Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Compliance.

Published byThomasine Wood Modified over 6 years ago

Similar presentations

Presentation on theme: "Data Compliance."— Presentation transcript:

1 Data Compliance

2 Agenda Introduction Define PCI/PII Why should I care?
Regulations Penalties Customer How does this impact me? Office personnel Remote personnel What should I do? Understanding your responsibility Reporting an incident Questions

3 Introduction Joe Myers
Business Applications Manager, Radio Systems Corporation Blue, GPS CRM, Warranty Tracker Oracle InvisibleFence.COM Husband, father, musician, nerd Brief work history (~15 years of software-related exp) SCADA Engineer at Knoxville Utilities Board Software Development at Pilot Travel Centers and Skillsoft Compliance Learning Database Development and Maintenance at Radio Systems Corporation

4 PCI Defined Payment Card Institute Data Security Standard (PCI DSS) is a set of requirements when you accept credit card payments. This is regulated and enforced by the banking institutions. Failure to comply can result in your business not being able to accept credit cards. 769 participating council members All major credit cards and the supported banking institutions

5 PCI Defined PCI Compliance Level 1 Over 6 million Visa and/or MasterCard transactions processed per year (Annual Report of Compliance – Auditor) PCI Compliance Level 2 1 million to 6 million Visa and/or MasterCard transactions processed per year (Self Assessment + Attestation of Compliance) PCI Compliance Level 3 20,000 to 1 million Visa and/or MasterCard e-commerce transactions processed per year (Self Assessment) PCI Compliance Level 4 (most distributors and dealers) Less than 20,000 Visa and/or MasterCard e-commerce transactions processed per year all other companies that process up to 1 million Visa transactions per year (Self Assessment)

6 PCI Defined PCI Security Standards PCI Quick Reference
PCI Quick Reference

7 Why Should I Care? Love Thy Customer
One mistake could impact ALL distributors & dealers Reduction in sales Failure to comply can result in: Fines ($100 - $1000 per effected customer) Raises you to highest PCI Level, immediately Quarterly bank audit Inability to take cards

8 How Does This Impact Me? Office Personnel Field Personnel
Card Data Environment Systems Phones/ Field Personnel Contracts

9 Protect from this..

10 And even this…

11 What Should I Do? Understanding your responsibilities
Card Data Environment (CDE) Policy Reporting Reporting an incident Who What When

12 What Should I Do? Card Data Environment
Be aware of others around you when taking payments Over the phone? Don’t repeat back the whole credit card info with others around. DO NOT write the info down, if you HAVE to, shred it when done DO NOT send credit card information in !

13 What Should I Do? Policy Document the DONTs and
make sure your team knows the rules and abides by them.

14 What Should I Do? CRM – you are covered. Radio Systems Corporation handles the system compliance E-Fence – Attestation of Compliance (AOC) Cloud Version Use something else? It’s your responsibility to ensure compliance Secure hardware, software Get AOCs if applicable Documentation User education Yearly reporting to your bank

15 What Should I Do? Reporting
Depending on your level of PCI, most will self-assess Most will use the SAQ C-VT, SAQ C or SAQ D for Merchant forms SAQ = Self Assessment Quesetionaire

16 Reporting an Incident Call your merchant provider / bank
Depending on the situation, call local law enforcement

17 Wrap Up Questions?

18 Thanks

Download ppt "Data Compliance."

Similar presentations

How Compliance Fits Sandra Dolson Wholesale Compliance Manager SLF Canada.

How Compliance Fits Sandra Dolson Wholesale Compliance Manager SLF Canada.
Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
ISACA January 8, 2013. IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.

ISACA January 8, IT Auditor at Cintas Corporation Internal Audit Department Internal Security Assessor (ISA) Certification September 2010 Annual.
October 28, 2013. Who? What? When? Why? Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect.

October 28, Who? What? When? Why? Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect.
What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.

What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.
National Bank of Dominica Ltd. 2011 Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.

National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.

Evolving Challenges of PCI Compliance Charlie Wood, PCI QSA, CRISC, CISA Principal, The Bonadio Group January 10, 2014.
.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.

.. PCI Payment Card Industry Compliance October 2012 Presented By: Jason P. Rusch.
Navigating the New SAQs (Helping the 99% validate PCI compliance)

Navigating the New SAQs (Helping the 99% validate PCI compliance)
Merchant Card Processing (PCI Compliance for Supervisors) Sponsored by UW-Platteville’s Financial Services and The Office of Information Security.

Merchant Card Processing (PCI Compliance for Supervisors) Sponsored by UW-Platteville’s Financial Services and The Office of Information Security.
Complying With Payment Card Industry Data Security Standards (PCI DSS)

Complying With Payment Card Industry Data Security Standards (PCI DSS)
This refresher course will:

This refresher course will:
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
Accepting Credit Cards and PCI Compliance

Accepting Credit Cards and PCI Compliance
Property of CampusGuard Compliance With The PCI DSS.

Property of CampusGuard Compliance With The PCI DSS.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
Credit Card Changes that Impact You! Changes to Accounts Receivable, Cash Receipts and Student Billing 7.77 Wanda Mahon & Bucky Wall Corporate Readiness.

Credit Card Changes that Impact You! Changes to Accounts Receivable, Cash Receipts and Student Billing 7.77 Wanda Mahon & Bucky Wall Corporate Readiness.

Similar presentations

Ads by Google