PCI compliance

EagleRidge · Post by **EagleRidge** » Fri Jul 06, 2012 12:37 pm

What's the latest on this?
Open Dental only stores CC#'s as ****(last 4 digits), but they are still stored, are they not?
We use X-charge, does that matter to the PCI compliance?
We went to the PCI website and thought we had to fill out form D, is this the incorrect one (I hope so because it looks ridiculous)?

Any information is greatly appreciated.

Post by **jordansparks** » Fri Jul 06, 2012 10:11 pm

No, Open Dental does not store CC #s. X-charge stores them in it's centralized database which is not at the dental office. It's PCI compliant.

Are you asking about a letter you got telling you you needed to fill out a questionnaire? We got that letter a few months ago and hoped that it was just for us because we are a software company. We are hoping that none of our dental office customers had to answer those ridiculous questions.

EagleRidge · Post by **EagleRidge** » Mon Jul 09, 2012 8:54 am

Yes, We got the letter saying we would be charged a non-compliance fee if we didn't sign up for the $30/mo or whatever. I looked around and what I interpreted was if we filled out the correct forms we wouldn't have to pay some service and wouldn't get charged the non-compliance fee. The form we got off line was about 30 pages and everyone who looked at it (me, wife, office manager, IT guy) were all astonished at how confusing it was.

BUT, I think that may have been the wrong from. We thought CC#'s were stored in OD. If they are stored off site, that is a whole different enchilada. I think that form may only be 5 pages long or so.

Jordan, are you saying we shouldn't need to fill out any forms at all?

Here's the website.
https://www.pcisecuritystandards.org/me ... rm.php#saq

Open Dental Forum

PCI compliance

PCI compliance

Re: PCI compliance

Re: PCI compliance