Press

SimplePractice Receives Payment Card Industry (PCI) Data Security Standard Certification as a Level 1 Service Provider

Certification Affirms Rigorous Security Standard Applied to the Cloud-Based EHR Platform, Giving Health Professionals and their Clients Greater Peace of Mind

LOS ANGELES, CA—December 28, 2020—SimplePractice, the industry leader in practice management and electronic health record solutions for health and wellness professionals, today announced its achievement of Level 1 PCI Data Security Standard Certification, solidifying SimplePractice as a certified PCI merchant. This confirmation of compliance is issued by a third party Qualified Security Assessor (QSA) and recognizes the highest levels of security and compliance measures upheld by the SimplePractice EHR platform and team.

The PCI DSS, one of the most exhaustive and strict payment security certification standards in the world, requires merchants and service providers that store, process, or transmit customer payment card data to adopt information security controls and processes to ensure data integrity. The PCI DSS includes requirements for security policies, procedures, management, software design, and other vital protective measures that service providers must adopt to safeguard customer data. 

In order to obtain PCI DSS certification, a company is required to undergo a thorough onsite audit from a PCI SCC-authorized independent assessment organization. These include Qualified Security Assessors, PCI Forensic Investigators, Approved Scanning Vendors, and others. After achieving certification, a company must comply with pertinent security requirements across its daily operations. 

“Maintaining compliance with the latest security standards and HIPAA regulations is a critical part of the work we do ensuring our customers have the latest in technical capabilities to run their businesses. For any healthcare practice, keeping both practice and client data private and securely stored is a top priority,” said Martin Ignotovski, chief information officer of SimplePractice. “For smaller and private practices, PCI DSS certification is a huge differentiator that allows our customers to maximize their focus on transforming their clients’ lives.”

“The Payment Card Industry Data Security Standard Certification help ensure that personal payment data will remain private,” said Ryan Freeman-Jones, managing director of Meditology Services, the third-party assessor responsible for the security audit of SimplePractice. “We appreciate the opportunity to partner with SimplePractice for their ongoing efforts to safeguard customer data.”

Over 100,000 health and wellness professionals trust SimplePractice to provide best-in-class business solutions tailored to the needs of small private practices. Earlier this year, SimplePractice became the first and only electronic health record (EHR) platform available on the market for private practitioners to have surpassed HIPAA compliance to achieve both HITRUST and NIST CSF certification, the highest security standards available in its category. For many entrepreneurs in private practice, the tools provided by SimplePractice provide peace of mind about the operations of their business, along with the freedom and flexibility to focus on their clients, families, and passions.

For more information about SimplePractice, visit https://www.simplepractice.com/.

About SimplePractice

SimplePractice gives health and wellness practitioners everything they need to succeed as entrepreneurs. With telehealth, scheduling, billing, form intake, continuing education, and more all available on one elegant, HIPAA-compliant, and HITRUST-platform, SimplePractice is the leading cloud-based EHR software for private practitioners. More than 100,000 practitioners trust SimplePractice to run their business, advance in their profession, and increase their capacity to help others, all without sacrificing the quality of life and control over their own destiny that should come with running a private practice. 

For more information on SimplePractice, visit SimplePractice.com and join the conversation on LinkedIn, Facebook, and Twitter.

Manage and grow your private practice, all in one place.

Free 30-day trial. No contracts. Change anytime. Tax deductible.

Start My Free Trial
No credit card needed
Access all features
HIPAA-compliant