Configuring OrthoTrac > Setting Up Security > Initial Security Setup Suggestions
OrthoTrac 15.0 protects client payment information in accordance with the Payment Card Industry Data Security Standard (PCI DSS). This ensures a secure environment for accepting, processing, storing, and transmitting credit card information.
OrthoTrac 15.0 and later versions of the software enhance security protocols and restrict access to the Auto Payment report. These protocols improve information privacy and reduce the risk of unauthorized users viewing unredacted client payment information.
This release includes the following security upgrades:
By default, access to the Auto Payment report is disabled for all users.
A permanent PCI Compliance password is required to control access to the Auto Payment report. Once the password is set, the user who created it can enable access to the Auto Payment report for individual staff members. Permission by Staff Type is disabled for the Auto Payment report.
Auto Payment report activity is logged.
To grant access to the Auto Payment report, a OrthoTrac user with a Staff Type of Doctor or Office Manager must create the PCI Compliance password. You cannot run the Auto Payment report until this password is set.
Use good security practices to keep the password safe. Once set, the PCI Compliance password cannot be changed or removed by staff members. To reset the password, you must fax a request to Carestream Dental Support. This request must be signed and dated by the doctor, and a connection to the data server is required for a support representative to complete the process.
To complete initial setup of the PCI compliance password:
Log in to OrthoTrac as a staff member with a Staff Type of Doctor or Office Manager.
To update the staff type designation for an employee, see Changing Staff Member Information.
From the main menu, select Functions > Maintenance/Setup > Security. The Security window is displayed.
Select By Staff.
From the By Staff drop-down list, select the staff member for whom you want to enable access.
From the Category list, select Reports. A list of functions is displayed in the right pane.
Select the permission access for Auto Payment Reports. The PCI Compliance Password window displays a message informing you that the password must be set before security access to Auto Payment Reports can be enabled.
Type the password in the Password field.
Type the password in the Confirm Password field.
Click Set Password.
Select Yes to enable access for Auto Payment Reports.
Click OK.
Only the user who created the PCI Compliance password can provide access to the Auto Payment report. This user must enter the PCI Compliance password for each staff member that needs access to the Auto Payment Report, however, this must only be done once per staff member.
Enabling the Auto Payment Reports function can display complete credit card numbers on the Auto Payment report. It is recommended that you only enable this function for staff members who need this information to process automatic payments, such as practice owners, doctors, and office managers. Credit card account numbers will be partially hidden on the report if the client has or had Carestream Dental’s ePayment processing when the card was originally entered for a patient, or if the staff member who has access to the report does not have a password set up to log in to OrthoTrac.
To enable access to the Auto Payment report:
Log in to OrthoTrac as the user who created the PCI password.
From the main menu, select Functions > Maintenance/Setup > Security. The Security window is displayed.
Select By Staff.
From the By Staff drop-down list, select the staff member for whom you want to enable access.
From the Category list, select Reports. A list of functions is displayed in the right pane.
Select the permission access for Auto Payment Reports. The PCI Compliance Password window is displayed.
Type the password in the Password field.
Click Enter Password.
Select Yes in the Permission column to enable access for Auto Payment Reports.
Click OK.
Initial Security Setup Suggestions