Home page logo

educause logo Educause Security Discussion mailing list archives

Re: PCI Compliance Policies
From: Theresa M Rowe <rowe () OAKLAND EDU>
Date: Thu, 19 Jul 2007 13:30:48 -0400

The date doesn't appear on the PCI site, but our bank and other orgs are giving this date -
For example 
Furthermore, PCI DSS compliance needs to be achieved by September, 2007 – this is the deadline posed by credit card 
companies. Organizations that fail to comply face fines of up to $500,000 if the data is lost or stolen and risk not 
being allowed to handle cardholder data. 

Most retailers and solutions providers believe that September, 2007 will be the true deadline after which Visa will 
begin levying fines on acquirers whose merchants who are not compliant with the standard. 

---- Original message ----
Date: Thu, 19 Jul 2007 12:20:04 -0500
From: Roger Safian <r-safian () northwestern edu>  
Subject: Re: [SECURITY] PCI Compliance Policies  
To: rowe () oakland edu, SECURITY () LISTSERV EDUCAUSE EDU

At 12:14 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:
Is ANYONE going to be compliant by the September deadline??  Did you use a 
consultant to get there?

What is the September deadline?  I thought compliance was supposed to start
on 1/1/06?  

FWIW, we're still working on compliance...it's pretty time consuming.

Roger A. Safian 
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058   (voice)
(847) 467-6500   (Fax) "You're never too old to have a great childhood!"

Theresa Rowe
Assistant Vice President
University Technology Services
www.oakland.edu/uts - the latest news from University Technology Services

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]