Session ID: 
212

Streamline Payment Card Industry (PCI) Compliance in a Diverse Hospital Environment

10:00am - 11:00am Thursday, February 14
Orlando - Orange County Convention Center
W230A

Description

Healthcare security professionals must address the challenges and opportunities associated with delivering healthcare outside the four walls of a hospital and offering new payment options available to patients. The massive increase in credit card use in hospital settings--via customer service representatives, on-site terminals, and online portals--is drawing the attention of hackers, banks and regulators. But when hospitals begin the process of scoping their card data environments (CDE), they often discover complexities involved with having several small merchants that must roll up into a single entity for compliance attestation. This case study session will demonstrate how a major health system streamlined the process to create, implement, and maintain a program for Payment Card Industry (PCI) compliance attestation. We’ll share success metrics that resulted in scope reduction and gap identification, which allowed for focus on process improvement.

Learning Objectives: 

  • Evaluate current payment security program status
  • Assess high-level gaps for remediation
  • Identify commonly overlooked areas for process improvement
  • Integrate all merchants in health system for attestation

Speaker(s): 

Director, Enterprise Information Security,
Bon Secours Health System, Inc.
Principal,
Coalfire

Audience: 

CIO, CTO
CISO/CSO
Healthcare Financial Professionals

Level: 

Intermediate