Clovertech

PCI Compliance

Clovertech Forums Read Only Archives Cloverleaf Cloverleaf PCI Compliance

  • Creator
    Topic
  • May 12, 2009 at 11:07 am #50860
    Mark Thompson
    Participant

      Clovertechies,

      I would like to hear from anyone that is passing credit card information through Cloverleaf.  How do you comply with the PCI (Payment Card Industry) standard for storing card numbers encrypted in your log files?  Current SMAT files are the biggest issue, but process logs could also contain a message dump.  Long term storage is not an issue — we can encrypt when we cycle the logs, but current files appear to be a problem.  Thanks for any info.

      -Mark

      - Mark Thompson
      HealthPartners

    • Creator
      Topic
    Viewing 0 reply threads
    • Author
      Replies
      • May 13, 2009 at 6:54 pm #67798
        James Cobane
        Participant

          Mark,

          We don’t have any PCI data interfaces going through our Cloverleaf at this time, but we do have the Micros POS system that interacts with our CBORD system.  The way that it is handled is that the Micros System is in it’s own “PCI Network” and only CBORD is allowed into that network.  Since that data is not going through Cloverleaf, we haven’t had to address it.

          Jim Cobane

          Henry Ford Health

      • Author
        Replies
      Viewing 0 reply threads
      • The forum ‘Cloverleaf’ is closed to new topics and replies.