Protect your patients' charge card and debit card data. Perform PCI-DSS audits annually and vulnerability scans quarterly.

How often should you perform a PCI-DSS Assessment?

Time for a PCI-DSS Assessment? Maybe? If you accept charge cards, you are subject to the rules laid out by the PCI Security Standards Council. You could be in medical, retail or online. The field does not matter. What matters is you accept charge cards and/or debit cards. The PCI Security Standards Council mandates assessments and vulnerability scans. You perform assessments annually, or after significant changes. You perform vulnerability scans quarterly, or after a significant change. Annual PCI-DSS Assessments You should perform PCI-DSS assessments annually, or after significant changes. "What does that mean?" you may say. Annually. https://www.pcisecuritystandards.org/minisite/en/docs/Navigating_DSS_v2.pdf tells us on page 4 "At least annually and prior to the annual assessment, the assessed entity should confirm the accuracy of their PCI DSS scope by identifying all locations and ... Read More
August 21, 2024Mark Anthony Germanos