Conferences & Events
Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
The Payment Card Industry Data Security Standard (PCI DSS) first came on the scene in 2005 as a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.
To the extent that colleges and universities accept credit card payments for tuition, fees, conference registrations, or other services, institutions of higher education will have contractual obligations to fulfill the data security standards established by the payment card industry. Some colleges and universities have begun to consider the standards as a potential model for the handling of all types of sensitive data at their institutions and are exploring the extension of the standards to other types of information collected, stored, and distributed on campus networks.
To learn more about PCI DSS version 3.0, the PCI Security Standards Council offers a Quick Reference Guide (PDF).
The Treasury Institute for Higher Education has been the focal point for helping colleges and universities to become PCI DSS compliant, hosting several workshops for the higher education community. In partnership with the National Association of College and University Business Officers (NACUBO), the Treasury Institute represent the business and financial interests of institutions of higher education. Additionally, information security officers and other IT staff from colleges and universities have attended the workshops and several institutions have been actively pursuing PCI DSS compliance for their institution. The Treasury Institute has also published a whitepaper for higher education and a checklist of best practices.
The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The PCI Security Standards Council’s mission is to enhance payment account data security by fostering broad adoption of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International.
For the latest PCI DSS news and information, visit the Treasury Institute's blog.
Library Items on this Topic
EDUCAUSE Library Items for PCI DSS
- PCI DSS
PCI DSS True Introduction The Payment Card Industry …
- PCI DSS 3.0: What Higher Education IT Needs to Know
March 24, 2014
Key Takeaways Higher education leaders don't always know PCI compliance expectations for payment systems at their institutions despite the impacts on information security for …
- Enterprise Content-Aware DLP Solution Comparison and Select Vendor Profiles
May 14, 2013
This Gartner report covers content-aware data-loss prevention, which has grown up and is on the verge of becoming a standard part of security architecture. A small set of vendors dominate a major…
- Cornell University Accepting Credit Cards to Conduct University Business
January 22, 2013
This is Cornell University's policy on Accepting Credit Cards to Conduct University Business. This is Cornell University's policy on Ac…
- Unviersity of Minnesota Accepting Revenue Via Payment Cards
December 1, 2009
This is the Unviersity of Minnesota policy on Accepting Revenue Via Payment Cards. This is the Unviersity of Minnesota policy on Accepting Revenu…
- Unviersity of Utah Policy on Payment Card Acceptance
August 23, 2009
This policy governs the acceptance of payment cards (e.g. Visa, MasterCard, American Express, and Discover) by the University of Utah. This pol…
- KUMC Payment Card Acceptance Operational Protocol (PCI)
August 8, 2013
The University of Kansas Medical Center (KUMC) PCI DSS policy seeks to apply best security practices to protect against the exposure and possible theft of account and personal cardholder informat…
- NDSU Guidelines for Protecting Sensitive Data
February 20, 2014
This NDSU website includes important information for NDSU employees to follow when dealing with personal and confidential data. This NDSU website…
- University of British Columbia: PCI Compliance Resources
June 1, 2013
This web site is the University of British Columbia's PCI-DSS resource page for its merchants. The site includes their PCI-DSS policy, guidelines, and templates. …
- 2011 Security Professionals Online Conference: View Program, Register Now
March 4, 2011
Unable to attend the 2011 Security Professionals Conference in person this year? You can now learn and network with colleagues without leaving your campus. Program details are now available f…