Stanford Submits PCI Compliance Validation for 2019

At the end of every calendar year, Stanford is required to provide evidence that the university as a whole has been compliant with the Payment Card Industry Data Security Standard (PCI DSS).

UIT recently submitted Stanford’s PCI DSS compliance validation to the Payment Card Industry according to the requirements issued by PCI Security Standards Council, an organization founded by American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc.

The University IT (UIT) PCI Compliance team collaborates with Financial Management Services (FMS) and the UIT Information Security Office, Networking, Infrastructure Operations, Technical Services, ADAPT Development, and CRC teams to support Stanford’s PCI infrastructure and applications for securing credit and debit card processing and transmission. The PCI Compliance team also collaborates with 80 departments across Stanford to ensure both industry and Stanford security standards are met. Meeting the annual deadline is a great collaborative accomplishment, especially when the security standards that need to be met change every few years. “The UIT team works tirelessly to prevent any breach and large industry fines by protecting cardholders’ information,” said Corrina Petriceks, senior director of Compliance Services in UIT’s Enterprise Technology. ​

Preparing for a new release

The PCI Compliance team is gearing up for a new release of PCI DSS compliance guidelines, which will be published in 2020. If your work involves meeting payment card industry data security standards, please stay tuned for additional information.

Resources

• Visit the PCI Security Standards Council Website
• Visit the Stanford PCI Compliance Website
• Inspection Procedure for PCI POS Devices for Merchants