Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
PCI Council offers guidance on 3rd-party contracts
PRINCETON, N.J. (8/11/14)--The Payment Card Industry (PCI) Data Security Standards Council has issued guidance to help financial institutions and retailers minimize the risk associated with third-party contracts and payment breaches.
 
Among the areas covered in the guidance are third-party due diligence, service provider requirements and compliance and written agreement policies and procedures.
 
About 65% of data breaches involve a third party, PCI Council Chief Technology Officer Troy Leach told Bank Info Security (Aug. 7).
 
"The use of a third-party service providers (TPSP) does not relieve the entity of ultimate responsibility for its own PCI compliance, or exempt the entity from accountability and obligation for ensuring that its cardholder data and card holder data environment are secure," the paper said. "Clear policies and procedures should therefore be established between the entity and its TPSPs for all applicable security requirements, and proper measures should be developed to manage and report on the requirements."
 
Because about 45% of card breaches involve retailers, Leach said the council decided to offer additional guidance on PCI obligations related to third-party contracts and services.
 
The guidance addresses best practices rather than new requirements, Leach said.
 
To listen to a Bank Info Security interview with Leach, use the link.
RSS





print
News Now LiveWire
Registration lottery for #CreditUnion #CherryBlossom Ten Mile Run opens Monday, Dec. 1 http://t.co/AGkKPof5Fy. Race is April 12
1 hours ago
The turkey hasn't even been served and #creditunions are already making plans for #GivingTuesday
3 hours ago
.@bankofamerica's $16.65 billion 'toxic mortgage' settlement finalized http://t.co/BIq1QyImXG
4 hours ago
RT @CUNA: #NussleReport: ICYMI: Revised RBC proposal in January w/a 90-day comment period #Fix RBC http://t.co/T4JcvWBDse
6 hours ago
.@TheNCUA release on Nov. prohibition orders out already. Here: http://t.co/YkA1QIYbYa
6 hours ago