Tell me more about PCI compliance
What is PCI compliance?
PCI compliance is the equivalent of HIPAA in the credit card processing field. It is a set of regulations intended to minimize the risk of credit card fraud.
Do I need to be PCI compliant?
Yes, any credit card processing merchant must be compliant. Failure to comply can lead to fines and liability for credit card breaches. This is not a Luminello regulation; it is a set of industry rules and part of the agreement you, as a merchant, have with Bluefin.
Does Luminello store the patients' credit card information?
No, Luminello does not store the patients' credit card information. Our PCI-compliant partner, Bluefin, stores it.
How do I become PCI compliant?
Process credit cards in compliance with the guidelines and certify that compliance.
How do I process in compliance with the guidelines?
Luminello recommends that your policy be that ONLY patients/clients enter credit card info in the portal. This will significantly reduce your time and technological burden, as your certification process will be substantially easier.
- If you do not handle credit card numbers but only have your patients/clients do it in the portal, see these SAQ-A guidelines. When you are going through PCI certification, make sure you check that you are web-based and indicate you FULLY outsource ALL credit card functions - then certification is a breeze!
- If you or your office personally handles credit card numbers - that is, receives full credit card info - whether you use Luminello or any other system, you can review these SAQ-C-VT guidelines. Getting an IT consultant to help you fill out this form is recommended.
- Note: these guidelines are only provided as a reference. Luminello is not qualified to advise you on these guidelines; instead, see our partner contact info below.
How do I certify to PCI compliance?
Follow the instructions provided by Trustwave. You will receive an email to log in shortly after your merchant account is set up.
Who is Trustwave?
Trustwave is our credit card processing partner's certified PCI compliance partner. If you have questions about completing your Self-Assessment Questionnaire, contact Trustwave at 800-363-1621 - select Option #1, then Option #1 again. Make sure you have your Merchant ID ready. If there are any security standards you are not compliant with, the Help Desk will also help you put in procedures to ensure that you follow them.
What if I have more questions about PCI compliance or credit card processing in general?
Contact Bluefin's customer support department at 800-675-6573, Ext #4, or email them at [email protected].
If you have any questions, please contact us.