If your company houses any kind of cardholder data, particularly if combined with other identifying information, then the data MUST be encrypted. While many organizations do not yet store such data and only handle it on a per use basis, the future may require storage for client convenience to remain competitive. The bottom line is that any such data must be kept safe, and access to the data must be restricted and logging of such access is required. To top it all off, some states have requirements that go beyond those of PCI DSS (Payment Card Industry Data Security Standards).
NAN will consult with your organization to determine which solution fits the needs and requirements of your project. NAN can provide a fully encrypted cloud platform, secure VPN services and our Network Based Firewall can protect your main location or all your network locations whether they are linked via MPLS, VPN over broadband, or just about any other technology. NAN will review the PDI DSS responsibility matrix and questionnaires with your organization as a part of the consulting phase to ensure your security staff, and our engineers form a working partnership that results in a successful implementation.
The NAN approach to your compliance project makes use of several industry standard features:
- Fully encrypted cloud servers and storage
- Carrier grade Network Firewall and Management
- SSAE16 SOC II Compliant Data Centers
- PCI DSS ready products and services
- Consultative, partner-based implementation
The complexity of creating and maintaining compliant processes and systems is a difficult task. By allowing NAN to partner for the planning, implementation and ongoing management, you can focus on patient care and not technology details. Below are just some of the benefits of partnering with NAN for your compliance needs:
- Committed partnership throughout the PCI DSS implementation process
- Cost effective solutions that fit corporate budgets
- A comprehensive solution that encompasses all aspects from connectivity to cloud
- Peace of mind that your organization is meeting or exceeding the compliancy requirements