Minneapolis, MN (PRWEB) March 9, 2009
Sophrona Solutions, the leader in online patient communication solutions for ophthalmology, announces it has completed a year long security initiative to become fully compliant with the Payment Card Industry's Data Security Standard (PCI-DSS). The project was completed with the help of TrustWave, a leading provider of on-demand data security and payment card industry compliance management solutions. In doing so, Sophrona has passed all 230 criteria set by the Payment Card Industry to ensure safe online credit card transactions, and undergone rigorous systems vulnerability scans. "We are proud to announce complete compliance with the stringent standards set by Visa, MasterCard, and other members of the Payment Card Industry," stated Mike Papp, Security Manager and Privacy Officer for Sophrona Solutions. "Doing so guarantees our system's security beyond our word and gives our clients peace of mind."
All companies that have online credit card transactions are required to be PCI compliant. Many practices, however, either hand off their credit card data management to a credit card clearing house, or simply continue to operate despite not being fully PCI compliant. "The process is long and arduous." stated Papp. "But with the growth in customer credit information stored and managed by Sophrona we knew it was incredibly important that we pass all of the criteria." For over a year Sophrona has opened its systems to PCI certified, third party vendor TrustWave to perform mock penetration "attacks". "These penetration scans demonstrate potential security concerns, and give us a chance to fix them. The vendor plans scans to probe for a plethora of different possible vulnerabilities." said Papp. "As a result of these scans, we now have several layers of protection in place."
Sophrona took on this in-depth project because its innovative patient communication and ecommerce applications hold patient information (ePHI) and allow patients to pay bills and buy contact lenses online. "While Sophrona's systems have always been secure, we wanted to obtain the highest level of security certification possible." said Marc-François Bradley, President of Sophrona Solutions. "By attaining PCI Certification, we have exceeded many of the security standards set by HIPAA in order to ensure our client's information is as safe as possible."
Even now with the certification process complete, Sophrona will continue to undergo regular security penetration scans. "We are a growing business and our portal applications are constantly improving and evolving," said Papp. "TrustWave's ongoing third party scans ensure that even as our systems expand our client's information will continue to be protected and safeguarded. PCI certification is just another way that Sophrona Solutions continues to be a leader in the area of patient portal system and data security."
About Sophrona Solutions:
Sophrona Solutions is the leader in patient portal software designed for and by ophthalmologists. Sophrona serves ophthalmology practices nationwide with its innovative and profitable online patient communication technology solutions. Through its HIPAA secure patient portal software, data analytics, and powerful interface engine, Sophrona equips eye doctors with a comprehensive suite of patient relationship management tools to improve clinic efficiency, grow patient volume, and increase profitability. For more information, visit http://www.sophrona.com.