Technology Procedure Categories
PCI eCommerce (non-Merchant of Record) policy
This procedure outlines the processes and requirements surrounding the use and protection of Credit Cards, via eCommerce payment channel where Wayne State College is not the Merchant of Record.
When Was This Policy Updated?
April 6, 2017
Who Should Read This Procedure?
WSC Staff involved with services with process payments through this payment channel.
- PAN – Primary Account Number
- NATS – Network and Technology Services
- ISPC – Information Security Program Coordinator – currently the Chief Information Officer
- Business Service Owner – the department manager or administrator responsible for the credit card processing service
- PCICC - PCI compliance committee – The body convened by the ISPC to oversee compliance with and management of services using credit cards to receive payment. The membership of the PCICC will include the ISPC, the Comptroller, one or more representatives from NATS as appointed by the ISPC, and one or more Business Service Owners.
Other related policies
WSC PCI base policy
Any institution or business taking payments for goods and services should accept credit card payments, it is expected, WSC is no exception. With that service comes a certain level of risk and trust. That trust is established by WSC’s ability to protect customers’ information from that risk. To accomplish this, we must follow certain procedural and technical guidelines.
In keeping with current best practices and guidelines any person involved in accepting credit card information either via telephone or in person on behalf of Wayne State College must adhere to the following guidelines in accordance with their role:
- No additional responsibilities
Last Updated: 4/6/2017