- Receives Attestation of Compliance for PCI-DSS Level 1
- Certification compliments existing HIPAA, SSAE 18 SOC I & II audit results
- Attests to BillingTree commitment to maintain highest standards of industry compliance for its customers
Phoenix, Ariz. – October 31, 2018 BillingTree® announced today it has successfully completed its 2018 compliance audits. The PCI-DSS attestation of certification (AOC) was issued by authorized Third Party Assessor and a Qualified Security Company (QSC), MegaplanIT. BillingTree also successfully completed its HIPAA, SSAE 18 SOC I and SOC II audits earlier this year.
The most recent PCI attestion of compliance (AOC) includes BillingTree’s CareView and XprsPay products which were acquired in late 2017, helping organizations in B2B and healthcare leverage secure and easily manageable digital bill presentment and payment acceptance.
The SSAE 18 SOC I report evaluated the effectiveness of the controls in operation at BillingTree on user entities’ financial statements, while the SOC II audit evaluated BillingTree’s information systems relevant to security, availability, processing integrity, confidentiality and/or privacy.
The HIPAA (ePHI) assessment certifies that BillingTree’s processes, procedures and controls have been formally evaluated and tested against guidelines laid down by the U.S Department of Health and Human Services.
BillingTree undertakes these efforts to ensure the company aligns its policies, procedures and technical systems in order to secure PCI, ePHI, sensitive, and financial data in line with industry best practices. The annual assessment process requires detailed evaluation of key areas of the business including but not limited to: Policies and Procedures; Network Data Flow with Narrative; Documented System and Network Inventory; Physical/Environmental Security, both corporate and data center; Internal & External Vulnerability Assessment; Internal & External Penetration Testing; Encryption; System & Network Hardening Standards; Patch Management; Access Control; Data Storage; Wireless Network Analysis; Testing of Deployed Security Measures; and Monitoring/Response Assessment; Business Continuity; Vendor Management.
“Completing these critical audits yet again proves Billingtree continues to place high value on compliance and security, and the solutions used by our clients measure up to current regulations and legislation,” said Edgars Sturans, CEO and President at BillingTree.
“Adhering to the latest industry standards confirms BillingTree operations and technology are in line with information security best practices,” said Melissa Kirk, CIO for BillingTree. “These consistent practices help to strengthen and maintain our cyber security resiliency and ensure we continue to deliver best in class solutions to our customers.”
BillingTree® is the leading provider of integrated payments solutions to the Healthcare, ARM, Property Management, B2B, and Financial Services industry verticals. Through its technology-enabled suite of products and services, BillingTree enables organizations to increase efficiency and decrease the costs of payment processing while adhering to compliance regulations. Leveraging more than a decade of market experience, BillingTree is dedicated to growing payments with technology through an integrated omni-channel offering, suite of proprietary products and value-added services, and a company-wide focus on delivering extraordinary customer service.