Home > Security > Compliance > Security-Related Regulations and Standards > Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard

Any University unit that collects credit card information (Visa, MasterCard, American Express) must have security controls in place that comply with the Payment Card Industry Data Security Standard ("PCI"). These security controls include:

Must be protected behind a University network firewall.
Encrypt and protect cardholder data when either stored or transmitted.
Identify and protect systems from security vulnerabilities.
Implement strong access control measures that restrict access to credit card data.
Monitor and test networks to ensure the integrity and confidentiality of credit card data is maintained.

Maintain an information security policy that addresses security controls and procedures.

For more information on complying with PCI, contact the Technology Help Desk at 412 624-HELP [4357].

Computing Services and Systems Development, University of Pittsburgh

Help >

Email & Accounts >

Software >

Network & Web >

Web Portal >

Security >

Telephone >

About >

Payment Card Industry Data Security Standard

View information for:

Affiliation:

Op. System:

Search

Help

Security-Related Regulations and Standards