” with multiple large-scale breaches already compromising the data of more than 100 million U.S. consumers. An issue compounding healthcare’s vulnerability is the rapid increase of consumer payment responsibility since the Affordable Care Act (ACA).
Healthcare organizations are seeking ways to connect electronically with consumers to streamline the payments process, improve cash flow and ensure data security, which can significantly
As every new year begins, consumer deductibles reset to their annual maximum amount that can range on average from $1,000 to $2,000 – up nearly 50% since 2009 (Kaiser Family Foundation). To prepare for increased consumer collections, healthcare organizations must evaluate their collection methods to ensure these consumers can quickly and conveniently make their payments, and more importantly, that their payments are secure.
We discussed in a previous blog post the latest innovations in payment technology and security, as well as