South Florida Hospital News
Sunday August 25, 2019

test 2

June 2008 - Volume 4 - Issue 12




Flirting with PCI Non-Compliance Yields Dire Consequences

It’s the way of the finance world, folks … payment by credit or debit card – either online, tele-charge or swiped – is one of the options used by a growing number of customers whether buying groceries or health care. The benefits to customers and merchants are many. We all appreciate the convenience, security, immediacy and automated record keeping proffered by credit cards.

No doubt the obligations of PCI-DSS compliance on all merchants accepting card payment can by daunting. (PCI-DSS is an acronym for Payment Card Industry-Data Security Standard.) However, do not give in to the fleeting temptation to risk non-compliance because the consequences are dire including: fines and processing rate hikes, inability to accept/process credit card payments, being at risk for fraudulent purchases and finally criminal felony charges, to say nothing about losing your business.

According to Rob Orkin, One Health System Group Consultant, there are a number of programs and consultants who will outline the issues you need to tackle in order to achieve compliance; however, One Health goes a step further to provide the compliance tools as a solution – a cure which doesn’t hurt worse than the ailment!

The One Health System tool kit packages the intelligence and support of PCI experts into a point, click & print option designed to provide the policies and protocols to put you in compliance with the PCI-DSS.

For all intents and purposes, physicians and other office staff usually do not have the IT background, business know-how, or time to write policies regarding firewall configurations, password access or encrypted transmission procedures necessary to implement the access control measures required for PCI compliance.

However, One Health helps you perform the on-line Self Assessment Questionnaire (SAQ) to enable you to become compliant with the requirements of the PCI Standard. The system provides you with all of the supporting documents that you need including policies, procedures, security awareness program, employee handouts and employee book inserts.

The mantra of PCI compliance is to avoid storing sensitive credit card data known as PAN (Primary Account Number). The policies are designed to reduce the risk of exposing credit card data to potential computer hackers or ordinary thieves. The opportunities to steal personal identifiable information are everywhere, from a credit card number posted on a sticky note, to a file cabinet or office drawer full of sensitive information, or a pc folder listing credit data and it goes on and on.

"Being non-compliant is like reporting a home break-and-entry to the police but admitting you never locked the door! In fact, you’ve been negligent in taking adequate measures to protect your valuables." Orkin explained. Using One Health policies and procedures provides merchants with the steps toward compliance in an extremely efficient, effective and affordable platform.

Flirting with non-compliance also casts a ripple effect on the small to medium merchant’s ability to recruit front line business employees. As banks and processors clamp down on PCI merchant compliance and spread culpability to front line employees, it will become more difficult to recruit personnel if you don’t prove PCI compliance. The risks of culpability through non-compliance are simply not worth the hourly salary.

The bottom line is that safety and security measures are a must in today’s credit card reliant purchasing model. Recent stringent regulations regarding PCI compliancy has created a wave of paranoia among small to mid-sized merchants. Now, One Health has the tools to take the fear out of PCI compliance and merchants can confidently put precautions in place to attest that they have done due diligence in implementing measures to insure PCI compliance.

For more information visit , call 1-888-783-0911 or e-mail Rob Orkin at
Share |