Payment Card Industry Compliance
PCI DSS: Payment Card Industry Data Security Standards
The Payment Card Industry Data Security Standards is a recently established set of comprehensive requirements for improving credit card payment account data security. The requirements were developed by the founders of the PCI Security Standards Council which include American Express, Visa International Inc., MasterCard Worldwide and Discover Financial Services.
Compliance with PCI DSS is not an option. The University of Cincinnati must comply in order to continue to accept credit cards. Compliance protects the University of Cincinnati from adverse financial consequences and ensures the University's excellent reputation.
UC's Office of the Treasurer has already made significant progress in ensuring that the university is compliant. The new Credit Card Processing Policy is effective August 1, 2011. New hardware and software systems and controls for networks and applications have been requested and are in the process of implementation.
Though we have completed significant work toward compliance, more needs to be accomplished. PCI compliance will be an ongoing project.
Additional information and news regarding PCI will be published on this website as it is available.
- Best Practices to Minimize Credit Card Fraud
- Credit Card Processing Policy (Under review for revisions in FY15)
- Requirements and Security Assessment Procedures from the PCI Security Standards Council
E-mail Susan Albonetti or call her at 556-4793.
PCI DSS Training Sessions
Treasury Operations has tentatively planned 2014 onsite training for October 6th 2014 and November 19th 2014 in University Hall. Please check back for further details.
WEBEX training is also being scheduled for the beginning of December 2014. Additional details to follow.