User login

Close
 

Credit Card Acceptance and Processing Policy

 

Effective Date:  August 31, 2009

Latest Revision: October 31, 2016

                                                                                                             

Policy Statement

This policy establishes the requirements for the acceptance and processing of credit card payments and for the protection of CardholderData in accordance with the Payment Card IndustryData Security Standards (PCIDSS).

 

Reasons for the Policy

The reason for this policy is to set the standard for protecting Cardholder Data supplied to the University or any Third Party Service Provider acting on behalf of the University.

 

Primary Guidance to Which This Policy Responds

This policy responds to the applicable PCI DSS requirements and University policies relevant to the protection of Cardholder Data. This policy does not supersede any Card Brand rules or federal or state law.

 

Responsible University Office

The Office of the Treasurer

 

Revision History

This policy was established in August 2009.

Revision(s): July 9, 2012; August 28, 2013

Latest revision: October 31, 2016

.

Who is Governed by this Policy

All internal University personnel who handle Cardholder Data or can impact the security of the CU Merchant’s Cardholder Data Environment are governed by this policy.

 

Who Should Know This Policy

All University personnel and any Third Party Service Provider acting on behalf of the University who handle Cardholder Data or can impact the security of the CU Merchant’s Cardholder Data Environment should know this policy.

 

Exclusions and Special Situations

None

 

Policy Text

 

To see the full text of this policy, please use the link on the right.