Credit Card (PCI DSS): Payment Card Industry Data Security Standards

Our Commitment to PCI-DSS Compliancy

In light of the heightened emphasis by the Card Brands surrounding the handling of credit card information, UofL is taking stringent measures to insure our methods for accepting and transmitting cardholder data are secure.   This is in response to recent mandates and recommendation from the PCI Security Council.

It is only through the cooperation and adherence to the policies and procedures by all merchants under the university and health science structure can validation of UofL compliance be achieved.  To come full circle in this endeavor, proper documentation, formalized training and finally, attestation in self assessment questionnaires will solidify our intent from the merchant level.

Our infrastructure will be scrutinized by implementing scanning and penetration testing to determine any weakness in our network security related to credit card processing.   Advanced notification may be conveyed to those departments subject to these scans.

The combined efforts of Treasury Management, Information Security and Information Technology will lead the effort to proceed in the direction that warrants approval from our processor Elavon/USBank.  We are confident in reaching our goal with the dedication and commitment from you as the UofL merchant.

Regards,

Jill Riede, Merchant Services Manager
David M. Woods, Assistant Treasurer