Qualified Security Assessor (QSA)
Definition
An individual certified by the PCI Security Standards Council to perform on-site PCI-DSS assessments for merchants and service providers that cannot self-certify. QSAs are employed by PCI SSC-approved QSA companies and produce a Report on Compliance (RoC).
Related terms
- Addressable Implementation Specification
- A HIPAA Security Rule specification that organisations must assess for reasonableness and appropriateness. If reasonable and appropriate, it must be implemented; if...
- Business Associate
- A person or entity that performs services for a HIPAA covered entity that involve creating, receiving, maintaining, or transmitting protected health information...
- Cardholder Data Environment (CDE)
- The people, processes, and technology that store, process, or transmit cardholder data or sensitive authentication data. PCI-DSS requirements apply to the CDE...
- Covered Entity
- Under HIPAA, a healthcare provider that transmits health information electronically, a health plan, or a healthcare clearinghouse. Covered entities are directly subject...
- Protected Health Information (PHI)
- Individually identifiable health information held or transmitted by a covered entity or its business associate, in any form or medium. PHI includes...
Explained in
- HIPAA and PCI-DSS Compliance RequirementsAn individual certified by the PCI Security Standards Council to perform on-site PCI-DSS assessments for merchants and service providers that cannot self-certi...