Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PCI Compliance Policies

From: Roger Safian <r-safian () NORTHWESTERN EDU>
Date: Thu, 19 Jul 2007 12:56:31 -0500
At 12:30 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:

The date doesn't appear on the PCI site, but our bank and other orgs are giving 
this date -
For example 
http://www.gfi.com/security/pci.htm
Furthermore, PCI DSS compliance needs to be achieved by September, 2007 ­ this 
is the deadline posed by credit card companiees. Organizations that fail to 
comply face fines of up to $500,000 if the data is lost or stolen and risk not 
being allowed to handle cardholder data. 


Are you a new level 2 merchant?  See 
<http://usa.visa.com/merchants/risk_management/cisp_merchants.html?it=c|/merchants/risk_management/cisp_overview.html|Merchants>
.

AFAIK, the credit card companies have already assessed fines.


-- 
Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"
Previous By Date Next
Previous By Thread Next

Current thread: