Security & Compliance

DataProse is committed to ensuring all data exchanged via our platform, including any information transferred between the biller and consumer is completely secure. To accomplish this, we are continually updating and improving our security processes.  This includes internal standards for our employees but also at our processing facilities.  Through these procedures and standards, we are required to uphold a variety of compliance standards, audits or certifications.

PCI Compliance

PCICert_logoThe PCI Security Standards Council offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents (www.pcisecuritystandards.org). DataProse’s Customer Centric Billing solution is PCI Compliant.

SSAE16

AICPA_logoSSAE 16 (formerly SAS70) was drafted with the intention and purpose of updating the US service organization reporting standard so that it mirrors and complies with the new international service organization reporting standard – ISAE 3402. SSAE 16 also establishes a new Attestation Standard called AT 801, which contains guidance for performing the service auditor’s examination. DataProse maintains an SSAE 16 Tier I certification.

HIPAA Privacy

HIPAA_compliance_logoThe HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections. The entire DataProse platform is HIPAA compliant.

For additional detail on how DataProse works to protect your information, please contact us directly at 972-462-5400.