Re: PCI Compliance Policies

[Theresa M Rowe <rowe () OAKLAND EDU>]

The date doesn't appear on the PCI site, but our bank and other orgs are giving this date -
For example 
http://www.gfi.com/security/pci.htm
Furthermore, PCI DSS compliance needs to be achieved by September, 2007 – this is the deadline posed by credit card 
companies. Organizations that fail to comply face fines of up to $500,000 if the data is lost or stolen and risk not 
being allowed to handle cardholder data. 

http://searchsmb.bitpipe.com/detail/RES/1178314942_651.html
Most retailers and solutions providers believe that September, 2007 will be the true deadline after which Visa will 
begin levying fines on acquirers whose merchants who are not compliant with the standard. 


---- Original message ----
> Date: Thu, 19 Jul 2007 12:20:04 -0500
> From: Roger Safian <r-safian () northwestern edu>  
> Subject: Re: [SECURITY] PCI Compliance Policies  
> To: rowe () oakland edu, SECURITY () LISTSERV EDUCAUSE EDU
>
> At 12:14 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:
> > Is ANYONE going to be compliant by the September deadline??  Did you use a 
> > consultant to get there?
>
> What is the September deadline?  I thought compliance was supposed to start
> on 1/1/06?  
>
> FWIW, we're still working on compliance...it's pretty time consuming.
>
>
> -- 
> Roger A. Safian 
> r-safian () northwestern edu (email) public key available on many key servers.
> (847) 491-4058   (voice)
> (847) 467-6500   (Fax) "You're never too old to have a great childhood!"
Theresa Rowe
Assistant Vice President
University Technology Services
www.oakland.edu/uts - the latest news from University Technology Services