What is it?
PCI Compliance is a certification process which validates that a merchant accepting credit cards is operating under, and adhering to, the data security standards set out by the Payment Card Industry Security Standards Council PCI Security Standards.
In security terms, it means that your business adheres to the PCI DSS requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. In operational terms, it means that you are playing your role to make sure your customers’ payment card data is being kept safe throughout every transaction, and that they – and you – can have confidence that they’re protected against the pain and cost of data breaches.
Why is it important?
Many departments across campus accept credit cards for payment of services. It is our obligation, and a requirement under the PCI Security Standards, that we maintain a secure environment in which to perform credit card processing. Any individual on campus who is responsible for handling a credit card during the course of their day-to-day business is required to operate in accordance with PCI Standards. Annual online training through Financial Services is required for each individual.
Where do I find more information?
For more information on PCI Compliance or the annual training requirements, visit http://carleton.ca/financialservices/business-operations/credit-cards-and-pci-compliance/.