Frequently Asked Questions

HIPAA PCI IT SECURITY LORICCA LEXICON

What is the PCI Security Standards Council?

How does the PCI Security Standards Council make payment card data more secure?

How frequently will the PCI Security Standards Council update the PCI DSS and PA-DSS?

Are there any plans for PCI SSC to be a single point of contact for a merchant, financial institute or processor to send a PCI DSS compliance report to in the future?

Do QSAs and ASVs need to send reports of compliance (ROCs) or scanning results to the PCI Security Standards Council directly?

In case of a suspected breach, should the PCI Security Standards Council be contacted directly?

Will the PCI Security Standards Council provide information on breaches, the status of investigations, or PCI DSS compliance status?

Will the PCI Security Standards Council be involved in performing forensics investigations as a result of an account data compromise event?

Will the PCI Security Standards Council approve my organization’s implementation of compensating controls in my effort to comply with the PCI DSS?

What is PCI DSS?

Who must comply with the PCI DSS?

What are payment cards?

What is payment card data?

What is cardholder data?

What is sensitive authentication data?

What is the definition of merchant?

What is a self-assessment questionnaire?

What is the definition of remote access?

What is a payment gateway?

How is IP-based POS environment defined?

Is your organization HIPAA compliant?

Contact us to find out sooner rather than later.

Ask about our letters of attestation that demonstrate your compliance!