Financial Information - PCI Compliance
Cardholder information is protected by the Payment Card Industry Data Security Standards (PCI-DSS). PCI-DSS was first developed by the PCI Security Standards Council in 2006. The Council was founded by five global payment brands – American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and VISA Inc – and each have agreed to incorporate the PCI DSS into each of their own data security programs.
Resources, Policies and Related Links
The Office of the Treasurer is responsible for the overview of all departments that accept credit cards as payment for goods and services.
The Office of the Treasurer along with the Division of IT, Information Security and Access Management monitors and assists any departments accepting payments online (commonly referred to as e-commerce).
Things to Remember
PCI Compliance applies to all University departments that store, process, or transmit credit card data regardless of how the payment is accepted. If a University department accepts credit card as payment in person, over the phone, or online, they are subject to the security standards outlined in the PCI-DSS.
Office of the Treasurer: http://www.umsystem.edu/ums/fa/treasurer/
For legal assistance, please contact the Office of the General Counsel at http://www.umsystem.edu/ums/gc/