Payment Card Industry Data Security Standards (PCI-DSS)
The University is committed to protecting and preserving the privacy and security of payment card data collected and processed in connection with University business. PCI DSS supports this goal by establishing requirements for the secure handling and processing of payment card data.
Members of the University community share responsibility for protecting payment card information and data. The University is committed to ensuring that all payment card transactions are properly secured. All cardholder data is classified as Restricted under the University’s Information Classification Policy, and must be protected accordingly. Appropriate practices and procedures for the use, processing, and destruction of payment cards and associated data must be followed without exception, and in accordance with Georgetown University’s PCI-DSS Security Policy.
PCI Compliance Responsibility
Collectively, everyone who has any part in handling card holder data is responsible for PCI Compliance. PCI responsibilities are centrally managed through the Office of the Chief Financial Officer and tracked by Revenue and Receivables with the help of the Service Center Coordinators.
Informational material around PCI Compliance
As a part of the universities annual compliance program, all applicable staff have access to our PCI Training material. Additional information surrounding our PCI Compliance program can be found in our policies section.