Welcome to the section of our site where you may download our recent news items and publications or subscribe to our regular legal updates.
Practice area All Business - Banking Business - Brands Business - Charities and not-for-profit Business - Commercial litigation & arbitration Business - Corporate Business - Corporate finance Business - Cultural assets & art Business - Employment Business - Financial services regulatory Business - Funds, investments, tax & trusts Business - Hotels Business - Insolvency Business - IP, media & reputation management Business - Italy Business - Legal risk management Business - Real estate Business - Tax Personal - Cultural assets & art Personal - Divorce & family law Personal - Elder law Personal - Employment Personal - Family office & family business Personal - Financial services regulatory Personal - Italy Personal - Landed estates Personal - Legal risk management Personal - Litigation Personal - Philanthropy & charitable giving Personal - Probate & trust management Personal - Residential real estate Personal - Tax Personal - Trust & succession disputes Personal - Wealth structuring Personal - Wills & succession planning
Type of publication All Brochures Legal Updates and Articles News Newsletter
Published between 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 1 2 3 4 5 6 7 8 9 10 11 12 2002 2003 2004 2005 2006 2007 2008 2009 2010
and 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 1 2 3 4 5 6 7 8 9 10 11 12 2002 2003 2004 2005 2006 2007 2008 2009 2010
Keywords
Search
05 October 2009
The Payment Card Industry Data Security Standard or (‘PCI DSS') was developed by the founding Payment Branch of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB MasterCard Worldwide and Visa International. The PCI Security Council describe PCI DSS as a "multifaceted security standard that includes requirements for security management, policies and procedures, network architecture, software design and other critical protective measures" Its purpose is to help organisations, including charities, proactively protect customer account data.
The PCI DSS applies to every charity, regardless of size, which:
Failure to comply may lead to a charity being fined by the bank that processes the charity's transactions or having their privileges removed by the credit card company.
The PCI DSS sets out a number of requirements which must be met by all those caught by the Standard which are as follows:
Organisations not only need to comply with these requirements, but must also have that compliance validated. The level of validation required depends upon the number of transactions carried out per year:
Most charities will fall within level 4 with fewer than 20,000 transactions per year and these will require an external network vulnerability scan conducted quarterly by an accredited security firm and satisfactory completion of an annual self-assessment questionnaire.
For more information about PCI DSS and related compliance matters contact David Dannreuther.
Download this page as a PDF
David Dannreuther
Tel: +44 (0)20 7597 6075
Email me