First, we are not providing legal advice, but want to make you aware of the PCI compliance concerns if you process credit cards.
You may be at risk of fines, legal risk, or even jail time depending on which state you operate in if you violate the Payment Card Industry Data Security Standards – PCI-DSS Compliant requirements. As a customer, you want to make sure that the businesses you give your credit card to are PCI complaint too.
Here are the PCI basics:
- Credit card companies want to stop fraud and are requiring organizations be PCI-DSS compliant.
- Merchants that accept even one credit card a year fall under PCI-DSS requirements. This includes:
- Retail Establishments
- Every company that accepts credit cards in any way
- The requirements vary depending on several factors.
- Even organizations that accept almost no cards must complete a 15 question questionnaire and have official documents from their processors – even if you never use a computer to process credit cards.
- Other organizations must fill out longer questionnaires with more than 200 questions and, depending on several factors, may need to have a PCI assessor visit once a year.
- Many organizations are also required to have internal and external vulnerability scans and penetration tests on their networks.
- PCI is not a one-time event; your compliance needs to be constantly examined and updated.
- Our IT Security Consultant, Mike Foster, The Foster Institute, Inc. wants to help you reduce your exposure to credit and debit card fraud and to comply with the PCI-DSS standards.
- The PCI requirements can be confusing to understand and Mike Foster can help you become PCI compliant and keep your network safe. He’s great to work with and you’ll never find a nicer, more talented guy to secure your network and valuable company assets.
Prime Concepts is PCI Compliant and we don’t store credit card data digitally or physically after processing.