Similar to use of SOC 1 audits to ensure controls and security over our client’s financial health, APS leverages PCI (Payment Card Industry)/DSS (Data Security Standard) Compliance Audits to ensure security over credit card data received by your patients and your clients.
APS contracts with a Qualified Security Assessor (QSA), approved by the PCI Security Council, to conduct an annual audit. The QSA starts by evaluating our security infrastructure including procedures, policies, networks and systems. The QSA reviews a risk assessment to prioritize areas that may need addressed and processes are in place to continuously monitor security procedures to ensure PCI security standards are met.
As a service provider, processing and transmitting cardholder data in the performance of services provided to our clients, APS acknowledges that it is responsible for the security of cardholder data that it processes.