Protect data security with tips from Chase Paymentech
February 14, 2012
Consumer trust in the security of sensitive information is more critical than ever. Chase Paymentech, the only credit and debit card processor endorsed by ADA Business Resources, is committed to helping dental practices protect their patients' cardholder data.
Dental practices accepting credit and debit card payments are responsible for the safety of their patients' credit card data, explained David Wallace, general manager of data security standards compliance for Chase Paymentech.
“A data compromise can negatively impact both your bottom line and your practice's reputation, so it's important to reduce the practice's vulnerability to the greatest extent possible,” said Mr. Wallace.
Chase Paymentech suggests that ADA members review and implement the following data security best practices:
- Ensure all printed copies containing full cardholder account number(s), such as paper receipts, orders and invoices, are physically secured.
- Avoid storing any cardholder data that is not needed to run your practice. Chase Paymentech offers solutions for using alternative data rather than the full cardholder account number to respond to customer inquiries.
- Know who has access to your practice's computers, including any vendors who may need to connect to it remotely for maintenance purposes. Everyone should have his or her own user ID protected by a strong password. If you use vendors that have access to your customers' data, make sure they are protecting that information.
- Destroy any physical or electronic records containing full cardholder account numbers when it is no longer needed for business purposes. Take the necessary steps to destroy it responsibly.
- If you use a computer at your practice to handle cardholder data or facilitate payment card transactions, make sure you have an anti-virus program installed and it is updated regularly. Also make sure you turn on the system update feature to ensure free security updates are automatically received and installed. If possible, do not use your computer for any function that is not business-related. This includes web surfing or accessing web-based email accounts.
If your practice uses a point of sale terminal:
- Ensure both the customer receipt and your merchant receipts do not include the full account number or expiration date.
- Program all terminal(s) to only show the last four digits of the account number and to hide the expiration date. Chase Paymentech can assist you with this.
If your terminal connects via the Internet (both wired and wireless):
- Make sure your Internet connection has a firewall installed. This firewall must be properly configured so that it does not allow any unauthorized computer access or traffic.
- Have an Approved Scan Vendor perform network vulnerability scans on your Internet connection at least every three months.
When patients hand you their payment card or provide you with their account information, they expect you to safeguard that data. Keeping that trust is essential for fraud reduction and maintaining a positive relationship with patients.
For more than a decade, Chase Paymentech has been providing ADA members a credit card processing program designed exclusively for dentists.
If you have any questions or concerns regarding cardholder data security or want to learn more about the benefits of Chase Paymentech, call 1-800-618-1666 or visit ADAbusinessresources.com.