Point-to-Point Encryption

Protecting cardholder data with P2PE

Rectangle Health is recognized by the Payment Card Industry (PCI) Security Standards Council (SSC) as an official Point-to-Point Encryption (P2PE) Solution Provider. Being P2PE validated shows our commitment to providing the most secure and compliant healthcare technology to our family of healthcare practices that trusts us with their payment processing needs and more.

PCI validation of P2PE minimizes the burden that practices must go through on an annual basis to obtain PCI compliance. This is called “reducing PCI scope,” which means that by decreasing the amount of cardholder information that is in possession by a practice. Our solution helps to cut down the “scope” or range of data that can be compromised. To meet P2PE requirements, payment card data must be encrypted immediately at the point-of-sale terminal, and it cannot be decrypted until after it is securely transported to and processed by the payment processor.

Rectangle Health is one of only roughly a dozen healthcare payment solution providers on Earth that protects data with true point-to-point encryption. To do this, Practice Management Bridge secures credit and debit card transactions by encrypting all data within a PCI-approved point-of-entry swipe or keypad device. This encryption prevents clear-text cardholder data from being available in the device or in the merchant’s system, where it could be exposed to malware.

• Our solution is cloud-based technology.
• Cardholder data is tokenized.
• Cardholder data is stored securely.
• Data is protected and continuously monitored.
• We encrypt transmission of cardholder data across open, public network.
• We adhere to performing an annual PCI-DSS assessment.

It is every organization’s responsibility to manage sensitive data securely and appropriately, and Rectangle Health helps make it easier on practices to maintain the safety of their patient data.