September 25, 2009 1:34 PM
Posted by: Charles Denyer
co-locations,
data centers,
managed services,
payment card industry data security standards,
PCI DSS,
qsa,
qualified security assessorI attended a recent compliance conference for data centers and the phrase that kept coming up was PCI DSS. That's right, the Payment Card Industry Data Security Standards, simply known as PCI DSS to millions, is spreading like a virus...
August 23, 2009 8:47 PM
Posted by: Charles Denyer
162,
45 CFR Parts 160,
and 164,
charles denyer,
health insurance portability and accountability act,
Health Insurance Reform: Security Standards,
HIPAA,
payment card industry data security standards,
PCI,
PCI DSS,
SAS 70,
The Department of Health and Human Services,
type IIHIPAA, The Health Insurance Portability and Accountability Act, has been with us for years now. Upon reading through the vast and cumbersome documentation, one quickly realizes that HIPAA has many moving parts, enough to make you...
August 23, 2009 5:01 PM
Posted by: Charles Denyer
130 million cards,
charles denyer,
data security breach,
merchants,
payment card industry data security standards,
PCI DSS,
service providersPCI DSS compliance has taken a lot of shots lately, much of it unfair. Sure, there have been a number of high profile data and security breaches, such as the recent compromise of 130 million payment (credit and debit) cards.
These stories create...
August 23, 2009 4:42 PM
Posted by: Charles Denyer
charles denyer,
gateways,
mastercard,
merchants,
payment card industry data security standards,
payment processors,
PCI DSS,
pci self assess,
qsa,
qualified security assessor,
self assessment,
self assessment questionnairesPCI DSS Compliance for merchants is a hot topic indeed as witnessed by the large and ever growing number of businesses having to comply with PCI DSS. And to be fair, the vast majority can “self-assess” for compliance by answering a series of questions...
August 23, 2009 4:39 PM
Posted by: Charles Denyer
charles denyer,
GLBA,
HIPAA,
payment card industry data security standards,
PCI DSS,
SAS 70,
sas70,
The Minnesota Plastic Card Security ActThe trend of late has been Payment Card Industry (PCI) Data Security Standards (DSS) compliance, along with a continued emphasis on the well known SAS 70 auditing standard. And occasionally, calls for GLBA and HIPAA compliance come calling also. As an...
August 3, 2009 7:25 PM
Posted by: Charles Denyer
merchants,
payment card industry data security standards,
PCI DSS,
pci dsss level 1 assessments,
SAS 70,
sas70,
service organizations,
service providers,
type i,
type IISAS 70 audits and PCI DSS Assessments are on everybody's radar screen today, or though it seems. Particularly, SAS 70 Type II Audits and Payment Card Industry Data Security Standards (PCI DSS) Level I assessments.
And why? Because many service organizations, merchants, and service providers are...
June 16, 2009 2:35 AM
Posted by: Charles Denyer
assessments,
audits,
charles denyer,
cpa firm,
payment card industry data security standards,
PCI DSS,
PCI DSS Level 1 compliance,
report on compliance,
ROC,
sas 70 type ii auditSAS 70 audits, especially Type II reports and PCI DSS Level 1 Report on Compliance (ROC) assessments are dominating today's regulatory compliance arena. Painfully, as a SAS 70 auditor and a PCI DSS assessor, I keep hearing people talk about these two compliance initiatives as if they are one in...
May 26, 2009 6:22 PM
Posted by: Charles Denyer
charles denyer,
payment card industry data security standards,
PCI DSS,
PCI DSS Level 1 compliance,
pci qsa,
pciassessment.org,
policies and procedures,
requirement 12Payment Card Industry Data Security Standards (PCI DSS) Level 1 compliance can be a very arduous, time-consuming and costly undertaking for any organization. However, there are a number of proactive steps that should be put in place for helping ensure an...
May 9, 2009 9:49 PM
Posted by: Charles Denyer
charles denyer,
payment card industry data security standards,
PCI DSS,
PCI DSS Self Assessment Questionnaire,
pciassessment.org,
qualified security assessorPCI DSS Self Assessment questionnaires are used for the large and growing number of merchants who must comply with the Payment Card Industry Data Security Standards (PCI DSS). In short, compliance can be obtained by conducting a "Self Assessment". What's important to note, however, is that there...
