Health care providers are certainly no stranger to data privacy and security standards related to protected health information (PHI). Although these providers and their respective organizations are well versed in rules, policies and requirements of HIPAA, few are aware that the PCI-DSS rules apply to their businesses and even fewer are compliant. When HIPAA compliancy mandates were looming, health care providers seriously performed “gap analyses†to understand risks and then developed policies, instituted practices and acquired technologies.
Read more in SC Magazine.