Payment Card Industry Compliance
PCI DSS: Payment Card Industry Data Security Standards
The Payment Card Industry Data Security Standards is a recently established set of comprehensive requirements for improving credit card payment account data security. The requirements were developed by the founders of the PCI Security Standards Council which include American Express, Visa International Inc., MasterCard Worldwide and Discover Financial Services.
Compliance with PCI DSS is not an option. The University of Cincinnati must comply in order to continue to accept credit cards. Compliance protects the University of Cincinnati from adverse financial consequences and ensures the University's excellent reputation.
UC's Office of the Treasurer has already made significant progress in ensuring that the university is compliant. The new Credit Card Processing Policy is effective August 1, 2011. New hardware and software systems and controls for networks and applications have been requested and are in the process of implementation.
Though we have completed significant work toward compliance, more needs to be accomplished. PCI compliance will be an ongoing project.
Additional information and news regarding PCI will be published on this website as it is available.
- Best Practices to Minimize Credit Card Fraud
- Credit Card Processing Policy
- Requirements and Security Assessment Procedures (July 2009) from the PCI Security Standards Council
E-mail Susan Albonetti or call her at 556-4793.
PCI DSS Training Sessions
Treasury Operations held the annual 2013 on-site training sessions on August 27, 2013.
PCI training is mandatory for all university credit card merchants. A second training session via WEBEX is scheduled for October 17th at 2:30pm. Please contact Susan Albonetti for link to WEBEX training.