PCI compliance in Healthcare: Taming the monster at Allina Health System

[Informatics Playbook, December 16, 2010] When most of us think of compliance in healthcare we think of HIPAA. But, over the past few years, PCI-DSS (Payment Card Industry Data Security Standard) has been giving HIPAA a run for its money.

Why? In part, because of the sprawling nature of PCI compliance programs, but also because PCI’s bite is actually far worse than its bark. These two factors are largely responsible for elevating PCI’s state of urgency at Allina Health System in Minnesota.