Payment Card Industry Data Security Standards (PCI DSS)

Payment Cards/PCI DSS Standards Compliance

University of Minnesota departments that accept payment cards as payment for goods and services are contractually obligated to follow the Payment Card Industry Data Security Standards (PCI DSS). The purpose of these standards is to protect cardholder data wherever it resides - ensuring that merchants and service providers maintain the highest information security standard. A listing of these standards can be found at: PCI DSS Standards.

Getting Started

The process of establishing a payment card merchant account can be found on the University of Minnesota's Policy Library. This process includes incorporation of PCI DSS standards into your business processes as well as selection of the proper method of card acceptance based upon your business need.

Training

To maintain compliance with University Policy and PCI DSS, Payment Card Managers are required to be trained upon assignment as a Payment Card Manager and annually thereafter. This training consist of the following:

A. Complete the Payment Card Manager “Security Awareness Training” videos assigned to you by Accounts Receivable Services. These short (generally about 3 minutes) training videos cover a number of important security topics such as passwords, data security, and encryption. They also provide an excellent overview of the Payment Card Industry Data Security Standards (PCI DSS), various data security risks you may be exposed to at work and at home, as well as helpful tips on how to remain compliant in this ever-changing environment.

B. Attend the New Payment Card Manager Training with the Accounts Receivable Services. This two-hour meeting is set up by Accounts Receivable Services after your assignment as the Payment Card Manager, and provides an overview of the Payment Card Industry Data Security Standards (PCI DSS), the requirements for University of Minnesota Payment Card Managers, and tips on how to remain compliant and secure in this ever-changing environment.

A. Complete the Payment Card Manager “Security Awareness Training Videos” assigned to you by Accounts Receivable Services. These short (generally about 3 minutes) training videos are assigned in June and cover a number of important security topics such as passwords, data security, and encryption. They also provide an excellent overview of the Payment Card Industry Data Security Standards (PCI DSS), various data security risks you may be exposed to at work and at home, as well as helpful tips on how to remain compliant in this ever-changing environment.

B. Attend “Payment Card Manager Refresher Training”, which is a one-hour class offered by Accounts Receivable Services. This class provides an overview of the Payment Card Industry Data Security Standards (PCI DSS), the requirements for University of Minnesota Payment Card Managers, and tips on how to remain compliant and secure in this ever-changing environment. For available training sessions, contact Accounts Receivable Services.

 

Payment Card Account Forms & Documents

Informational Videos