User login


Credit Card Acceptance and Processing Policy


Effective Date:  August 31, 2009

Latest Revision: August 28th, 2013


Policy Statement

This policy sets requirements for the acceptance and processing of credit and debit cards (credit cards) and the secure storage of credit cardholder data. 

Reasons for the Policy

The purpose of this policy is to document control procedures and requirements to ensure that cardholder data supplied to the University is secure and protected in accordance with University Policies and the Payment Card Industry Data Security Standards (PCI DSS).

Primary Guidance to Which This Policy Responds

E-Commerce: Electronic Protection of Credit Card Holder Information Policy and the Payment Card Industry Data Security Standard (PCI DSS). 

Responsible University Office

The Office of the Treasurer

Revision History

This policy was established in August 2009.

Latest Revision: August 28, 2013.

Who is Governed by this Policy

This policy applies to individuals, schools, departments, centers, institutes, and programs ("University Departments") that accept donations or sell goods, services, or information, and accept credit cards as a form of payment. 

Who Should Know This Policy

All senior business officers, department administrators and financial and administrative staff whose businesses accept credit cards as a form of payment are required to know this policy. 

Exclusions and Special Situations


Policy Text

For full policy text, please see link in right hand menu