PCI Policy and Procedure
Payment Card Industry Policies, Procedures, and Standards
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store or transmit payment card information maintain a secure environment. The Payment Card Industry Security Standards Council (PCI SSC) was created in September 2006 by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB) to manage the evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process. The PCI DSS is administered by the PCI SSC.
University of South Alabama Compliance Statement
USA adheres to the highest standards related to the security of cardholder data and must follow the guidelines set by the PCI DSS. Compliance with this policy is mandatory for all USA faculty, staff, students, merchants, departments, organizations, third-party vendors, individuals, systems, and networks involved in accepting, processing, transmitting, storing, disposing, or have access to cardholder data. Adherence to this policy will help ensure that cardholder data is protected and kept secure from unauthorized access.
A copy of this policy must be read and signed annually by all individuals involved in the payment card process. Signed copies of this policy will be maintained by the respective departments and USA’s PCI Coordinator.
Complete Policies, Procedures, and Standards Lists