Tell me more about PCI compliance
What is PCI compliance?
PCI compliance is the equivalent of HIPAA in the credit card processing field. It is a set of regulations intended to minimize the risk of credit card fraud.
Do I need to be PCI compliant?
Yes, any credit card processing merchant must be compliant. Failure to be compliant can lead to fines and liability for credit card breaches. This is not a Luminello regulation; it is a set of industry rules and it is part of the agreement you as a merchant have with Bluefin.
Does Luminello store the patients' credit card information?
No, Luminello does not store the patients' credit card information. It is stored by our PCI compliant partner, Bluefin.
How do I become PCI compliant?
Process credit cards in compliance with the guidelines, and certify to that compliance.
How do I process in compliance with the guidelines?
Luminello highly recommends that your policy be that ONLY patients/clients enter credit card info in the portal. This will reduce your time and technological burden significantly, as your certification process will be substantially easier.
- If you do not handle credit card numbers but only have your patients/clients do it in the portal, see these SAQ-A guidelines. When you are going through PCI certification, make sure you check that you are web-based and indicate you FULLY outsource ALL credit card functions - then certification is a breeze!
- If you or your office personally handles credit card numbers - that is, receives full credit card info - whether you use Luminello or any other system, you can review these SAQ-C-VT guidelines. Getting an IT consultant to help you fill out this form is recommended.
- Note: these guidelines are only provided as a reference. Luminello is not qualified to advise you on these guidelines; instead, see our partner contact info, below.
How do I certify to PCI compliance?
Follow the instructions provided by Trustwave. You will receive an email to log in shortly after your merchant account is set up.
Who is Trustwave?
Trustwave is our credit card processing partner's certified PCI compliance partner. If you have any questions about completing your Self-Assessment Questionnaire, contact Trustwave at 800-363-1621 - select Option 1, then Option 1 again. Make sure you have your Merchant ID ready. If there are any security standards that you are not compliant with, the Help Desk will also help you put in procedures to make sure that you do follow them.
What if I have more questions about PCI compliance, or credit card processing in general?
Contact our dedicated representative at Bluefin, Kelvin Reid, at tel 800 675 6573 x7802.
If you have any questions, please contact us.