BME Imaging - PCI Compliance
  The Document People
BS 10008 UKAS

PCI Compliance

PCI Security standards are technical and operational requirements set by the PCI Security Standards Council to protect cardholder data. The new digital age makes merchants the new target for financial fraud, with more than 234 million records with sensitive information having been breached since January 2005, it is imperative to use standard security procedures and technologies to thwart theft of cardholder data.The standards apply to all organisations that store, process or transmit card data. There are three ongoing steps for adhering to the PCI DSS: Assess - Identify cardholder data, take an inventory of your IT and business processes for payment card processing, and analysing them for vulnerabilities. Remediate - Fix any vulnerabilities that may have arisen during the assessing process and don't store cardholder data unless it is specifically required. Report - Submit compliance reports where required. PCI DSS follows common sense steps that mirror best security practices.

Here at BME we recognise that we have responsibilities towards our customers to ensure that as a data handler our security procedures protect your clients financial data. All documentation is kept on secure premises and are scanned onto stand-alone PCs to minimise the security risks. We maintain a secure network and all electronic documentation is encrypted for transportation and storage. After conversion has been undertaken all documentation is shredded to DIN Level 4 in accordance with DIN 32757.

All computers are installed with firewalls and anti-virus software which is kept up-to-date to ensure protection from malicious software threats. We also minimise usage of the internet by our staff. All of these steps and others allow us to remain PCI compliant and therefore better equipped to help our customers maintain PCI compliance.

© BME Imaging Ltd 2013-18