Overview
In accordance with Payment Card Industry Data Security Standards (PCI DSS) requirements, Stanford University has established a formal policy and supporting procedures for payment systems and service vendors evaluation. This policy is to be implemented immediately. It will be evaluated on an annual basis for ensuring its adequacy and relevancy regarding Stanford University’s needs and goals.
Policy
Stanford University is a PCI Merchant, but not a PCI Service Provider.
Stanford University is a compliant PCI merchant, who processes and transmits payment card data only for Stanford’s merchant departments with a valid Merchant ID and account (MID) that is approved and setup by FMS Office Of Treasury Merchant Services - merchants.stanford.edu.
Stanford University does not provide PCI infrastructure, network or eCommerce systems for other companies to process, transmit or store payment card data.
Responsibility for Policy Maintenance
UIT’s PCI Compliance service is responsible for ensuring that the aforementioned policy is kept current as needed for purposes of compliance with the Payment Card Industry Data Security Standards (PCI DSS) initiatives.
