Summing It Up

By
Picture of Justin Bonk

Justin Bonk

Notification of Enforcement Discretion for Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency
By Justin Bonk on April 15, 2020

Notification provides guidance on the use of video conferencing technologies to provide telehealth services On March 17, 2020, the Office for Civil Rights (OCR) announced the “Notification...

Continue Reading
PCI DSS 3.2 Req 6.4.6 - Views on Updating PCI DSS Compliance Programs Upon Significant Changes to a Cardholder Data Environment
By Justin Bonk on July 17, 2018

If you are classified as a merchant or service provider, anytime you make a significant change to your cardholder data environment, you are required to ensure that all relevant PCI DSS...

Continue Reading
PCI DSS 3.2 Req 8.3.1 - Views on Multi-Factor Authentication
By Justin Bonk on July 16, 2018

If you're classified as a service provider or merchant, you're required to implement multi-factor authentication for any non-console administrative access into your cardholder data...

Continue Reading
PCI DSS 3.2 Req 10.8 and 10.8.1 - The Process for Detecting, Reporting, and Responding to Failures in Security Mechanisms
By Justin Bonk on July 13, 2018

If you're classified as a service provider you need to implement policies and procedures, and response mechanisms for addressing any failures in critical security mechanisms including...

Continue Reading
PCI DSS 3.2 Req 11.3.4.1 - Views on Semi-annual Penetration Testing
By Justin Bonk on July 12, 2018

If you are a service provider that uses network segmentation to reduce the overall scope of your PCI DSS assessment, what was formerly an annual requirement to obtain a penetration test is...

Continue Reading
PCI DSS 3.2 Req 12.4.1 - Views on Establishing Responsibility for the Protection of Cardholder Data
By Justin Bonk on July 11, 2018

If you're classified as a service provider, you are required to formally establish the overall responsibility for PCI compliance and the protection of cardholder data. Your PCI DSS Charter...

Continue Reading

Stay up to date