Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
PCI Council offers guidance on 3rd-party contracts
PRINCETON, N.J. (8/11/14)--The Payment Card Industry (PCI) Data Security Standards Council has issued guidance to help financial institutions and retailers minimize the risk associated with third-party contracts and payment breaches.
 
Among the areas covered in the guidance are third-party due diligence, service provider requirements and compliance and written agreement policies and procedures.
 
About 65% of data breaches involve a third party, PCI Council Chief Technology Officer Troy Leach told Bank Info Security (Aug. 7).
 
"The use of a third-party service providers (TPSP) does not relieve the entity of ultimate responsibility for its own PCI compliance, or exempt the entity from accountability and obligation for ensuring that its cardholder data and card holder data environment are secure," the paper said. "Clear policies and procedures should therefore be established between the entity and its TPSPs for all applicable security requirements, and proper measures should be developed to manage and report on the requirements."
 
Because about 45% of card breaches involve retailers, Leach said the council decided to offer additional guidance on PCI obligations related to third-party contracts and services.
 
The guidance addresses best practices rather than new requirements, Leach said.
 
To listen to a Bank Info Security interview with Leach, use the link.
RSS





print
News Now LiveWire
What role are #creditunions playing in @gatesfoundation's 2030 vision of financial services? Read #NewsNow Monday
1 day ago
Consumers fear inaccurate info lingers on credit reports, says @FTC study Read @CUNA's News Now: http://t.co/RzNLMnaROO
1 day ago
@PCUA has formed a @LinkedIn networking group for former bankers turned #creditunion employees.
1 day ago
.@politico reports Democrats haven't picked the city yet, but their 2016 convention will be held the week of July 25.
1 day ago
.@cuna, @DCUC_HQ urge @CFPB to exempt #CUs from changes to Military Lending Act rules cuz CUs aren't part of the targeted problem. NN Monday
1 day ago