The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard, created to help organizations that process card payments prevent card fraud through increased controls around data and its exposure to compromise. It is the global data security standard that any business, of any size, must adhere to in order to accept payment cards, store, process, and/or transmit cardholder data.
If your business accepts credit card payments then you must work towards and become compliant. You must:
- Ensure that any communications that are being used to transmit payment card data across a network connection provided by the University are sufficiently encrypted (e.g HTTPS, SSH)
- Ensure that Payment Card Industry Data Security Standard (PCI DSS) compliance is duly met and maintained for any payment card processing. The University is not responsible for tenants PCI DSS compliance.
Further details on working towards compliance can be found at: www.pcisecuritystandards.org