GVSU Payment Card Industry (PCI) Compliance

What is PCI?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment.  Any merchant that has a Merchant ID (MID) must comply and for the purposes of PCI DSS, GVSU is considered a merchant.


What is GVSU's responsibility?

Grand Valley State University has a responsibility to comply with PCI DSS.  To that end, the University has created an internal PCI compliance committee to:

  1. Comply with PCI compliance policies set forth by industry
  2. Create internal policies and procedures to protect cardholder data
  3. Inform and train GVSU personnel who process cardholder data
  4. Perform an annual review for compliance

NOTE:  All suspected security breach incidents should immediately be brought to the attention of the Director of Information Technology or any other member of the senior IT management for investigation.  Contact the Office of Information Technology at 616-331-2035.

Page last modified April 18, 2014