- Location
The PCI DSS (Payment Card Industry Data Security Standard) has been in place for more than 15 years. In that time, the standard has been updated through three major revisions, including the release of version four in the first quarter of 2022.
Higher education institutions find themselves in a challenging position: needing to manage compliance, security, and service delivery to a wide variety of business units and stakeholders. This session will address common misconceptions and challenges regarding PCI in higher education institutions, including:
- IT tells us they have this covered/addressed — it is an IT issue, not a business issue
- The card data is all encrypted, so we don’t have to worry about it
- We outsource to vendor “XYZ” so we are not responsible for compliance
- No one has asked us for a compliance report
- There is no electronic card holder data in our VoIP system or our data warehouse or...
We’ll describe the latest updates to the compliance standard, address common challenges in adhering to PCI DSS, and provide attendees with clear strategies for how your institution can manage risk and compliance needs related to credit card security.
At this end of this session, you will be able to:
- Identify how the core elements of the PCI DSS apply to higher education institutions
- Recognize key challenges in managing a PCI compliance program
- Recall how a well-functioning PCI compliance program can support and enhance an institution’s risk management program
Who should attend
This session is designed for data security and financial professionals in higher education.