Regulatory Compliance

IP Applications helps organizations achieve regulatory compliance. Any organization  launching an On Demand application must ensure that they are meeting regulatory compliance standards in regards to the exchange and storage of sensitive information as well as the reporting on financial performance.

A key standard any On Demand application provider must be aware of is PCI DSS.

PCI DSS

PCI DSS stands for Payment Card Industry Data Security Standard. This standard was developed through the cooperation of several major credit card organizations to address the mutual concerns around credit card data security.

The standard deals with all aspects of handling sensitive credit card data, ranging from physical security, personnel reliability, to network firewalls, intrusion detection and encryption standards of stored data. Compliance with the standard is ensured by an audit by qualified security assessors (QSAs). Failure to comply with the standard may result in revocation of the ability of an organization to collect and process credit card data.

The use of IP Applications by an On Demand vendor alleviates the need of the vendor to handle credit card data, and hence alleviates the concerns and effort of initial and ongoing PCI-DSS compliance.

For more information on PCI DSS, please see our page on PCI compliancy.