HIPAA and PCI Compliance

HIPAA Compliance

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.

The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information.

Compliance with the confidentiality provisions by providers, patient safety organizations (PSOs) and responsible persons that hold patient safety work product.  OCR may conduct compliance reviews and investigate complaints alleging that patient safety work product has been disclosed in violation of the confidentiality provisions.  If OCR determines that a violation has occurred, OCR may impose a civil money penalty of up to $11,000 per violation.

PCI Compliance is No Longer Optional for Small Businesses

If you accept major credit cards (Visa, MasterCard, Discover, American Express), you are now required by the Payment Card Industry Security Standards Council to become compliant with the Payment Card Industry Data Security Standards (PCI DSS).

What Can Happen if You Don’t Comply with PCI?

The penalties for not complying with the PCI regulations can be very costly. If your company ever has credit card records stolen and your business is not PCI compliant, you are subject to fines from the card brands that can exceed $100,000. Your merchant service provider will also likely charge a monthly fee for each month you are not compliant. In the very worst cases, the credit card brands could take away your ability to accept credit cards, which would cripple most small or midsize businesses.

Why Should I Use Supertech to Get PCI Compliant?

By using Supertech, you will be guided through a quick, straightforward path to complete the required self-assessment questionnaire (SAQ) by answering the fewest number of questions possible. While you can fill out an SAQ directly from the PCI website, the questions can be very difficult to comprehend and decipher. Supertech will simplify this process for business owners to understand all requirements for compliance.