PCI DSS and UK

We have an obligation to protect sensitive financial information, such as credit card data, of the University's customers. That is what PCI DSS is about.

The payment card industry, which includes VISA, MasterCard, American Express, Discover, and JBL, has issued new security standards to which all organizations that accept credit card data must comply. These new standards are called Payment Card Industry Data Security Standards, or PCI DSS. These standards have placed additional responsibilities on your department in connection with the acceptance of payment cards. Without compliance, the card industry may refuse to allow you to process credit cards or issue fees and fines for noncompliance. Therefore, every UK office that accepts credit cards must become PCI DSS compliant.

Credit card breaches happen proportionately more in higher education due in part to decentralized processing systems and open networks. Departments may think of PCI compliance as an Information Technology or Treasury issue, when in reality it is the responsibility of every department that accepts credit cards.

When a university implements a PCI compliance plan it not only protects itself, but also its students and employees. The Office of the Treasurer is coordinating a PCI compliance program to assess UK's compliance with the PCI standards, to educate University administrators, faculty, and staff on PCI, and to assist departments in the compliance process.

This website is designed to introduce you to this issue and give you an idea of what you can expect in the future. Thank you for educating yourself on this topic and for treating it with the respect it deserves.

Kevin Sisler, Merchant Card Services Director

Links

To find out if your point of sale system or web payment processor is PCI DSS compliant, check these links:

Following are some useful links to learn more about the PCI DSS standards:

WARNING: Some Web sites to which these materials provide links for the convenience of users are not managed by the University of Kentucky. The University does not review, control, or take responsibility for the contents of those sites.

Text Only   © University of Kentucky   Contact Us   Last updated:  5/2/12   An Equal Opportunity University