Main Nav


The Payment Card Industry Data Security Standard (PCI DSS) first came on the scene in 2005 as a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

To the extent that colleges and universities accept credit card payments for tuition, fees, conference registrations, or other services, institutions of higher education will have contractual obligations to fulfill the data security standards established by the payment card industry. Some colleges and universities have begun to consider the standards as a potential model for the handling of all types of sensitive data at their institutions and are exploring the extension of the standards to other types of information collected, stored, and distributed on campus networks.


The Treasury Institute for Higher Education has been the focal point for helping colleges and universities to become PCI DSS compliant, hosting several workshops for the higher education community. In partnership with the National Association of College and University Business Officers (NACUBO), the Treasury Institute represent the business and financial interests of institutions of higher education. Additionally, information security officers and other IT staff from colleges and universities have attended the workshops and several institutions have been actively pursuing PCI DSS compliance for their institution. The Treasury Institute has also published a whitepaper for higher education and a checklist of best practices.

The PCI Security Standards Council is an open global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. The PCI Security Standards Council’s mission is to enhance payment account data security by fostering broad adoption of the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International.

For the latest PCI DSS news and information, visit the Treasury Institute's blog.

Library Items on this Topic


Annual Conference
September 29–October 2
Register Now!

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.


Digital Badges
Member recognition effort
Earn yours >

Career Center

Leadership and Management Programs

EDUCAUSE Institute
Project Management



Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.


EDUCAUSE organizes its efforts around three IT Focus Areas



Join These Programs If Your Focus Is


Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.



2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations

Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.