Educause Security Discussion
mailing list archives
Re: PCI Compliance Policies
From: Theresa M Rowe <rowe () OAKLAND EDU>
Date: Thu, 19 Jul 2007 13:30:48 -0400
The date doesn't appear on the PCI site, but our bank and other orgs are giving this date -
Furthermore, PCI DSS compliance needs to be achieved by September, 2007 – this is the deadline posed by credit card
companies. Organizations that fail to comply face fines of up to $500,000 if the data is lost or stolen and risk not
being allowed to handle cardholder data.
Most retailers and solutions providers believe that September, 2007 will be the true deadline after which Visa will
begin levying fines on acquirers whose merchants who are not compliant with the standard.
---- Original message ----
Date: Thu, 19 Jul 2007 12:20:04 -0500
From: Roger Safian <r-safian () northwestern edu>
Subject: Re: [SECURITY] PCI Compliance Policies
To: rowe () oakland edu, SECURITY () LISTSERV EDUCAUSE EDU
At 12:14 PM 7/19/2007, Theresa M Rowe put fingers to keyboard and wrote:
Is ANYONE going to be compliant by the September deadline?? Did you use a
consultant to get there?
What is the September deadline? I thought compliance was supposed to start
FWIW, we're still working on compliance...it's pretty time consuming.
Roger A. Safian
r-safian () northwestern edu (email) public key available on many key servers.
(847) 491-4058 (voice)
(847) 467-6500 (Fax) "You're never too old to have a great childhood!"
Assistant Vice President
University Technology Services
www.oakland.edu/uts - the latest news from University Technology Services