PCI and the Healthcare Industry

Cisco unveiled a blueprint to address Payment Card Industry data security for the healthcare industry.

The blueprint is intended to provide healthcare organizations with a model for safeguarding patient financial transaction data and other personally identifiable information that is captured and processed within a healthcare facility or retail pharmacies. Called PCI for Healthcare Solution, it offers design and implementation guidelines to protect credit card, patient demographic and employee information.

Stats collected by Cisco are showing that external data security related attacks on the healthcare industry have increased 85% between January 2007 and January 2008. One in four healthcare executives do not know where their sensitive data is located, the vendor says. Also, many organizations do not have a security framework in place to provide optimal protection.

I like this idea because it shows a strong cross reference between two completely different types of industry (retail / healthcare). It shows that standards and practices that have already proven to help secure and improve industry trust, can be carried over into other forms of industry. The healthcare industry is already heavily flooded with many standards of it’s own that one would think there wasn’t anymore room to grow. But something like this, if implemented correctly could be a helpful hand in an over saturated area.