Time for a PCI-DSS Assessment? Maybe?
If you accept charge cards, you are subject to the rules laid out by the PCI Security Standards Council. You could be in medical, retail or online. The field does not matter. What matters is you accept charge cards and/or debit cards. The PCI Security Standards Council mandates assessments and vulnerability scans. You perform assessments annually, or after significant changes. You perform vulnerability scans quarterly, or after a significant change.
Annual PCI-DSS Assessments
You should perform PCI-DSS assessments annually, or after significant changes. "What does that mean?" you may say.
Annually. https://www.pcisecuritystandards.org/minisite/en/docs/Navigating_DSS_v2.pdf tells us on page 4 "At least annually and prior to the annual assessment,
the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and ... Read More