PCI

Meditology is the leading provider of PCI DSS QSA and ASV services for the healthcare industry.

Payment Card Industry Data Security Standard, PCI

Healthcare organizations are facing unprecedented cyberattacks that target sensitive information, including highly sought-after payment card data. Healthcare entities face financial penalties, legal costs, and brand reputational damage in the event that systems are breached and payment card data is exposed.

CONTACT US FOR

Default Icon

PCI DSS GAP & READINESS ASSESSMENTS

Default Icon

Payment Card
Scope & Discovery

Default Icon

PCI QSA Level 1 Audits

Default Icon

SELF-ASSESSMENT QUESTIONNAIRE (SAQs) AUDITS

Default Icon

Vulnerability Scanning (Approved Scanning Vendor)

Default Icon

PCI Penetration Testing

Default Icon

PCI Strategic Consulting & Staff Augmentation

Default Icon

PCI DSS Remediation Management

PENALTIES FOR FAILURE TO COMPLY WITH PCI DSS REQUIREMENTS

  • Breach fines (500k+ or $5,000 - $100,000 per month)
  • Cost for a forensic investigation
  • Associated costs for card re-issuing, fraud monitoring, etc.
  • Transaction fee increases
  • Potential cost of FTC audits for 20 years
  • Potential litigation (some states have laws that protect affected individuals)
  • Reclassification as a level 1 merchant (higher standard of compliance)
  • Reputational damage
  • Interchange rate increases or organization is no longer able to accept payment cards

Where is PCI Cardholder Data Processed for Healthcare Organizations?

Default Icon

Inpatient registration

Default Icon

Outpatient office co-pays

Default Icon

Web-based patient payments

Default Icon

Fitness Centers

Default Icon

Gift Shops

Default Icon

Foundation and donation centers

Default Icon

Cafeteria

Default Icon

Pharmacy

WHAT SETS MEDITOLOGY APART

  • Dedicated exclusively to the healthcare industry
  • PCI DSS Qualified Security Assessor (QSA)
  • Approved Scanning Vendor (ASV)
  • Proven track record helping healthcare entities effectively manage PCI risks
  • Real-world experience implementing and assessing PCI for healthcare organizations

RELATED RESOURCES

Blog Post
5 Green Flags to Look for in Your Healthcare Cybersecurity Assessor
Read
Blog Post
HITRUST Redesigns CSF in v11 to Increase Efficiencies and Cyber Threat-Adaptive Assurances
Read
Podcast
The CyberPHIx Roundup: Industry News & Trends, 1/16/23
Listen
Podcast
Top 10 Cyber Risk Exposure Trends and Predictions for 2023
Listen
View All Resources
 
Quote Icon

I want to thank your team for helping us during this time.

The way the Meditology PCI Certification Consulting Services was so beneficial to me is that our qualified assessor is actually not as qualified on technologies and components, and it can take a lot of time out of my schedule. As the CISO, I don’t have time to explain that to someone; it would be a significant impact on our business. I rate Meditology PCI Certification Consulting Services a 5 out of 5 on Value because not only is the process and the structure smooth but they helped with education of that assessor which had an indirect impact on revenue.

CISO

Telephonic Software Analytics Company

View All Testimonials
 
Quote Icon

It’s extremely valuable to have an outside firm do this work.

Compared to in-house where it would take 4 months and 100% of my time, it’s completely worth it – and I know how much work it is. It’s nice to have my concerns validated too.

Information Security Specialist

Large Pediatric Health System

View All Testimonials
 
Quote Icon

The Meditology Team is always very responsive.

Very satisfied with the process and deliverables for the PCI assessment and ethical hacking engagement.

Manager Information Security GRC,

Large Integrated Health System in the South

View All Testimonials