In 2004, the major credit card companies created the Payment Card Industry (PCI) data security framework to create one standard set of information security requirements. The new security standard is now known as the PCI Data Security Standard (PCI DSS), and represents a common set of industry tools and measurements to help ensure the safe handling of sensitive information (e.g., credit card and cardholder data).
Compliance with PCI DSS is becoming more and more important for businesses of all sizes. Many financial institutions are requiring PCI compliance in order to process and handle credit card information — and instituting fines for non-compliance.
The PCI standard impacts businesses that process or store credit cardholder data. Types of credit card processing systems include:
- Point-of-Sale devices
- Personal computers or servers
- Web shopping applications
- Paper-based systems
Compliance with the PCI-DSS standard will prevent security breaches and mitigate theft of payment card data. Non-compliance could be disastrous for your business and possible negative consequences may include:
- Insurance claims
- Cancelled accounts
- Payment card issuer fines
- Government fines
How BlumShapiro Can Help:
Many businesses may be required to complete a PCI self-assessment questionnaires (SAQ). BlumShapiro has developed an approach to help businesses understand the type of SAQ they are required to complete, as well as assist with completing the SAQ.
The SAQ can be as few as 13 questions or over 280 questions depending on the SAQ category. The process can be complicated and confusing. BlumShapiro can work with you to help your organization understand which SAQ to fill out, assist in completing the form and help your organization take the necessary steps to ensure compliance.
Performing an assessment will ensure compliance with the PCI standards and also help to alleviate vulnerabilities and protect cardholder data.
Please contact us today to learn more about our PCI Compliance services.