Regulatory Compliance, Governance and Security:

payment card industry data security standards


September 28, 2009  10:09 PM

PCI DSS Compliance for Service Providers | A Growing Trend



Posted by: Charles Denyer
charles denyer, data centers, managed services, merchants, payment card industry data security standards, payment gatteways, PCI DSS, service providers

PCI DSS compliance for service providers is growing at quite an astonishing rate, to say the least. One of the biggest contributors is that of data centers, co-location facilities, and other types of organizations providing managed services. In short, they...

September 25, 2009  1:34 PM

PCI DSS for DATA CENTERS | It’s only going to become MORE of a Requirement



Posted by: Charles Denyer
co-locations, data centers, managed services, payment card industry data security standards, PCI DSS, qsa, qualified security assessor

I attended a recent compliance conference for data centers and the phrase that kept coming up was PCI DSS. That's right, the Payment Card Industry Data Security Standards, simply known as PCI DSS to millions, is spreading like a virus...


August 23, 2009  8:47 PM

Will HIPAA compliance ever have any Teeth like SAS 70 and PCI DSS?



Posted by: Charles Denyer
162, 45 CFR Parts 160, and 164, charles denyer, health insurance portability and accountability act, Health Insurance Reform: Security Standards, HIPAA, payment card industry data security standards, PCI, PCI DSS, SAS 70, The Department of Health and Human Services, type II

HIPAA, The Health Insurance Portability and Accountability Act, has been with us for years now. Upon reading through the vast and cumbersome documentation, one quickly realizes that HIPAA has many moving parts, enough to make you...


August 23, 2009  5:01 PM

PCI DSS Compliance | Why it is Working and Will Continue to be Enforced



Posted by: Charles Denyer
130 million cards, charles denyer, data security breach, merchants, payment card industry data security standards, PCI DSS, service providers

PCI DSS compliance has taken a lot of shots lately, much of it unfair. Sure, there have been a number of high profile data and security breaches, such as the recent compromise of 130 million payment (credit and debit) cards. These stories create...


August 23, 2009  4:42 PM

PCI DSS Compliance for Merchants | A Self-Assessment could be a thing of the Past



Posted by: Charles Denyer
charles denyer, gateways, mastercard, merchants, payment card industry data security standards, payment processors, PCI DSS, pci self assess, qsa, qualified security assessor, self assessment, self assessment questionnaires

PCI DSS Compliance for merchants is a hot topic indeed as witnessed by the large and ever growing number of businesses having to comply with PCI DSS. And to be fair, the vast majority can “self-assess” for compliance by answering a series of questions...


August 23, 2009  4:39 PM

GLBA, HIPAA, SAS 70, PCI DSS | what is next for Compliance?



Posted by: Charles Denyer
charles denyer, GLBA, HIPAA, payment card industry data security standards, PCI DSS, SAS 70, sas70, The Minnesota Plastic Card Security Act

The trend of late has been Payment Card Industry (PCI) Data Security Standards (DSS) compliance, along with a continued emphasis on the well known SAS 70 auditing standard. And occasionally, calls for GLBA and HIPAA compliance come calling also. As an...


August 3, 2009  7:25 PM

SAS 70 Audits and PCI DSS Assessments | What you NEED to Know



Posted by: Charles Denyer
merchants, payment card industry data security standards, PCI DSS, pci dsss level 1 assessments, SAS 70, sas70, service organizations, service providers, type i, type II

SAS 70 audits and PCI DSS Assessments are on everybody's radar screen today, or though it seems. Particularly, SAS 70 Type II Audits and Payment Card Industry Data Security Standards (PCI DSS) Level I assessments. And why? Because many service organizations, merchants, and service providers are...


June 16, 2009  2:35 AM

SAS 70 Audits and PCI DSS | Yes, There is a Big Difference



Posted by: Charles Denyer
assessments, audits, charles denyer, cpa firm, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, report on compliance, ROC, sas 70 type ii audit

SAS 70 audits, especially Type II reports and PCI DSS Level 1 Report on Compliance (ROC) assessments are dominating today's regulatory compliance arena. Painfully, as a SAS 70 auditor and a PCI DSS assessor, I keep hearing people talk about these two compliance initiatives as if they are one in...


May 26, 2009  6:22 PM

PCI DSS Level 1 Compliance | Helpful Tips from a PCI QSA



Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Level 1 compliance, pci qsa, pciassessment.org, policies and procedures, requirement 12

Payment Card Industry Data Security Standards (PCI DSS) Level 1 compliance can be a very arduous, time-consuming and costly undertaking for any organization. However, there are a number of proactive steps that should be put in place for helping ensure an...


May 9, 2009  9:49 PM

PCI DSS Self Assessment Questionnaire | Easier Said Than Done



Posted by: Charles Denyer
charles denyer, payment card industry data security standards, PCI DSS, PCI DSS Self Assessment Questionnaire, pciassessment.org, qualified security assessor

PCI DSS Self Assessment questionnaires are used for the large and growing number of merchants who must comply with the Payment Card Industry Data Security Standards (PCI DSS). In short, compliance can be obtained by conducting a "Self Assessment". What's important to note, however, is that there...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: