Rectangle Health is proud to announce the completion of our annual Payment Card Industry Data Security Standard (PCI DSS) audit, which was processed by Rectangle Health’s Practice Management Bridge—Payments application. As a result of this audit, we received an Attestation of Compliance (AOC) and Report on Compliance (RoC).
That’s a lot of acronyms, so we’ll break it down:
These achievements confirm our adherence to the payment industry’s highest standards for securely handling payment card data. PCI is a standard developed by the five largest credit card issuers.
Our recent PCI DSS certifications continue Rectangle Health’s established commitment to high-security standards. This builds on our HiTrust Compliance achieved in September 2024 and our SOC 2 Type 1 compliance in January 2025, each underscoring our dedication to securing customer and patient data.
Why it Matters
In the healthcare space, patient trust is everything, so we take payment data security seriously. Our annual PCI DSS audit isn’t just a regulatory checkbox for us—it’s a concrete demonstration of our commitment to protecting credit cardholder data.
Our SOC 2 Type 1 compliance is another demonstration of that commitment. SOC 2 (System and Organization Controls 2) is a globally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). This audit evaluates the design and implementation of our security controls for our Practice Management Bridge—Payments application. Availability, Confidentiality, Processing Integrity, and Privacy were not evaluated.
Essentially, achieving SOC 2 Type 1 compliance means our systems and processes are built to protect customer data from the outset. SOC 2 audits are voluntary. Rectangle Health pursued this qualification not out of obligation but out of a desire to show our customers that we’re strongly committed to safeguarding their patients’ data. This commitment continues with Rectangle Health pursuing the SOC 2 Type 2 compliance in 2025.
We’re seeing a surge in cyber threats that are both more complex and more pervasive. These certifications prove we’ve implemented strong controls to protect cardholder information and customer data from breaches, fraud, misuse, and unauthorized access.
Reinforcing Our Commitment to Security
Moving forward, Rectangle Health remains dedicated to maintaining the highest data security and compliance standards.
“Data security is extremely important to us and to our healthcare clients,” said Carrie Gluck, Chief Information Security Officer at Rectangle Health. “These certifications reflect our ongoing commitment to protecting patient privacy and safeguarding sensitive data.”
Learn more about Rectangle Health’s commitment to compliance and see how healthcare practices use our platform, Practice Management Bridge, to enhance their own compliance.