This policy is intended to relay the importance of security and protecting cardholder data.
- To establish Health Remedies’s policy for the secure handling of sensitive card holder data including but not limited to magnetic strip data, Cardholder name, Primary Account Numbers (PAN’s), expiration date, and service code
- To establish the policies and procedures to manage the relationship(s) with Service Providers.
Policies to Restrict Physical Access to Cardholder Data
The importance of protecting cardholder data is paramount. Allowing data theft or destruction, inadvertently sharing confidential information, infecting system networks with viruses, misuse of company resources, allowing the theft of company property, and allowing the compromise of private or confidential company or client information are all very real examples of what might result from a security compromise.
1.0 All paper that contains cardholder data is to be identified and physically secured in a locked drawer. No electronic cardholder data will ever be stored.
2.0 Strict control is to be maintained over the internal or external distribution of any kind of media that contains cardholder data
- Media is classified and clearly marked as confidential
- Media is sent by secured courier or other delivery method that can be accurately tracked
3.0 Management approval is to be obtained prior to moving any and all media containing cardholder data from a secured area.
4.0 Strict control must be maintained over the storage and accessibility of media that contains cardholder data. Only senior management, or their designates, will have access to media containing cardholder data.
5.0 Media containing cardholder data is to be destroyed when it is no longer needed for business or legal reasons.
- Paper materials are to be shredded, incinerated, or pulped so that cardholder data cannot be reconstructed.
- The general rule is that media containing cardholder date will be destroyed when over 180 days old. Exceptions to the rule must be approved by senior management.
Policies that Address Information Security for Contractors and Service Providers
1.0 A list of Service Providers must be maintained. This list will be updated and reviewed by senior management when necessary but at least every 180 days.
2.0 A written Agreement that includes an acknowledgement that the service providers are responsible for the security of cardholder data the service provider possess is required from each service provider.
3.0 Due diligence is to be performed prior to the engagement of Service Providers. Procedures performed will include when possible:
- A visit to the Service Providers physical offices to discuss security practices and procedure with their management and staff.
- A written statement acknowledging their responsibilities to securely process, handle and transmit cardholder data.
- Written proof that the Service Provider is PCI compliant.
- Request reliable industry references.
4.0 A program is to be maintained to monitor Service Providers’ PCI DSS compliance status. On an annual basis a request for a new compliance certificate will be requested.
This website is intended for personal use only. It's purpose is to provide education to those suffering with a variety of health concerns. The products and/or claims made about specific products found on this website have not been evaluated by the United States Food and Drug Administration and are not intended to diagnose, cure or prevent disease. The information presented on this site is for educational purposes only and is not intended to replace advice from your physician or other health care professional or any information found on any product label or packaging. You should always consult with a qualified health care professional before starting any exercise, diet or supplementation program, especially if you are pregnant, nursing or taking prescription medications. Health Remidies.com is owned and funded by Valerie Balandra NP. She has no financial interests in any of the companies whose products are offered for sale. The information contained on these pages has been researched and written by Valerie Balandra NP unless stated otherwise.
Prices are subject to change without notice. If a manufacturer has changed the product price we will notify you of the new price and give you the option to cancel your order or authorize the price difference.
Errors in Product Description and Typographical Errors
Despite our best efforts there may be errors in product description (size, weight, ingredients, etc) or pricing on our site. Vendors do not always send updated product changes in a timely manner. If you have received an item that had an incorrect description or typographical error, you may return the unopened product for a full refund. If it is listed at an incorrect price, Health Remedies has the right to refuse or cancel the order.
This site is owned and operated by Health Remeides.com and contains material which is protected by international copyright and trademark laws. You may not copy, reproduce, republish, upload, post, transmit, or distribute unmodified images and information or materials from this site without prior permission from its owner.
Health Remedies.com does not accept paid endorsements of products or display banner advertising of any kind.