PCI Compliance & Scanning

As a reminder, Practis does not permit the scanning of our network environment for PCI or other compliance related initiatives.   Although such scans may be requested by your organization as confirmation of system security, we ask that you contact our Support Team before permitting any scan related activities against your website.

This policy is in place to avoid unnecessary web server traffic which may negatively impact customer websites.  Manual or automated scanning will adversely affect our network and web servers due to the increased network traffic and system resources that are used during such processes.   The result of which can overwhelm our web servers and cause system and website outages.   When found, Practis will actively block attempted scanning of our systems.

PCI compliance scanning is often completed when a website collects financial information such as credit card and other payment processing details.  If your website includes an online payment form that is hosted by your payment processing vendor, a PCI compliance scan does not need to be initiated against your website. 

Your payment processing vendor that hosts the payment form must verify compliance.

Practis customers using Practis Pay or PayPal do not require PCI scanning as the payment form collecting financial details is hosted.

If your website includes PractisPay, accepting payments from your users is both HIPAA and PCI compliant.  Customers using PractisPay do not require PCI scanning as the data collection and submission is completed directly within the payment processing system used by PractisPay.   

If you are considering adding an only payment form to your website, please visit http://practispay.com to learn more about this service.

If you have questions, please contact our Support Team directly.

Have more questions? Submit a request