Cyber security. Hackers. Viruses. Data breaches. These words have become so ubiquitous in our daily lives that they don’t quite pack the same punch they used to…unless they affect you. Chances are, you have been the victim of a cyber-related mishap, either personally or professionally, and dangers seem to lurk everywhere. Even mundane tasks, like clicking an email attachment, visiting an ATM or paying for gas at the pump with a credit card, have become risky.
The best defense against a cyber-attack is to prevent one from happening. As a business owner, you must care as much about protecting your customers’ data as you do improving their health, and a breach could compromise that. However, determining where to start and how much security is enough can be a challenge.
Responsible business owners are forced to implement a myriad of procedures and safeguards to remain secure and compliant with federal guidelines. In addition to external threats, employee theft also poses a security risk and can result in drug diversion, unauthorized discounts and exposure of protected health information (PHI).
Protecting customer data is of the utmost importance to us, and QS/1 holds various national certifications and employs robust safety procedures. From our internal data center to our pharmacy management systems, here are a few examples of how QS/1 can safeguard your pharmacy.
Offers encryption during a transaction and tokenization for storing cardholder data.
- Point-of-Sale (POS) offers end-to-end encryption (E2EE) for transmissions of card data along with tokenization for customers who store cardholder data for recurring charges.
- QS/1 is certified to enhance merchant security with the Payment Application Data Security Standard (PA DSS), the Payment Card Industry Data Security Standard (PCI DSS) and current EuroPay, MasterCard, Visa (EMV®) standards for processing chip-and-pin cards.
- POS includes PaySentry®, which performs credit card pre-authorization, stores cardholder data and verifies card information used for recurring billing with an Address Verification System (AVS).
Limits employee access to PHI and tracks changes made to your system.
- POS assigns specific barcodes to employee ID cards that can be swiped or scanned to limit access.
- QS/1 systems and POS mask social security numbers on the Patient Record, allowing only staff with the proper security access the ability to view and edit.
- Advanced Security protects inventory, finances and prescription records by tracking when employees make changes.
- QS/1 offers two methods for multi-factor authentication (MFA): biometric and Active Directory LDAP module.
- QS/1 complies with current industry standards to ensure the safety of our customer data.
- QS/1 systems and networks are recognized by the Electronic Healthcare Network Accreditation Commission (EHNAC), meaning they meet regulatory compliance with HIPAA, HITECH, ARRA and the Affordable Care Act.
- QS/1 is certified with e-Prescribing Accreditation Program (ePAP) for e-Prescribing Networks and HNAP EHN for clearinghouse health networks. Our data center houses systems and networks that support our internal operations and external services, including prescription insurance claim processing, e-Prescribing transactions, payment-card processing and cloud-based hosting.
- QS/1’s Data Center houses a Level 1 Payment Gateway and is certified for the following services: Clearing & Settlement, Payment Gateway/Switch, Payment Processing-Internet/POS and Tax/Government Payments.
- QS/1 has a comprehensive program that addresses the privacy and security of PHI.
- QS/1 monitors the National Council for Prescription Drug Programs (NCPDP) and the ANSI standards and strictly follows their standards and guidelines.
- Electronic Prescribing for Controlled Substances (EPCS) secures electronic record keeping, which reduces fraud and abuse, and offers software certified by Surescripts®, eRx Network® and the DEA recognized third-party auditor.
- QS/1 protects customer data by storing it in two separate, secure locations and offers the ShadowProtect® local backup using the industry standard AES 256-bit.
- QS/1 is a Qualified Integrator and Reseller (QIR) for deployment of credit card payment systems.
For more information on QS/1’s security certifications and offerings, visit www.qs1.com/security.